advapi32: Fix potential NULL pointer dereference in RegSetValueExA [with test] (Saturn)
Alexandre Julliard
julliard at winehq.org
Tue Jan 27 14:56:26 CST 2009
Aurimas Fišeras <aurimas at gmail.com> writes:
> If FunctionA calls FunctionW with (possibly) NULL pointer and FunctionW
> dereferences it we should fix FunctionA?
If FunctionW requires a valid pointer, then yes of course the caller
should be fixed. Just making FunctionW return NOACCESS instead of
crashing doesn't fix anything, it just hides the bug. Sadly, Microsoft
likes to hide bugs instead of fixing them, and we sometimes have to do
the same to remain compatible, but we try to keep it to a minimum.
> But since FunctionA is windows API and it is far more likely to be
> called not from Wine itself but from "other programs", we don't fix
> neither FunctionA nor FunctionW, but expect that "other programs" will
> behave and won't call neither FunctionA nor FunctionW (nor FunctionX
> that calls FunctionA) with NULL pointers?
Yes. You can't check for NULL before every single dereference, that's
madness.
> How to know when to fix NULL pointer dereferences if in most such cases
> code flow can be traced back to a windows API called by "other program"?
If some other program is really calling it with NULL then you can fix
it. You can't preemptively fix every API that takes a pointer.
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list