http://bugs.winehq.org/show_bug.cgi?id=20896
Summary: Use-after-free in DdeClientTransaction in user32 dde tests Product: Wine Version: 1.1.33 Platform: PC OS/Version: Linux Status: NEW Keywords: download, source, testcase Severity: normal Priority: P2 Component: user32 AssignedTo: wine-bugs@winehq.org ReportedBy: dank@kegel.com
http://kegel.com/wine/valgrind/logs/2009-11-30-19.16/vg-user32_dde.txt says Invalid read of size 2 at GlobalFree (heap.c:767) by WDML_FreeTransaction (dde_misc.c:2439) by DdeClientTransaction (dde_client.c:1228) by test_ddeml_client (dde.c:392) by func_dde (dde.c:2357) by run_test (test.h:535) by main (test.h:585) Address 0x7f075e80 is not stack'd, malloc'd or (recently) free'd It's a little hard to see what's going on, but it appears that the memory in question was indeed recently freed, judging by the attached log, which was generated by the command
WINEDEBUG=+relay,+heap valgrind --trace-children=yes wine user32_test.exe.so dde.c
and edited to show just the area of interest.