[Bug 1566] New: Module reference count (LoadCount) is not capped, could wrap to zero? - wine-bugs

2 Jul 2003


      http://bugs.winehq.com/show_bug.cgi?id=1566
Summary: Module reference count (LoadCount) is not capped, could
                    wrap to zero?
           Product: Wine
           Version: 20030618
          Platform: All
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: wine-loader
        AssignedTo: wine-bugs@winehq.com
        ReportedBy: jr-winebugs@quo.to
Looking at dlls/ntdll/loader.c, it doesn't appear that the module reference 
counts are capped; they're just blindly incremented. Because of this, if an 
application calls LoadLibrary() on the same DLL enough times, the reference 
count could wrap around to zero, and this would obviously cause problems.
Windows (both 9x and NT kernels) cap library reference counts at 0xffff. 
Further, once the reference count reaches 0xffff, any FreeLibrary() calls are 
ignored; the reference count stays at 0xffff. (This makes sense: if an 
application calls LoadLibrary() a million times, then 0xffff calls to 
FreeLibrary() shouldn't free the DLL.)
The code in loader.c that increments & decrements reference counts should 
probably look like this, respectively:
if ((*pwm)->ldr.LoadCount < 0xffff)
  (*pwm)->ldr.LoadCount++;
if (wm->ldr.LoadCount < 0xffff)
  --wm->ldr.LoadCount;
-- 
Configure bugmail: http://bugs.winehq.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.