comctl32: realloc or free and alloc
Nikolay Sivov
bunglehead at gmail.com
Sun May 1 12:55:43 CDT 2011
On 5/1/2011 21:49, Alexey Fisher wrote:
> On So, 2011-05-01 at 19:11 +0400, Nikolay Sivov wrote:
>> On 5/1/2011 13:07, Alexey Fisher wrote:
>>> There is a new patch in the attachment.
>>> BOOL Str_SetPtrAtoW (LPWSTR *lppDest, LPCSTR lpSrc)
>>> {
>>> - TRACE("(%p %s)\n", lppDest, lpSrc);
>>> + TRACE("(%p, %s)\n", *lppDest, debugstr_a(lpSrc));
>>> +
>>> + if (*lppDest) {
>>> + ERR("lppDest should be NULL!");
>>> + return FALSE;
>>> + }
>> It's an internal call, so it's better to require a caller to pass valid
>> parameters. That's why ERR is too much here, cause you completely
>> control passed parameters in a first place.
> The problem is, this function return FALSE if some thing going wrong,
> but caller never check it. So if we pass fresh not NULL, not Alloc'd
> pointer. We have some garbage in pointers target before the call. After
> ReAlloc and Str_SetPtrAtoW failed, caller continues to use old pointers
> target, also old garbage. The App get garbage instead of the string and
> will crash in some conditions. This all make it hard to find the cause
> of the crash.
I'll try to explain again.
Str_SetPtrAtoW() is not a public API call, so it's not accessible directly from outside
comctl32. My request to you was to provide a simple test application that uses some comctl32 controls
presumably and indirectly makes use of this call (and fails for some reason you'll trying to find).
>> Please open a bug with a test C application so we can look at initial
>> problem.
> Das Not ReAllocing not Alloc'd memory is bug? or it is future?
It depends.
> Here is part of man realloc:
>
>> realloc() changes the size of the memory block pointed to by ptr to
>> size bytes. The contents will be unchanged to the minimum of the old
>> and new sizes; newly allocated memory will be uninitialized. If ptr is
>> NULL, then the call is equivalent to malloc(size), for all values of
>> size; if size is equal to zero, and ptr is not NULL, then the call is
>> equivalent to free(ptr). Unless ptr is NULL, it must have been
>> returned by an earlier call to malloc(), calloc() or realloc(). If the
>> area pointed to was moved, a free(ptr) is done.
> This is irrelevant here.
More information about the wine-devel
mailing list