msi: Avoid a potential NULL pointer dereference (coccicheck).
Marcus Meissner
meissner at suse.de
Thu May 20 06:19:10 CDT 2010
On Thu, May 20, 2010 at 12:36:21PM +0200, Michael Stefaniuc wrote:
> Paul Vriens wrote:
> > On 05/20/2010 01:15 AM, Michael Stefaniuc wrote:
> >> The last "goto done" is for si == NULL. When MSI_GetSummaryInformationW
> >> returns NULL there is a crash.
> >> ---
> >> dlls/msi/msi.c | 3 ++-
> >> 1 files changed, 2 insertions(+), 1 deletions(-)
> >>
> >> diff --git a/dlls/msi/msi.c b/dlls/msi/msi.c
> >> index 3170e6d..9c08d1b 100644
> >> --- a/dlls/msi/msi.c
> >> +++ b/dlls/msi/msi.c
> >> @@ -551,7 +551,8 @@ static UINT MSI_ApplicablePatchW( MSIPACKAGE
> >> *package, LPCWSTR patch )
> >>
> >> done:
> >> msiobj_release(&patch_db->hdr );
> >> - msiobj_release(&si->hdr );
> >> + if (si)
> >> + msiobj_release(&si->hdr );
> >> return r;
> >> }
> >>
> >
> > Hi Michael,
> >
> > This one is mentioned by Coverity (#970). Marcus marked this one as
> > 'FALSE' with the remark:
> >
> > "hdr is at position 0, so this will be NULL and msiobj_release handles it."
> >
> > Thoughts?
>
> Do the compilers treat the addressof operator on the struct member as
> si + FIELD_OFFSET(MSISUMMARYINFO, hdr)
> ?
> Then yes, no dereference happens and the result of the above calculation
> is NULL which is fine as input for msiobj_release().
Yes, they do.
Ciao, Marcus
More information about the wine-devel
mailing list