[Bug 46661] ISF_Desktop_fnGetDisplayNameOf function missing check for string variable This- >sPathTarget before copy it

[wine-bugs at winehq.org]

https://bugs.winehq.org/show_bug.cgi?id=46661

--- Comment #13 from ossecurity <ossecurity at iscas.ac.cn> ---
(In reply to Zebediah Figura from comment #12)
> (In reply to ossecurity from comment #11)
> > Yes, that can cause application crash and this crash is a behaviour of Win32
> > application. However, the missing check in ISF_Desktop_fnGetDisplayNameOf is
> > the behaviour of wine.
> > 
> > It will be clearer to judge this bug if we focus on the behaviour mismatch.
> > As hooking is supported function in windows, a prepared Win32
> > Application(DoInjection.exe) doesn't crash in Windows(I verify it on Win 7),
> > but it crashes in wine. It seems Win7 has added sufficient
> > checks(sanitizations or authority checks), however, wine doesn't.
> 
> You're also assuming that Windows has the same struct layout as Wine, which
> it almost certainly doesn't. Only behaviour differences that affect real
> applications are worth fixing.
> 
> There is no real reason to check for NULL here. It doesn't matter whose
> "behaviour" the code is. The contract internal to the Wine code is that the
> variable is valid from the moment the struct is allocated, not that it is
> valid if and only if it is non-NULL.

Oh yes, I mix struct layout difference into behaviour difference.
DoInjection.exe is really not as important as Word etc. The check consideration
really has a conflict with the internal contract of wine you just say. When
considering about fix and maintenance, you are right. 

Maybe this kind of check for is important in other scene or software besides
wine. I'll keep on researching.

Ke Yang

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.