[Bug 20553] Invalid read in LISTVIEW_NCDestroy in chromium unit_tests.exe in TableViewTest.Sort?
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat Nov 14 20:05:25 CST 2009
http://bugs.winehq.org/show_bug.cgi?id=20553
--- Comment #10 from Nikolay Sivov <bunglehead at gmail.com> 2009-11-14 20:05:25 ---
(In reply to comment #9)
> (In reply to comment #8)
> > Here was another problem discussed in this thread (corrupting heap overwriting
> > area marked free), and it doesn't exist any more. Currently I see a possible
> > fix for that using following condition:
> >
> > ---
> > HeapSize(GetProcessHeap(), 0, himl) >= sizeof(void*)
> > ---
> >
> > to determine if required field available to read. This will prevent from
> > reading out of allocated area. Failure will be indicated by -1 return value.
> > This check should be next after checking himl for null.
> >
> > P.S. I'm using sizeof(void*) here instead of sizeof(DWORD) cause of bug 20696
> > where I think it's possible to use vtable pointer as a magic (HIMAGELIST isn't
> > reusable for another process anyway).
>
> HeapSize is not a reliable way to test for a valid handle. If you want to check
> vtable or magic you can do that just as well without a HeapSize first.
Then it's a application bug here. I thought this invalid read caused by
accessing first member (magic or vtable). If there's no way to do such check
it's a chromium problem.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list