memory corruption in dlls/oleaut32/olepicture.c?

Marcus Meissner marcus at
Tue Jan 9 01:17:13 CST 2007

On Tue, Jan 09, 2007 at 08:40:08AM +0200, Damjan Jovanovic wrote:
> Hi
> In dlls/oleaut32/olepicture.c, there are several places where memory
> is allocated and then used immediately, without checking whether
> allocation succeeded. For example:
> 1479       xbuf = HeapAlloc (GetProcessHeap(), HEAP_ZERO_MEMORY, origsize);
> 1480       if (headerisdata)
> 1481           memcpy (xbuf, &header, 8);
> Is there something I'm missing, or does that sort of code lead to
> memory corruption / segmentation faults when allocating memory fails?

memory corruption - no.
segfaults due to NULL ptr dereference - yes.

> >From what I see on
>, smatch
> doesn't detect this as an error. What should we do?

Feel free to add error handling.

I originally did not add this, since the code is ugly already :(

Ciao, Marcus

More information about the wine-devel mailing list