"msi_dialog_list_box" in dlls/msi/dialog.c gets flagged by Michael
Stefaniuc's unfree-wine.pl script.
* As far as I can see, "info", allocated line 2203, is not used before
the return that leaks it (line 2214), neither in a direct nor an
indirect (macro) way. But maybe the "fail-fast" behaviour is intended
(because if allocation of "info" fails, there are chances the allocation
of "control" would fail, too) ?
* While looking at the source of the functions called by
"msi_dialog_list_box" to make sure they didn't use "info", I spotted a
call to msi_alloc, whose result is not checked. Therefore, the
subsequent lines may write to NULL+some_offset.
The patch contains only the fix for the latter problem, because I'm not
100% sure that the memory leak can be solved by moving the allocation of
info after the call to "msi_dialog_add_control", without ill side
effects (e.g. msi_dialog_add_control calls msi_dialog_create_window,
which calls CreateWindowExW).
2007-12-09 Lionel Debroux <[EMAIL PROTECTED]>
* dlls/msi/dialog.c:
msi: fix missing alloc check.
>From 86d6e2c265cff4c6bba9a3e7e5cd5f38f826cc99 Mon Sep 17 00:00:00 2001
From: Lionel Debroux <[EMAIL PROTECTED]>
Date: Sun, 9 Dec 2007 11:58:46 +0100
Subject: msi: fix missing alloc check.
---
dlls/msi/dialog.c | 75 +++++++++++++++++++++++++++-------------------------
1 files changed, 39 insertions(+), 36 deletions(-)
diff --git a/dlls/msi/dialog.c b/dlls/msi/dialog.c
index d0e91cd..871d7b2 100644
--- a/dlls/msi/dialog.c
+++ b/dlls/msi/dialog.c
@@ -409,46 +409,49 @@ static msi_control *msi_dialog_create_window( msi_dialog *dialog,
style |= WS_CHILD;
control = msi_alloc( sizeof *control + strlenW(name)*sizeof(WCHAR) );
- strcpyW( control->name, name );
- list_add_head( &dialog->controls, &control->entry );
- control->handler = NULL;
- control->property = NULL;
- control->value = NULL;
- control->hBitmap = NULL;
- control->hIcon = NULL;
- control->hDll = NULL;
- control->tabnext = strdupW( MSI_RecordGetString( rec, 11) );
- control->type = strdupW( MSI_RecordGetString( rec, 3 ) );
- control->progress_current = 0;
- control->progress_max = 100;
-
- x = MSI_RecordGetInteger( rec, 4 );
- y = MSI_RecordGetInteger( rec, 5 );
- width = MSI_RecordGetInteger( rec, 6 );
- height = MSI_RecordGetInteger( rec, 7 );
-
- x = msi_dialog_scale_unit( dialog, x );
- y = msi_dialog_scale_unit( dialog, y );
- width = msi_dialog_scale_unit( dialog, width );
- height = msi_dialog_scale_unit( dialog, height );
-
- if( text )
- {
- deformat_string( dialog->package, text, &title_font );
- font = msi_dialog_get_style( title_font, &title );
- }
+ if (control)
+ {
+ strcpyW( control->name, name );
+ list_add_head( &dialog->controls, &control->entry );
+ control->handler = NULL;
+ control->property = NULL;
+ control->value = NULL;
+ control->hBitmap = NULL;
+ control->hIcon = NULL;
+ control->hDll = NULL;
+ control->tabnext = strdupW( MSI_RecordGetString( rec, 11) );
+ control->type = strdupW( MSI_RecordGetString( rec, 3 ) );
+ control->progress_current = 0;
+ control->progress_max = 100;
+
+ x = MSI_RecordGetInteger( rec, 4 );
+ y = MSI_RecordGetInteger( rec, 5 );
+ width = MSI_RecordGetInteger( rec, 6 );
+ height = MSI_RecordGetInteger( rec, 7 );
+
+ x = msi_dialog_scale_unit( dialog, x );
+ y = msi_dialog_scale_unit( dialog, y );
+ width = msi_dialog_scale_unit( dialog, width );
+ height = msi_dialog_scale_unit( dialog, height );
+
+ if( text )
+ {
+ deformat_string( dialog->package, text, &title_font );
+ font = msi_dialog_get_style( title_font, &title );
+ }
- control->hwnd = CreateWindowExW( exstyle, szCls, title, style,
- x, y, width, height, parent, NULL, NULL, NULL );
+ control->hwnd = CreateWindowExW( exstyle, szCls, title, style,
+ x, y, width, height, parent, NULL, NULL, NULL );
- TRACE("Dialog %s control %s hwnd %p\n",
- debugstr_w(dialog->name), debugstr_w(text), control->hwnd );
+ TRACE("Dialog %s control %s hwnd %p\n",
+ debugstr_w(dialog->name), debugstr_w(text), control->hwnd );
- msi_dialog_set_font( dialog, control->hwnd,
- font ? font : dialog->default_font );
+ msi_dialog_set_font( dialog, control->hwnd,
+ font ? font : dialog->default_font );
- msi_free( title_font );
- msi_free( font );
+ msi_free( title_font );
+ msi_free( font );
+ }
return control;
}
--
1.5.3.4
