mirror of
git://source.winehq.org/git/wine.git
synced 2024-10-14 21:27:19 +00:00
atl: Do not access m_pTermFuncs if the structure is too small.
This commit is contained in:
Vincent Povirk
Alexandre Julliard
parent
99af1ee34c
commit
d9211c9e5f
|
|
@ -123,15 +123,20 @@ HRESULT WINAPI AtlModuleLoadTypeLib(_ATL_MODULEW *pM, LPCOLESTR lpszIndex,
|
|||
|
||||
HRESULT WINAPI AtlModuleTerm(_ATL_MODULE *pM)
|
||||
{
|
||||
_ATL_TERMFUNC_ELEM *iter = pM->m_pTermFuncs, *tmp;
|
||||
_ATL_TERMFUNC_ELEM *iter, *tmp;
|
||||
|
||||
TRACE("(%p)\n", pM);
|
||||
|
||||
while(iter) {
|
||||
iter->pFunc(iter->dw);
|
||||
tmp = iter;
|
||||
iter = iter->pNext;
|
||||
HeapFree(GetProcessHeap(), 0, tmp);
|
||||
if (pM->cbSize > ATLVer1Size)
|
||||
{
|
||||
iter = pM->m_pTermFuncs;
|
||||
|
||||
while(iter) {
|
||||
iter->pFunc(iter->dw);
|
||||
tmp = iter;
|
||||
iter = iter->pNext;
|
||||
HeapFree(GetProcessHeap(), 0, tmp);
|
||||
}
|
||||
}
|
||||
|
||||
return S_OK;
|
||||
|
|
@ -143,12 +148,15 @@ HRESULT WINAPI AtlModuleAddTermFunc(_ATL_MODULEW *pM, _ATL_TERMFUNC *pFunc, DWOR
|
|||
|
||||
TRACE("(%p %p %ld)\n", pM, pFunc, dw);
|
||||
|
||||
termfunc_elem = HeapAlloc(GetProcessHeap(), 0, sizeof(_ATL_TERMFUNC_ELEM));
|
||||
termfunc_elem->pFunc = pFunc;
|
||||
termfunc_elem->dw = dw;
|
||||
termfunc_elem->pNext = pM->m_pTermFuncs;
|
||||
if (pM->cbSize > ATLVer1Size)
|
||||
{
|
||||
termfunc_elem = HeapAlloc(GetProcessHeap(), 0, sizeof(_ATL_TERMFUNC_ELEM));
|
||||
termfunc_elem->pFunc = pFunc;
|
||||
termfunc_elem->dw = dw;
|
||||
termfunc_elem->pNext = pM->m_pTermFuncs;
|
||||
|
||||
pM->m_pTermFuncs = termfunc_elem;
|
||||
pM->m_pTermFuncs = termfunc_elem;
|
||||
}
|
||||
|
||||
return S_OK;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -113,8 +113,48 @@ static void test_winmodule(void)
|
|||
ok(winmod.m_pCreateWndList == create_data+1, "winmod.m_pCreateWndList != create_data\n");
|
||||
}
|
||||
|
||||
static DWORD cb_val;
|
||||
|
||||
static void WINAPI term_callback(DWORD dw)
|
||||
{
|
||||
cb_val = dw;
|
||||
}
|
||||
|
||||
static void test_term(void)
|
||||
{
|
||||
_ATL_MODULEW test;
|
||||
HRESULT hres;
|
||||
|
||||
test.cbSize = sizeof(_ATL_MODULEW);
|
||||
|
||||
hres = AtlModuleInit(&test, NULL, NULL);
|
||||
ok (hres == S_OK, "AtlModuleInit failed (0x%x).\n", (int)hres);
|
||||
|
||||
hres = AtlModuleAddTermFunc(&test, term_callback, 0x22);
|
||||
ok (hres == S_OK, "AtlModuleAddTermFunc failed (0x%x).\n", (int)hres);
|
||||
|
||||
cb_val = 0xdeadbeef;
|
||||
hres = AtlModuleTerm(&test);
|
||||
ok (hres == S_OK, "AtlModuleTerm failed (0x%x).\n", (int)hres);
|
||||
ok (cb_val == 0x22, "wrong callback value (0x%x).\n", (int)cb_val);
|
||||
|
||||
test.cbSize = FIELD_OFFSET(_ATL_MODULEW, dwAtlBuildVer);
|
||||
|
||||
hres = AtlModuleInit(&test, NULL, NULL);
|
||||
ok (hres == S_OK, "AtlModuleInit failed (0x%x).\n", (int)hres);
|
||||
|
||||
hres = AtlModuleAddTermFunc(&test, term_callback, 0x23);
|
||||
ok (hres == S_OK, "AtlModuleAddTermFunc failed (0x%x).\n", (int)hres);
|
||||
|
||||
cb_val = 0xdeadbeef;
|
||||
hres = AtlModuleTerm(&test);
|
||||
ok (hres == S_OK, "AtlModuleTerm failed (0x%x).\n", (int)hres);
|
||||
ok (cb_val == 0xdeadbeef, "wrong callback value (0x%x).\n", (int)cb_val);
|
||||
}
|
||||
|
||||
START_TEST(module)
|
||||
{
|
||||
test_StructSize();
|
||||
test_winmodule();
|
||||
test_term();
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue