rpcrt4: fix NULL pointer access

Gregory M. Turner gmturner007 at ameritech.net
Thu Nov 20 14:45:31 CST 2003 

On Thursday 20 November 2003 02:26 pm, Dimitrie O. Paun wrote:
> Ran into this while browsing the code, it seems to
> be a NULL pointer reference waiting to happen.
> Am I missing something?
>
> ChangeLog
>     Bail when we're out of memory.
>
> Index: dlls/rpcrt4/rpc_binding.c
> ===================================================================
> RCS file: /var/cvs/wine/dlls/rpcrt4/rpc_binding.c,v
> retrieving revision 1.15
> diff -u -r1.15 rpc_binding.c
> --- dlls/rpcrt4/rpc_binding.c	7 Oct 2003 22:54:17 -0000	1.15
> +++ dlls/rpcrt4/rpc_binding.c	20 Nov 2003 06:33:52 -0000
> @@ -516,7 +516,11 @@
>  {
>    DWORD len = strlen(dst), slen = strlen(src);
>    LPSTR ndst = HeapReAlloc(GetProcessHeap(), 0, dst,
> (len+slen+2)*sizeof(CHAR)); -  if (!ndst) HeapFree(GetProcessHeap(), 0,
> dst);
> +  if (!ndst)
> +  {
> +    HeapFree(GetProcessHeap(), 0, dst);
> +    return NULL;
> +  }
>    ndst[len] = ',';
>    memcpy(ndst+len+1, src, slen*sizeof(CHAR));
>    ndst[len+slen+1] = 0;
> @@ -527,7 +531,11 @@
>  {
>    DWORD len = strlenW(dst), slen = strlenW(src);
>    LPWSTR ndst = HeapReAlloc(GetProcessHeap(), 0, dst,
> (len+slen+2)*sizeof(WCHAR)); -  if (!ndst) HeapFree(GetProcessHeap(), 0,
> dst);
> +  if (!ndst)
> +  {
> +    HeapFree(GetProcessHeap(), 0, dst);
> +    return NULL;
> +  }
>    ndst[len] = ',';
>    memcpy(ndst+len+1, src, slen*sizeof(WCHAR));
>    ndst[len+slen+1] = 0;

looks like a real bug to me... but the consumers of those functions
probably assume success, so maybe the right solution is really to raise
an exception.  There are lots of places in rpcrt4 where exceptions ought
to raise on error conditions but don't, mainly due to developer laziness.
I guess it's hard to justify fixing error paths when success doesn't work
either ;)

So, at some point there needs to be an error-handling audit of rpcrt4;
until then, your patch is better than nothing, and probably should go in.

-- 
gmt

"It is to be the assent and ratification of the several States,
derived from the supreme authority in each State, the authority
of the people themselves.  The act, therefore, establishing the
Constitution, will not be a NATIONAL, but a FEDERAL act." --James
Madison, Federalist No. 39

More information about the wine-devel mailing list