Dustin Navea wrote:
Rob Shearman wrote:
The problem was a heap overrun in quartz. The bug was fixed. I haven't seen any more reports of this problem with cvs Wine.
Ok, thanks. He is having to use the jan copy to regression test. Could you provide me a link to the cvs patch that fixed it so he can download it and apply it to the jan copy, since he is doing a regression test? That way he can have a proper test.
Mike Hearn <[EMAIL PROTECTED]> Fix heap corruption in quartz server registration, add some whitespace, break out of loop if out of memory
--- dlls/quartz/regsvr.c (revision 109)
+++ dlls/quartz/regsvr.c (local)
@@ -577,7 +577,6 @@ static HRESULT register_filters(struct r
IFilterMapper2* pFM2 = NULL;CoInitialize(NULL);
- hr = CoCreateInstance(&CLSID_FilterMapper2, NULL, CLSCTX_INPROC_SERVER, &IID_IFilterMapper2, (LPVOID*)&pFM2);
if (SUCCEEDED(hr)) {
@@ -585,6 +584,7 @@ static HRESULT register_filters(struct r
REGFILTER2 rf2;
REGFILTERPINS2* prfp2;
int i;
+
for (i = 0; list->pins[i].flags != 0xFFFFFFFF; i++) ;
rf2.dwVersion = 2;
rf2.dwMerit = list->merit;
@@ -598,6 +598,7 @@ static HRESULT register_filters(struct r
REGPINTYPES* lpMediatype;
CLSID* lpClsid;
int j, nbmt;
+ for (nbmt = 0; list->pins[i].mediatypes[nbmt].majortype; nbmt++) ;
/* Allocate a single buffer for regpintypes struct and clsids */
lpMediatype = (REGPINTYPES*) CoTaskMemAlloc(nbmt*(sizeof(REGPINTYPES) + 2*sizeof(CLSID)));
@@ -627,10 +628,17 @@ static HRESULT register_filters(struct r
prfp2[i].clsPinCategory = NULL;
}
+ if (FAILED(hr)) {
+ ERR("failed to register with hresult 0x%lx\n", hr);
+ break;
+ }
+
hr = IFilterMapper2_RegisterFilter(pFM2, list->clsid, list->name, NULL,
list->category, NULL, &rf2);- while (i--)
+ while (i) {
CoTaskMemFree((REGPINTYPES*)prfp2[i-1].lpMediaType);
+ i--;
+ }
CoTaskMemFree(prfp2);
}
}