https://bugs.winehq.org/show_bug.cgi?id=46661
Zebediah Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #12 from Zebediah Figura z.figura12@gmail.com --- (In reply to ossecurity from comment #11)
Yes, that can cause application crash and this crash is a behaviour of Win32 application. However, the missing check in ISF_Desktop_fnGetDisplayNameOf is the behaviour of wine.
It will be clearer to judge this bug if we focus on the behaviour mismatch. As hooking is supported function in windows, a prepared Win32 Application(DoInjection.exe) doesn't crash in Windows(I verify it on Win 7), but it crash in wine. It seems Win7 has added sufficient checks(sanitizations or authority checks), however, wine doesn't.
You're also assuming that Windows has the same struct layout as Wine, which it almost certainly doesn't. Only behaviour differences that affect real applications are worth fixing.
There is no real reason to check for NULL here. It doesn't matter whose "behaviour" the code is. The contract internal to the Wine code is that the variable is valid from the moment the struct is allocated, not that it is valid if and only if it is non-NULL.