On 10/19/14 17:44, Shuai Meng wrote:
- newstr = SysAllocStringLen(NULL, 1023);
You need to allocate correct length string. First argument should be used here. You're also leaking the string in error-handling paths.
- switch(V_VT(arg + 1)) {
- case VT_NULL:
return MAKE_VBSERROR(VBSE_ILLEGAL_NULL_USE);
- case VT_BSTR:
str = V_BSTR(arg + 1);
break;
- case VT_ARRAY|VT_BYREF|VT_VARIANT:
return DISP_E_TYPEMISMATCH;
- default:
hres = to_short(arg + 1, &tmp);
if(FAILED(hres))
return hres;
str[0] = (char)tmp;
Please add a test with second argument larger then 256. It would be also interesting to see a test with second argument being BSTR with first character out of ASCII range. Please also check what happens if V_BSTR(arg+1)==NULL.
- hres = to_short(arg, &len);
- if(FAILED(hres))
return hres;
- if(len < 0)
return MAKE_VBSERROR(VBSE_ILLEGAL_FUNC_CALL);
- else if(len == 0)
newstr = '\0';
- else if(len > 1023)
len = 1023;
I guess that first argument is probably an integer. The length of produced string is probably also not limited to 1023 characters.
Thanks, Piotr