Andrew Talbot a écrit :
Changelog: dbghelp: Fix stabs_pts_read_type_def() for when typename is NULL.
diff --git a/dlls/dbghelp/stabs.c b/dlls/dbghelp/stabs.c index d550633..3c69eec 100644 --- a/dlls/dbghelp/stabs.c +++ b/dlls/dbghelp/stabs.c @@ -896,10 +896,10 @@ static int stabs_pts_read_type_def(struct ParseTypedefData* ptd, const char* typ * removed */ l1 = strlen(udt->hash_elt.name);
l2 = strlen(typename);
if (l1 > l2 || strcmp(udt->hash_elt.name, typename + l2 - l1))
l2 = typename ? strlen(typename) : 0;
if (l1 > l2 || (typename && strcmp(udt->hash_elt.name, typename + l2 - l1))) ERR("Forward declaration name mismatch %s <> %s\n",
udt->hash_elt.name, typename);
udt->hash_elt.name, typename ? typename : "(null)"); new_dt = &udt->symt; } PTS_ABORTIF(ptd, stabs_pts_read_aggregate(ptd, udt) == -1);
@@ -1003,7 +1003,7 @@ static int stabs_pts_read_type_def(struct ParseTypedefData* ptd, const char* typ
*stabs_find_ref(filenr1, subnr1) = *ret_dt = new_dt;
- TRACE("Adding (%ld,%ld) %s\n", filenr1, subnr1, typename);
TRACE("Adding (%ld,%ld) %s\n", filenr1, subnr1, typename ? typename : "(null)");
return 0;
}
looks like a bit strange to me that you get a null typename here can you send me the DLL/.so file on which you get the seg fault A+
Eric Pouech wrote:
looks like a bit strange to me that you get a null typename here can you send me the DLL/.so file on which you get the seg fault A+
No known segfaults; I'm just doing static analysis. But stabs_pts_read_type_def() is called several times within stabs.c passing NULL as a typename argument: e.g., line 494:
PTS_ABORTIF(ptd, stabs_pts_read_type_def(ptd, NULL, &ref) == -1);
And, with case 'u' (i.e., *ptd->ptr == 'u') and udt != NULL, it would be passed to strlen(). I didn't establish whether this will ever occur with typename == NULL, I just sought to make the function more bullet proof.
Andrew Talbot a écrit :
Eric Pouech wrote:
looks like a bit strange to me that you get a null typename here can you send me the DLL/.so file on which you get the seg fault A+
No known segfaults; I'm just doing static analysis. But stabs_pts_read_type_def() is called several times within stabs.c passing NULL as a typename argument: e.g., line 494:
PTS_ABORTIF(ptd, stabs_pts_read_type_def(ptd, NULL, &ref) == -1);
And, with case 'u' (i.e., *ptd->ptr == 'u') and udt != NULL, it would be passed to strlen(). I didn't establish whether this will ever occur with typename == NULL, I just sought to make the function more bullet proof.
this code path shouldn't need to be protected however the last trace should be protected (and debugstr_a is a better choice than testing for a null string) A+
Eric Pouech wrote:
however the last trace should be protected (and debugstr_a is a better choice than testing for a null string) A+
Thanks, Eric. I've sent a replacement patch (with a revised title).