[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wine-devel
Subject:    GlobalHandle
From:       lawson_whitney () juno ! com
Date:       2000-09-30 15:11:43
[Download RAW message or body]

Good day!

This isn't right, exactly, but it fixes a crash in I_view32.exe

 http://stud1.tuwien.ac.at/~e9227474/download.html

It seems to like to ask for global handles to global objects it invents
itself, and where the handle should be is a small integer instead.
GlobalHandle then falls down either in GLOBAL_GetHeap or trying to check
maybe_intern, in either case trying a memory reference with an intern
pointer derived from a bogus handle.  With this patch I can use
I_view32.exe to view and manipulate such image files as I have lying
around.

What I want here is sort of an INTERNAL_IsBadReadPointer that doesn't
generate a fault, but I haven't found one.  I think the API is faulty
enough that we don't need to add any extra faults to it.  I guess I
could invent one if it seems to be a good idea, but I thought I'd like
to ask first before I reinvent the wheel.

Regards,

Lawson


This message is brought to you by Wine-20000909, with the unwitting
cooperation of Juno 1.49.
---cut here

["global.diff" (TEXT/PLAIN)]

diff -ur globwas/memory/global.c globis/memory/global.c
--- globwas/memory/global.c	Sun Sep 10 13:53:02 2000
+++ globis/memory/global.c	Sat Sep 30 01:10:23 2000
@@ -6,6 +6,7 @@
 /* 0xffff sometimes seems to mean: CURRENT_DS */
 
 #include <sys/types.h>
+#include <sys/user.h>
 #include <stdlib.h>
 #include <time.h>
 #include <stdio.h>
@@ -1163,6 +1164,12 @@
         if (HeapValidate( heap, 0, pmem ))
             return (HGLOBAL)pmem;  /* valid fixed block */
     handle = POINTER_TO_HANDLE(pmem);
+    if (!(ISHANDLE(handle))||!(handle & PAGE_MASK))
+    {
+       SetLastError( ERROR_INVALID_PARAMETER );
+       return 0;
+    }
+
     } else  
         handle = (HGLOBAL)pmem;
 

["global.diff.gz" (APPLICATION/octet-stream)]

[prev in list] [next in list] [prev in thread] [next in thread]