On 04.03.2015 9:19, Shuai Meng wrote:
+ switch(V_VT(arg)) {
+ case VT_NULL:
+ return MAKE_VBSERROR(VBSE_ILLEGAL_NULL_USE);
+ case VT_BSTR:
+ bstr = V_BSTR(arg);
+ break;
+ default:
+ hres = to_string(arg, &bstr);
+ if(FAILED(hres))
+ return hres;
+ }
+
+ ret = bstr[0];
+ SysFreeString(bstr);
+
+ if(ret == 0)
+ return MAKE_VBSERROR(VBSE_ILLEGAL_FUNC_CALL);
+ return return_short(res, ret);
This is wrong too. You can't always free it like that, please look carefully at where 'bstr' comes from.