[Bug 20896] Use-after-free in DdeClientTransaction in user32 dde tests
wine-bugs at winehq.org
wine-bugs at winehq.org
Thu Dec 31 06:38:31 CST 2015
https://bugs.winehq.org/show_bug.cgi?id=20896
--- Comment #8 from Nikolay Sivov <bunglehead at gmail.com> ---
Yes, I can reproduce invalid read on current Wine + valgrind-svn:
---
==13031== Invalid read of size 2
==13031== at 0x7B843878: GlobalFree (heap.c:762)
==13031== by 0x4F5F4F1: WDML_FreeTransaction (dde_misc.c:1985)
==13031== by 0x4F5BF33: DdeClientTransaction (dde_client.c:1226)
==13031== by 0x4D06233: test_ddeml_client (dde.c:403)
==13031== by 0x4D0BBD8: func_dde (dde.c:2696)
==13031== by 0x4CE9003: main (test.h:584)
==13031== Address 0x495f8f0 is 16 bytes after a recently re-allocated block of
size 48 alloc'd
==13031== at 0x7BC507E9: RtlAllocateHeap (heap.c:254)
==13031== by 0x4F5F3C8: WDML_AllocTransaction (dde_misc.c:1919)
==13031== by 0x4F5BBEE: DdeClientTransaction (dde_client.c:721)
==13031== by 0x4D06233: test_ddeml_client (dde.c:403)
==13031== by 0x4D0BBD8: func_dde (dde.c:2696)
==13031== by 0x4CE9003: main (test.h:584)
---
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list