http://bugs.winehq.org/show_bug.cgi?id=22514
--- Comment #15 from Timur Iskhodzhanov timurrrr@google.com 2010-04-29 04:47:43 --- Created an attachment (id=27610) --> (http://bugs.winehq.org/attachment.cgi?id=27610) A simple test that shows lstrlen(0) is handled differently to lstrlen(1)
Lei, the test you've proposed is perfectly fine for me.
However, I still disagree about the lstrlen implementation :-)
What I'm trying to say is NULL argument is documented as "OK" in MSDN http://msdn.microsoft.com/en-us/library/ms647492(VS.85).aspx -> "lstrlen assumes that lpString is a null-terminated string, or NULL. If it is not, this could lead to a buffer overrun or a denial of service attack against your application."
Looks like it doesn't really read from *NULL when run natively:
I've added a call to lstrlenW(1) and ran the program under DrMemory (it's a win tool similar to Valgrind)
>>>>>>>>>>>>>>>>
$ cl wine.c && wine.exe 5: GetLastError() = 0 7: lstrlenW(NULL) = 0 8: GetLastError() = 0 10: lstrlenW(1) = 0 11: GetLastError() = 0 13: lstrlenA(NULL) = 0 14: GetLastError() = 0
$ drmemory.exe wine.exe 5: GetLastError() = 0 7: lstrlenW(NULL) = 0 8: GetLastError() = 0 10: lstrlenW(1) = 0 11: GetLastError() = 0 13: lstrlenA(NULL) = 0 14: GetLastError() = 0 (from logdir/global.XXX.log) Error #1: UNADDRESSABLE ACCESS: reading 0x00000001-0x00000003 2 byte(s) within 0x00000001-0x00000003 @0:00:00.609 in thread 472 0x7c90fe60 <ntdll.dll+0xfe60> 0x7c809acc <KERNEL32.dll+0x9acc> 0x0040106f <wine.exe+0x106f> 0x0040175c <wine.exe+0x175c> 0x7c817077 <KERNEL32.dll+0x17077> <<<<<<<<<<<<<<<<<<<< Also, DrMemory barks if I do strlen(NULL) inside __try/__except(GetExceptionCode() == EXCEPTION_ACCESS_VIOLATION) section. It doesn't bark on lstrlenW(0).
That's why I want to add "if (str == NULL) return 0;" BEFORE the __try statement.
===================
And yes, some applications expect an exception when they call lstrlen(NULL), and do handle that on their own.
Dmitry, can you please give an example?