--- On Thu, 4/9/09, Paul Vriens paul.vriens.wine@gmail.com wrote:
From: Paul Vriens paul.vriens.wine@gmail.com Subject: Re: possible NULL dereference? To: "Joris Huizer" joris_huizer@yahoo.com Cc: wine-devel@winehq.org Date: Thursday, April 9, 2009, 7:53 AM Joris Huizer wrote:
Looking at git commit
dcb3e52e2dfd0d6e494164932fb2b684d463a005, it seems, passing a NULL size pointer to GetUserNameEx[AW] is likely to crash.
You may want to test whether Windows versions crash on
it, and check for it if needed.
HTH, Joris
There is also another one (mentioned by Coverity) where passing a NULL lpNameBuffer and a big enough nSize will crash. I tested that one on W2K3 and this also crashes on W2K3.
I didn't test the NULL nSize however.
If time permits I'll add some tests and comments in the case of crashes. If somebody wants to be beat me to it, be my guest.
Out of curiosity, did you find this by visual inspection?
-- Cheers,
Paul.
Yea I just noticed this while skimming through, now and then I look at the latest changes on git.
I assume Coverity doesn't complain as it noticed you don't test the nSize pointer in any code path, so it assumes you know what you're doing.
That seems like a general problem - if it could pick up the WINAPI flag (explicitly different calling convention) and realize every argument is suspect, it would find all such problems as well; Such behavior would be desirable for library functions in general, except that different projects are likely to have very different requirements about when a function is a library function to be treated like that. Specifying "what is a library function" might already be supported or perhaps it could be requested as a generally useful feature?
regards, Joris
-
Joris Huizer