http://bugs.winehq.org/show_bug.cgi?id=23247
--- Comment #8 from Dmitry Timoshkov dmitry@codeweavers.com 2010-06-22 05:28:23 --- (In reply to comment #7)
Did you see my comment to your patch?
Sure. And I told you it happens in 7-zip. Crash actually happens in your code, that is why I fixed it there and not somewhere dlls/hhctrl.ocx/chm.c,LoadWinTypeFromCHM().
My code and possibly other parts assume that LoadWinTypeFromCHM() has initialized all the fields in the CHM header. You need to figure out why LoadWinTypeFromCHM() fails to do so, and fix it.
Point is, I don't get why there is GetChmString(info->pCHMInfo, (DWORD_PTR)info->WinType.pszCaption) called from LoadWinTypeFromCHM when GetChmString accepts DWORD as second argument, not DWORD_PTR... and then, why there is (offset >> BLOCK_BITS) shift in GetChmString when offset is truncated pointer (?)
How is that related to this bug?