Sebastian Lackner sebastian@fds-team.de writes:

This patch is an alternative strategy for fixing the issue described in http://source.winehq.org/patches/data/106864. Please note that the patches 2-4 from the previous series are still valid, and can be applied independently.

Although Andre_H and ehoover told me that this solution will not be accepted, I'll give it a try, because its the cleanest approach I can think of.

There is a huge amount of wineserver calls that use wine_server_set_reply incorrectly, and manually adding code to all these functions seems very complicated. In ntdll we have to use virtual_check_buffer_for_write, everywhere else we have to use IsBadWritePtr. And even if we have added that, it could still break things: When we add the check at the top of each affected function, and return some general error codes, it could break apps which expect a page fault exception in some other code branch.

There are few places that need this, and even fewer where it's an actual problem in practice. In fact it wouldn't be a problem at all except for your writecopy hack, which is in itself a questionable change. You'll need more convincing arguments for this series.