<span style="font-family:arial,helvetica,sans-serif; font-size:12px">Certainly not a "feature", but just that (certainly because it is only for user-mode AND the out pointer is not optional) the MS dev who introduced these functions didn't want to (or just more simply forgot to) not check for such NULL pointer.</span><br> <span style="font-family:arial,helvetica,sans-serif; font-size:12px">And thus, if you pass NULL, it's just your fault if your app crashes.</span><br> <span style="font-family:arial,helvetica,sans-serif; font-size:12px">And of course, since ReactOS also want to behave similarly... we don't check for NULL either!</span><br> <br> <span style="font-family:arial,helvetica,sans-serif; font-size:12px">H.</span>
<div class="gl_quote" style="margin-top: 20px; padding-top: 5px;"> <div class="gl_quote" style="margin-top: 20px; padding-top: 5px;">De : xxxx<br> A : ros-dev@reactos.org<br> Envoyé: mardi 31 octobre 2017 16:10<br> Objet : Re: [ros-dev] [ros-diffs] [reactos] 01/01: CID 1206831 Dereference after null check<br> <div class="gl_quoted"> <div dir="ltr">Seems like this API has a 'feature' where by it throws exceptions if <span style="font-size:12.8px">BytesRead is null?</span></div> <div class="gmail_extra"> <div class="gmail_quote">On Sun, Oct 29, 2017 at 8:02 AM, Jerome Gardou <span dir="ltr"><<a href="mailto:jerome.gar...@reactos.org"; target="_blank">jerome.gar...@reactos.org</a>></span> wrote: <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">HI,<br> <br> that doesn't look good, as shown by <a href="https://reactos.org/testman/compare.php?ids=56275,56276"; rel="noreferrer" target="_blank">https://reactos.org/testman/co<wbr>mpare.php?ids=56275,56276</a><br> <br> Jérôme<br> <br> <br> Le 29/10/2017 à 11:17, Samuel Serapion a écrit : <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><a href="https://git.reactos.org/?p=reactos.git;a=commitdiff;h=b3b2a23f05e5188dc1475961fcd7f036f0046d25"; rel="noreferrer" target="_blank">https://git.reactos.org/?p=rea<wbr>ctos.git;a=commitdiff;h=b3b2a2<wbr>3f05e5188dc1475961fcd7f036f004<wbr>6d25</a><br> <br> commit b3b2a23f05e5188dc1475961fcd7f0<wbr>36f0046d25<br> Author: Samuel Serapion <<a href="mailto:samcha...@hotmail.com"; target="_blank">samcha...@hotmail.com</a>><br> AuthorDate: Fri Oct 20 14:00:32 2017 -0400<br> <br> CID 1206831 Dereference after null check<br> BytesRead is an optional out parameter and must be checked before being written to.<br> ---<br> sdk/lib/rtl/memstream.c | 3 ++-<br> 1 file changed, 2 insertions(+), 1 deletion(-)<br> <br> diff --git a/sdk/lib/rtl/memstream.c b/sdk/lib/rtl/memstream.c<br> index 0549424ca4..8fe4169fb1 100644<br> --- a/sdk/lib/rtl/memstream.c<br> +++ b/sdk/lib/rtl/memstream.c<br> @@ -185,7 +185,8 @@ RtlReadMemoryStream(<br> Stream->Current = (PUCHAR)Stream->Current + CopyLength;<br> - *BytesRead = CopyLength;<br> + if (BytesRead)<br> + *BytesRead = CopyLength;<br> return S_OK;<br> }<br> </blockquote> <br> <br> ______________________________<wbr>_________________<br> Ros-dev mailing list<br> <a href="mailto:Ros-dev@reactos.org"; target="_blank">Ros-dev@reactos.org</a><br> <a href="http://www.reactos.org/mailman/listinfo/ros-dev"; rel="noreferrer" target="_blank">http://www.reactos.org/mailman<wbr>/listinfo/ros-dev</a></blockquote> </div> </div> <!-- PART SEPARATOR --><br> <br> <br> _______________________________________________<br> Ros-dev mailing list<br> Ros-dev@reactos.org<br> http://www.reactos.org/mailman/listinfo/ros-dev</div> <div class="gl_quoted"> </div> </div> </div>
_______________________________________________ Ros-dev mailing list Ros-dev@reactos.org http://www.reactos.org/mailman/listinfo/ros-dev
