[PATCH] user32: check for valid pointer in CreateIconFromResource
Reece Dunn
msclrhd at googlemail.com
Mon Jun 28 06:44:23 CDT 2010
On 28 June 2010 12:26, Alexandre Julliard <julliard at winehq.org> wrote:
> Wolfram Sang <wolfram at the-dreams.de> writes:
>
>> According to TestBot (#2851), all non-crashing Windows versions return 0.
>>
>> Found while working on Bug 21012. Although this patch doesn't cure this
>> bug, I think it is still worth adding the check because the pointer
>> may come from the (always evil ;)) user-application.
>
> Do you have an actual application that does this, or is this just hiding
> a Wine bug?
When running winedbg on bfginstaller.exe (trying to track down
http://bugs.winehq.org/show_bug.cgi?id=14343), winedbg will trap in
the cursoricon.c code (line 771 --
http://source.winehq.org/git/wine.git/?a=blob;f=dlls/user32/cursoricon.c;h=9a1810e22a1a77c698a14e0d6a9a33c5d036bce0;hb=d474d3f142b6e5f50ca3253cd170695ac3cc8930#l771):
767 /* pre-multiply by alpha */
768 for (i = 0, ptr = bits; i < bm.bmWidth * bm.bmHeight; i++, ptr += 4)
769 {
770 unsigned int alpha = ptr[3];
771 ptr[0] = ptr[0] * alpha / 255;
772 ptr[1] = ptr[1] * alpha / 255;
773 ptr[2] = ptr[2] * alpha / 255;
774 }
The app itself does not crash there when not running without winedbg,
but is generating an issue later on that does not make sense (which I
am suspecting is a stack corruption issue, possibly triggered by this
issue).
I'm not sure if this is a wine bug, whether Wolfram's patch gets past
the break triggered or whether it addresses the Big Fish Games issue.
I'll test the patch tonight.
- Reece
More information about the wine-devel
mailing list