On 08/10/18 02:06, Brendan McGrath wrote:
When IPin_QueryInternalConnections returns S_OK and nb > 0, a SEGFAULT occurs at dlls/quartz/filtergraph.c:2144 as the code is expecting ppPins to be an initialized array if SUCCEEDED(hr) is TRUE and nb > 0.
This patch ensures ppPins is an initialized array if SUCCEEDED(hr) is TRUE and nb > 0. Prior to this patch, ppPins was not being initialized when hr was S_OK and nb > 0.
The Microsoft documentation for IPin_QueryInternalConnections states:
This method has another use that is now deprecated: The Filter Graph Manager treats a filter as being a renderer filter if at least one input pin implements this method but returns zero in nPin. If you are writing a new renderer filter, however, you should implement the IAMFilterMiscFlags interface instead of using this method to indicate that the filter is a renderer.
The code I changed was written back in 2004/2005. My guess is back then the deprecated behaviour would only return S_OK when nb == 0, but this no longer appears to be the case. See line 99 of https://chromium.googlesource.com/webm/webmdshow/+/master/webmsplit/webmspli... for an example.
Signed-off-by: Brendan McGrath brendan@redmandi.com
dlls/quartz/filtergraph.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/dlls/quartz/filtergraph.c b/dlls/quartz/filtergraph.c index c8595646a03..536c48d346e 100644 --- a/dlls/quartz/filtergraph.c +++ b/dlls/quartz/filtergraph.c @@ -981,9 +981,7 @@ static HRESULT GetInternalConnections(IBaseFilter* pfilter, IPin* pinputpin, IPi
TRACE("(%p, %p, %p, %p)\n", pfilter, pinputpin, pppins, pnb); hr = IPin_QueryInternalConnections(pinputpin, NULL, &nb);
- if (hr == S_OK) {
/* Rendered input */
- } else if (hr == S_FALSE) {
- if (SUCCEEDED(hr) && nb > 0) { *pppins = CoTaskMemAlloc(sizeof(IPin*)*nb); hr = IPin_QueryInternalConnections(pinputpin, *pppins, &nb); if (hr != S_OK) {
Currently the only use of this function is in ExploreGraph(). Native does this completely differently (i.e. it actually delivers state change requests to all filters regardless of whether they're connected, and ensures that they are received in order by topologically sorting them on connection). I suspect we should probably get rid of it and just use IBaseFilter_EnumPins() there directly.