Rob Shearman : Revert "rpcrt4: Try to free every non-stack pointer in PointerFree now that NdrFree does the sanity checking for us .".

Alexandre Julliard julliard at winehq.org
Fri Dec 14 07:39:33 CST 2007 

Module: wine
Branch: master
Commit: ded4b866257947d7c365a8179775a0426de148e3
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=ded4b866257947d7c365a8179775a0426de148e3

Author: Rob Shearman <rob at codeweavers.com>
Date:   Thu Dec 13 16:11:28 2007 +0000

Revert "rpcrt4: Try to free every non-stack pointer in PointerFree now that NdrFree does the sanity checking for us.".

This reverts commit 6db648302ce43f625a073426a35a6f40b7869d8b.

Tests show the assumptions in a commit that this commit depends on are 
not valid.

---

 dlls/rpcrt4/ndr_marshall.c       |   14 ++++++++++----
 dlls/rpcrt4/tests/ndr_marshall.c |    2 ++
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/dlls/rpcrt4/ndr_marshall.c b/dlls/rpcrt4/ndr_marshall.c
index 8c79751..0fd2456 100644
--- a/dlls/rpcrt4/ndr_marshall.c
+++ b/dlls/rpcrt4/ndr_marshall.c
@@ -1270,17 +1270,23 @@ static void PointerFree(PMIDL_STUB_MESSAGE pStubMsg,
   m = NdrFreer[*desc & NDR_TABLE_MASK];
   if (m) m(pStubMsg, Pointer, desc);
 
+  /* we should check if the memory comes from NdrAllocate,
+   * and deallocate only if so - checking if the pointer is between
+   * BufferStart and BufferEnd will not always work since the buffer
+   * may be reallocated when the server wants to marshal the reply */
+  if (Pointer >= (unsigned char *)pStubMsg->RpcMsg->Buffer ||
+      Pointer <= (unsigned char *)pStubMsg->RpcMsg->Buffer + pStubMsg->BufferLength)
+      goto notfree;
+
   if (attr & RPC_FC_P_ONSTACK) {
     TRACE("not freeing stack ptr %p\n", Pointer);
     return;
   }
-
-  /* try to free everything else. NdrFree will do the job of sorting out
-   * whether we allocated it or whether the app did */
-
   TRACE("freeing %p\n", Pointer);
   NdrFree(pStubMsg, Pointer);
   return;
+notfree:
+  TRACE("not freeing %p\n", Pointer);
 }
 
 /***********************************************************************
diff --git a/dlls/rpcrt4/tests/ndr_marshall.c b/dlls/rpcrt4/tests/ndr_marshall.c
index d19d50f..391f277 100644
--- a/dlls/rpcrt4/tests/ndr_marshall.c
+++ b/dlls/rpcrt4/tests/ndr_marshall.c
@@ -1193,7 +1193,9 @@ todo_wine {
     my_free_called = 0;
     StubMsg.Buffer = StubMsg.BufferStart;
     NdrPointerFree( &StubMsg, mem, fmtstr_conf_str );
+todo_wine {
     ok(my_free_called == 1, "free called %d\n", my_free_called);
+}
 
     mem = my_alloc(10);
     my_free_called = 0;

More information about the wine-cvs mailing list