https://bugs.winehq.org/show_bug.cgi?id=43389
Bug ID: 43389 Summary: valgrind shows a few invalid reads in dlls/wsdapi/tests/xml.c Product: Wine Version: 2.12 Hardware: x86 OS: Linux Status: NEW Keywords: download, source, testcase, valgrind Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: austinenglish@gmail.com Distribution: Gentoo
==3467== Invalid read of size 2 ==3467== at 0x7B45265A: strlenW (unicode.h:200) ==3467== by 0x7B4598D0: CompareStringEx (locale.c:3895) ==3467== by 0x7B4596FE: CompareStringW (locale.c:3857) ==3467== by 0x7B459E76: lstrcmpW (locale.c:4088) ==3467== by 0x4B2675F: is_prefix_unique (xml.c:377) ==3467== by 0x4B26DD8: IWSDXMLContextImpl_AddNamespace (xml.c:533) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Address 0x48eedb8 is 24 bytes inside a block of size 32 free'd ==3467== at 0x7BC510DB: notify_free (heap.c:262) ==3467== by 0x7BC556AC: RtlFreeHeap (heap.c:1762) ==3467== by 0x4B24C28: free_allocation (memory.c:77) ==3467== by 0x4B24FFB: WSDFreeLinkedMemory (memory.c:165) ==3467== by 0x4B26DBD: IWSDXMLContextImpl_AddNamespace (xml.c:531) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Block was alloc'd at ==3467== at 0x7BC51061: notify_alloc (heap.c:254) ==3467== by 0x7BC5554F: RtlAllocateHeap (heap.c:1716) ==3467== by 0x4B24CB7: WSDAllocateLinkedMemory (memory.c:87) ==3467== by 0x4B25EAC: duplicate_string (xml.c:42) ==3467== by 0x4B2681D: generate_namespace_prefix (xml.c:399) ==3467== by 0x4B26E0B: IWSDXMLContextImpl_AddNamespace (xml.c:539) ==3467== by 0x487E91C: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487E91C: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467==
==3467== Invalid read of size 2 ==3467== at 0x4041981: compare_unicode_weights (sortkey.c:192) ==3467== by 0x4041E38: wine_compare_string (sortkey.c:360) ==3467== by 0x7B459905: CompareStringEx (locale.c:3898) ==3467== by 0x7B4596FE: CompareStringW (locale.c:3857) ==3467== by 0x7B459E76: lstrcmpW (locale.c:4088) ==3467== by 0x4B2675F: is_prefix_unique (xml.c:377) ==3467== by 0x4B26DD8: IWSDXMLContextImpl_AddNamespace (xml.c:533) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Address 0x48eedb8 is 24 bytes inside a block of size 32 free'd ==3467== at 0x7BC510DB: notify_free (heap.c:262) ==3467== by 0x7BC556AC: RtlFreeHeap (heap.c:1762) ==3467== by 0x4B24C28: free_allocation (memory.c:77) ==3467== by 0x4B24FFB: WSDFreeLinkedMemory (memory.c:165) ==3467== by 0x4B26DBD: IWSDXMLContextImpl_AddNamespace (xml.c:531) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Block was alloc'd at ==3467== at 0x7BC51061: notify_alloc (heap.c:254) ==3467== by 0x7BC5554F: RtlAllocateHeap (heap.c:1716) ==3467== by 0x4B24CB7: WSDAllocateLinkedMemory (memory.c:87) ==3467== by 0x4B25EAC: duplicate_string (xml.c:42) ==3467== by 0x4B2681D: generate_namespace_prefix (xml.c:399) ==3467== by 0x4B26E0B: IWSDXMLContextImpl_AddNamespace (xml.c:539) ==3467== by 0x487E91C: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487E91C: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467==
==3467== Invalid read of size 2 ==3467== at 0x404198D: compare_unicode_weights (sortkey.c:192) ==3467== by 0x4041E38: wine_compare_string (sortkey.c:360) ==3467== by 0x7B459905: CompareStringEx (locale.c:3898) ==3467== by 0x7B4596FE: CompareStringW (locale.c:3857) ==3467== by 0x7B459E76: lstrcmpW (locale.c:4088) ==3467== by 0x4B2675F: is_prefix_unique (xml.c:377) ==3467== by 0x4B26DD8: IWSDXMLContextImpl_AddNamespace (xml.c:533) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Address 0x48eedb8 is 24 bytes inside a block of size 32 free'd ==3467== at 0x7BC510DB: notify_free (heap.c:262) ==3467== by 0x7BC556AC: RtlFreeHeap (heap.c:1762) ==3467== by 0x4B24C28: free_allocation (memory.c:77) ==3467== by 0x4B24FFB: WSDFreeLinkedMemory (memory.c:165) ==3467== by 0x4B26DBD: IWSDXMLContextImpl_AddNamespace (xml.c:531) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Block was alloc'd at ==3467== at 0x7BC51061: notify_alloc (heap.c:254) ==3467== by 0x7BC5554F: RtlAllocateHeap (heap.c:1716) ==3467== by 0x4B24CB7: WSDAllocateLinkedMemory (memory.c:87) ==3467== by 0x4B25EAC: duplicate_string (xml.c:42) ==3467== by 0x4B2681D: generate_namespace_prefix (xml.c:399) ==3467== by 0x4B26E0B: IWSDXMLContextImpl_AddNamespace (xml.c:539) ==3467== by 0x487E91C: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487E91C: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467==
