On Wed, 30 Aug 2023 18:40:57 GMT, Phil Race <[email protected]> wrote:
> > I would also add that the pointer saved to `mii.dwTypeData` becomes invalid > > as soon as `m->SetLabel(labelPtr)` returns because the code in `_SetLabel` > > releases the pointer `labelPtr`. > > Essentially, this was the code flow in `_SetLabel`: > > ```c++ > > LPCTSTR labelPtr = JNU_GetStringPlatformChars(env, label, 0); > > m->SetLabel(labelPtr); > > JNU_ReleaseStringPlatformChars(env, label, labelPtr); > > ``` > > > > > > > > > > > > > > > > > > > > > > > > If any code had dereferenced the pointer stored for a menu item in > > `dwTypeData`, the process would've crashed with access violation, or it > > could've led to a memory corruption. > > I don't think that's relevant. "mii" is stack allocated and the code does > ::InsertMenuItem(hMenu, idx, TRUE, &mii); > > and this pattern occurs in other places too. > > So I conclude that - although it isn't documented SFAICS - that GDI deep > copies what it needs out of the struct. Yes, I was wrong. I realised it later after I looked at the docs more. The description of the [MENUITEMINFOW](https://learn.microsoft.com/en-us/windows/win32/api/winuser/ns-winuser-menuiteminfow) says, <q cite="https://learn.microsoft.com/en-us/windows/win32/api/winuser/ns-winuser-menuiteminfow";>To retrieve a menu item of type MFT_STRING, irst find the size of the string by setting the dwTypeData member of MENUITEMINFO to NULL and then calling GetMenuItemInfo.</q> This implies the menu string is stored in the Window Manager. ------------- PR Comment: https://git.openjdk.org/jdk/pull/15276#issuecomment-1699816660
