Hi
In dlls/oleaut32/olepicture.c, there are several places where memory is allocated and then used immediately, without checking whether allocation succeeded. For example:
1479 xbuf = HeapAlloc (GetProcessHeap(), HEAP_ZERO_MEMORY, origsize); 1480 if (headerisdata) 1481 memcpy (xbuf, &header, 8);
Is there something I'm missing, or does that sort of code lead to memory corruption / segmentation faults when allocating memory fails?
From what I see on
http://people.redhat.com/mstefani/wine/smatch/bugs_all.html, smatch doesn't detect this as an error. What should we do?
Damjan
On Tue, Jan 09, 2007 at 08:40:08AM +0200, Damjan Jovanovic wrote:
Hi
In dlls/oleaut32/olepicture.c, there are several places where memory is allocated and then used immediately, without checking whether allocation succeeded. For example:
1479 xbuf = HeapAlloc (GetProcessHeap(), HEAP_ZERO_MEMORY, origsize); 1480 if (headerisdata) 1481 memcpy (xbuf, &header, 8);
Is there something I'm missing, or does that sort of code lead to memory corruption / segmentation faults when allocating memory fails?
memory corruption - no. segfaults due to NULL ptr dereference - yes.
From what I see on
http://people.redhat.com/mstefani/wine/smatch/bugs_all.html, smatch doesn't detect this as an error. What should we do?
Feel free to add error handling.
I originally did not add this, since the code is ugly already :(
Ciao, Marcus
-
Damjan Jovanovic -
Marcus Meissner