Hi all,
Star Money 2.0 demo crashes here:
trace:relay:WINPROC_CallWndProc
(wndproc=0x4008a3a8,hwnd=00000540,msg=WM_NCCALCSIZE,wp=00000001,lp=41096280)
trace:menu:MENU_GetMenuBarHeight HWND 0x540, width 372, at (1, 1).
trace:menu:MENU_MenuBarCalcSize left=1 top=1 right=373 bottom=20
trace:menu:MENU_MenuBarCalcSize calling MENU_CalcItemSize org=(1, 1)
trace:menu:do_debug_print_menuitem item: { ID=0x50, Sub=0x50, Typ=pop,rorder,
Text=Null }
trace:menu:MENU_CalcItemSize dc=0x0910 owner=0x0540 (1,1)
trace:menu:do_debug_print_menuitem MENU_CalcItemSize: menuitem: { ID=0x50, Sub=0x50,
Typ=pop,rorder, Text=Null } (MenuBar)
^^^^^^^
Call user32.391: MessageBoxA(00000000,40f54aac "Unhandled exception 0xc0000005 at
address 0x4008bbfb.\nDo you wish to debug it ?",401dfdca "Error",00000014)
ret=40166fce fs=0327
err:win32:SYSLEVEL_CheckNotLevel (2): Holding lock of level 2!
err:seh:EXC_DefaultHandling Unhandled exception code 80000003 flags 0 addr 0x4015be77
This probably happened here (~300 lines above):
Call USER.219: CREATEDIALOGINDIRECT(0x03b6,03b7:984c,0x01cc,0x065705c4) ret=07df:10a5
ds=07f7
trace:menu:CreateMenu return 03e8
trace:menu:InsertMenuA hMenu 03e8, pos -1, flags 00002410, id 0050, str 00000000 (not
a string)
trace:menu:do_debug_print_menuitem MENU_SetItemData from: { ID=0x0, Text=Null }
trace:menu:do_debug_print_menuitem MENU_SetItemData to : { ID=0x50, Sub=0x50,
Typ=sep,pop,rorder }
How should I fix it ?
Changing the code in menu.c/MENU_CalcItemSize like that:
/* If we get here, then it must be a text item */
if (IS_STRING_ITEM( lpitem->fType ))
{ SIZE size;
GetTextExtentPoint32A( hdc,
lpitem->text,
/* check for NULL pointer */
(lpitem->text) ? strlen(lpitem->text) : 0,
&size);
fixes it.
But lpitem->text gets referenced there a zillion times later on.
So there still is a big potential for crashes.
So what is the CORRECT fix ?
I guess we need to handle that somehow already at CREATEDIALOGINDIRECT.
Maybe somebody could check what Windows does in this case ?
Andreas Mohr
