[Bug 31507] midiInOpen x64 crash due to callback address 32-bit truncation
wine-bugs at winehq.org
wine-bugs at winehq.org
Sun Aug 19 20:10:17 CDT 2012
http://bugs.winehq.org/show_bug.cgi?id=31507
--- Comment #5 from Nikolay Sivov <bunglehead at gmail.com> 2012-08-19 20:10:17 CDT ---
Hi, George.
I think I found a problem you're seeing, pointer truncation happens in wine
sound driver at MIDI_NotifyClient():
---
static void MIDI_NotifyClient(UINT wDevID, WORD wMsg,
DWORD_PTR dwParam1, DWORD_PTR dwParam2)
{
DWORD dwCallBack;
...
case MIM_OPEN:
case MIM_CLOSE:
case MIM_DATA:
case MIM_LONGDATA:
case MIM_ERROR:
case MIM_LONGERROR:
case MIM_MOREDATA:
if (wDevID > MIDM_NumDevs) return;
dwCallBack = MidiInDev[wDevID].midiDesc.dwCallback;
uFlags = MidiInDev[wDevID].wFlags;
hDev = MidiInDev[wDevID].midiDesc.hMidi;
dwInstance = MidiInDev[wDevID].midiDesc.dwInstance;
break;
...
DriverCallback(dwCallBack, uFlags, hDev, wMsg, dwInstance, dwParam1,
dwParam2);
}
---
So it gets truncated with a cast to DWORD it seems. You could easily check that
modifying local dwCallBack variable to be DWORD_PTR, and you need to modify a
driver you're using - winealsa or wineoss.
I'll send a patch for that later today if this change helps you.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list