On 23/01/2019 23:47, Zebediah Figura wrote:
On 1/23/19 1:39 AM, Zhiyi Zhang wrote:
On 23/01/2019 10:17, Zebediah Figura wrote:
On 12/18/18 10:20 AM, Zhiyi Zhang wrote:
Signed-off-by: Zhiyi Zhang
<zzhang(a)codeweavers.com>
---
dlls/setupapi/devinst.c | 139 ++++++++++++++++++++++++
dlls/setupapi/setupapi.spec | 2 +-
dlls/setupapi/tests/devinst.c | 194 +++++++++++++++++++++++++++++++++-
include/setupapi.h | 2 +
4 files changed, 335 insertions(+), 2 deletions(-)
diff --git a/dlls/setupapi/devinst.c b/dlls/setupapi/devinst.c
index 55746562c8..556bba4684 100644
--- a/dlls/setupapi/devinst.c
+++ b/dlls/setupapi/devinst.c
@@ -327,6 +327,28 @@ static WCHAR *get_refstr_key_path(struct
device_iface *iface)
return path;
}
+static BOOL is_valid_property_type(DEVPROPTYPE prop_type)
+{
+ DWORD type = prop_type & DEVPROP_MASK_TYPE;
+ DWORD typemod = prop_type & DEVPROP_MASK_TYPEMOD;
+
+ if (type > MAX_DEVPROP_TYPE)
+ return FALSE;
+ if (typemod > MAX_DEVPROP_TYPEMOD)
+ return FALSE;
+
+ if (typemod == DEVPROP_TYPEMOD_ARRAY
+ && (type == DEVPROP_TYPE_EMPTY || type == DEVPROP_TYPE_NULL
|| type == DEVPROP_TYPE_STRING
+ || type == DEVPROP_TYPE_SECURITY_DESCRIPTOR_STRING))
+ return FALSE;
+
+ if (typemod == DEVPROP_TYPEMOD_LIST
+ && !(type == DEVPROP_TYPE_STRING || type ==
DEVPROP_TYPE_SECURITY_DESCRIPTOR_STRING))
+ return FALSE;
+
+ return TRUE;
+}
+
This level of extensive error checking is probably not a bad idea,
but—the current state of most of SetupDi notwithstanding—I'm not sure
it's a good one either (and it's certainly a little troublesome to
review). I won't stand opposed to it if pressed, but is it really
necessary?
I would rather do the extensive error/parameter checking now than fixing
the crash caused by not checking later. I feel like there are already so
many bugs because of not enough checking.
As long as they are covered by tests. They shouldn't be too much an issue.
I'm not sure I agree, honestly. I don't see many applications that break on
invalid parameters (after all, why would they?), and those that do are generally rather
easy to debug.
Well, there are many patches that fix crashes just by adding simple parameter checks
because somehow there are invalid parameters.
And yes, they are usually easy to debug, I prefer not having to debug these kind of things
at all.
If you'd really prefer to leave these in, I'd at least advocate for removing the
tests (and perhaps corresponding checks) that don't fail consistently across
versions.
I'll remove some of the inconsistent tests.