http://bugs.winehq.org/show_bug.cgi?id=26389
Bruno Jesus 00cpxxx@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #37537|0 |1 is obsolete| |
--- Comment #5 from André H. nerv@dawncrow.de 2011-11-20 06:25:34 CST --- (In reply to comment #3)
Created attachment 37537 [details] crash in 1.3.33
Still present in 1.3.33. The backtrace seems to be helpful.
seems to me like EDIT_EM_SetHandle calling get_text_length which calls and crashes in strlenW could you pls debug this further by adding some TRACEs or ERRs in that functions
--- Comment #6 from Bruno Jesus 00cpxxx@gmail.com 2011-11-20 10:56:10 CST --- Created attachment 37552 --> http://bugs.winehq.org/attachment.cgi?id=37552 +user32 -O0
After recompiling with -O0 I reached the crash point. The function get_text_length (edit.c:258) is called with a NULL es->text parameter making strlenW crash. Better backtrace attached.
The "hide the bug" solution works very well and makes wine behave correctly:
static inline UINT get_text_length(EDITSTATE *es) { - if(es->text_length == (UINT)-1) + if(!es->text) + es->text_length = 0; + else if(es->text_length == (UINT)-1) es->text_length = strlenW(es->text); return es->text_length; }