Module: wine Branch: master Commit: 2ebee18198cc2f288cdc79c88cc9daf46b67b256 URL: http://source.winehq.org/git/wine.git/?a=commit;h=2ebee18198cc2f288cdc79c88c...
Author: Rob Shearman rob@codeweavers.com Date: Fri Dec 7 14:13:45 2007 +0000
rpcrt4: Improve PointerFree to not free buffer memory.
---
dlls/rpcrt4/ndr_marshall.c | 25 +++++-------------------- dlls/rpcrt4/tests/ndr_marshall.c | 2 ++ 2 files changed, 7 insertions(+), 20 deletions(-)
diff --git a/dlls/rpcrt4/ndr_marshall.c b/dlls/rpcrt4/ndr_marshall.c index 3f991ce..d7da092 100644 --- a/dlls/rpcrt4/ndr_marshall.c +++ b/dlls/rpcrt4/ndr_marshall.c @@ -1187,28 +1187,13 @@ static void PointerFree(PMIDL_STUB_MESSAGE pStubMsg, m = NdrFreer[*desc & NDR_TABLE_MASK]; if (m) m(pStubMsg, Pointer, desc);
- /* hmm... is this sensible? - * perhaps we should check if the memory comes from NdrAllocate, + /* we should check if the memory comes from NdrAllocate, * and deallocate only if so - checking if the pointer is between - * BufferStart and BufferEnd is probably no good since the buffer + * BufferStart and BufferEnd will not always work since the buffer * may be reallocated when the server wants to marshal the reply */ - switch (*desc) { - case RPC_FC_BOGUS_STRUCT: - case RPC_FC_BOGUS_ARRAY: - case RPC_FC_USER_MARSHAL: - case RPC_FC_CARRAY: - case RPC_FC_CVARRAY: - break; - default: - FIXME("unhandled data type=%02x\n", *desc); - break; - case RPC_FC_C_CSTRING: - case RPC_FC_C_WSTRING: - if (pStubMsg->ReuseBuffer) goto notfree; - break; - case RPC_FC_IP: - goto notfree; - } + if (Pointer >= (unsigned char *)pStubMsg->RpcMsg->Buffer || + Pointer <= (unsigned char *)pStubMsg->RpcMsg->Buffer + pStubMsg->BufferLength) + goto notfree;
if (attr & RPC_FC_P_ONSTACK) { TRACE("not freeing stack ptr %p\n", Pointer); diff --git a/dlls/rpcrt4/tests/ndr_marshall.c b/dlls/rpcrt4/tests/ndr_marshall.c index d2ea543..e4e2399 100644 --- a/dlls/rpcrt4/tests/ndr_marshall.c +++ b/dlls/rpcrt4/tests/ndr_marshall.c @@ -1167,7 +1167,9 @@ todo_wine { my_free_called = 0; StubMsg.Buffer = StubMsg.BufferStart; NdrPointerFree( &StubMsg, mem, fmtstr_conf_str ); +todo_wine { ok(my_free_called == 1, "free called %d\n", my_free_called); +}
/* Server */ my_alloc_called = 0;