https://bugs.winehq.org/show_bug.cgi?id=43585
Bug ID: 43585 Summary: Calling PageSetupDlgA with invalid default printer leads to an unhandled exception Product: Wine Version: 2.15 Hardware: x86 OS: Windows Status: UNCONFIRMED Severity: minor Priority: P2 Component: comdlg32 Assignee: wine-bugs@winehq.org Reporter: kamil.hornicek@reactos.org
Created attachment 58997 --> https://bugs.winehq.org/attachment.cgi?id=58997 possible solution
This was tested in Windows XP with Wine's comdlg32.dll.
Steps to reproduce: 1. set Software\Microsoft\Windows NT\CurrentVersion\Windows\Device to a non-existent printer 2. run comdlg32 printdlg test
Expected result: PageSetupDlgA should fail with PDERR_NODEFAULTPRN
Acutal result: test_PageSetupDlgA crashes after null pointer dereference in GdiConvertToDevmodeW
Remarks: If the value of the system default printer stored in Software\Microsoft\Windows NT\CurrentVersion\Windows\Device gets corrupted or is not properly set upon printer removal, PageSetupDlgA called with the PSD_RETURNDEFAULT flag will cause an unhandled exception in gdi32:GdiConvertToDevmodeW after calling it with a null devmode.
At comdlg32:pagesetup_common@3862 get_default_printer will succeed but the returned printer will be bogus. Then pagesetup_change_printer will fail trying to get the default driver. When pagesetup_update_papersize is called few lines below the devmode stored in the pagesetup_data struct passed to it will be null, which will lead to the crash.
Solution: Function comdlg32:pagesetup_common needs to check the return value of comdlg32:pagesetup_change_printer and return if it fails. Attached is a possible solution to this bug.