==3467== Invalid read of size 2 ==3467== at 0x40419E4: compare_unicode_weights (sortkey.c:209) ==3467== by 0x4041E38: wine_compare_string (sortkey.c:360) ==3467== by 0x7B459905: CompareStringEx (locale.c:3898) ==3467== by 0x7B4596FE: CompareStringW (locale.c:3857) ==3467== by 0x7B459E76: lstrcmpW (locale.c:4088) ==3467== by 0x4B2675F: is_prefix_unique (xml.c:377) ==3467== by 0x4B26DD8: IWSDXMLContextImpl_AddNamespace (xml.c:533) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Address 0x48eedb8 is 24 bytes inside a block of size 32 free'd ==3467== at 0x7BC510DB: notify_free (heap.c:262) ==3467== by 0x7BC556AC: RtlFreeHeap (heap.c:1762) ==3467== by 0x4B24C28: free_allocation (memory.c:77) ==3467== by 0x4B24FFB: WSDFreeLinkedMemory (memory.c:165) ==3467== by 0x4B26DBD: IWSDXMLContextImpl_AddNamespace (xml.c:531) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Block was alloc'd at ==3467== at 0x7BC51061: notify_alloc (heap.c:254) ==3467== by 0x7BC5554F: RtlAllocateHeap (heap.c:1716) ==3467== by 0x4B24CB7: WSDAllocateLinkedMemory (memory.c:87) ==3467== by 0x4B25EAC: duplicate_string (xml.c:42) ==3467== by 0x4B2681D: generate_namespace_prefix (xml.c:399) ==3467== by 0x4B26E0B: IWSDXMLContextImpl_AddNamespace (xml.c:539) ==3467== by 0x487E91C: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487E91C: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467==
==3467== Invalid read of size 2 ==3467== at 0x40419FA: compare_unicode_weights (sortkey.c:209) ==3467== by 0x4041E38: wine_compare_string (sortkey.c:360) ==3467== by 0x7B459905: CompareStringEx (locale.c:3898) ==3467== by 0x7B4596FE: CompareStringW (locale.c:3857) ==3467== by 0x7B459E76: lstrcmpW (locale.c:4088) ==3467== by 0x4B2675F: is_prefix_unique (xml.c:377) ==3467== by 0x4B26DD8: IWSDXMLContextImpl_AddNamespace (xml.c:533) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Address 0x48eedb8 is 24 bytes inside a block of size 32 free'd ==3467== at 0x7BC510DB: notify_free (heap.c:262) ==3467== by 0x7BC556AC: RtlFreeHeap (heap.c:1762) ==3467== by 0x4B24C28: free_allocation (memory.c:77) ==3467== by 0x4B24FFB: WSDFreeLinkedMemory (memory.c:165) ==3467== by 0x4B26DBD: IWSDXMLContextImpl_AddNamespace (xml.c:531) ==3467== by 0x487EA6B: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487EA6B: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467== Block was alloc'd at ==3467== at 0x7BC51061: notify_alloc (heap.c:254) ==3467== by 0x7BC5554F: RtlAllocateHeap (heap.c:1716) ==3467== by 0x4B24CB7: WSDAllocateLinkedMemory (memory.c:87) ==3467== by 0x4B25EAC: duplicate_string (xml.c:42) ==3467== by 0x4B2681D: generate_namespace_prefix (xml.c:399) ==3467== by 0x4B26E0B: IWSDXMLContextImpl_AddNamespace (xml.c:539) ==3467== by 0x487E91C: IWSDXMLContext_AddNamespace (wsdxml.h:153) ==3467== by 0x487E91C: XMLContext_AddNamespace_tests (???:0) ==3467== by 0x487FB4E: func_xml (xml.c:623) ==3467== by 0x4880A06: run_test (test.h:603) ==3467== by 0x4880E65: main (test.h:687) ==3467==
https://bugs.winehq.org/show_bug.cgi?id=43389
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Fixed by SHA1| |3cb938fd4f3f16b52022e109a2e | |dedb40371765b Resolution|--- |FIXED
--- Comment #1 from Nikolay Sivov bunglehead@gmail.com --- Fixed with 3cb938fd4f3f16b52022e109a2ededb40371765b.
https://bugs.winehq.org/show_bug.cgi?id=43389
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #2 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 2.16.
-
wine-bugs@winehq.org