diff options
| author | Jan Kotas <jkotas@microsoft.com> | 2015-05-19 00:55:02 -0700 |
|---|---|---|
| committer | Jan Kotas <jkotas@microsoft.com> | 2015-05-19 00:55:02 -0700 |
| commit | 482fa683055ced70832b7c05ec7525add04ba4f5 (patch) | |
| tree | eedeeba368affbe3ae0b82542b3d4cdc2d931d23 /src | |
| parent | dcbc809202ff9017afbed25d1f7ae9348701639c (diff) | |
| download | coreclr-482fa683055ced70832b7c05ec7525add04ba4f5.tar.gz coreclr-482fa683055ced70832b7c05ec7525add04ba4f5.tar.bz2 coreclr-482fa683055ced70832b7c05ec7525add04ba4f5.zip | |
Fix potential null pointer dereference
Calling WriteFile with both lpOverlapped and lpNumberOfBytesWritten set to null is invalid combination on Windows 7
[tfs-changeset: 1472978]
Diffstat (limited to 'src')
| -rw-r--r-- | src/zap/zapimage.cpp | 4 | ||||
| -rw-r--r-- | src/zap/zapwriter.cpp | 5 |
2 files changed, 8 insertions, 1 deletions
diff --git a/src/zap/zapimage.cpp b/src/zap/zapimage.cpp index a7723c74d0..09e2b4dd9d 100644 --- a/src/zap/zapimage.cpp +++ b/src/zap/zapimage.cpp @@ -914,6 +914,10 @@ public: m_hasher.HashMore(pv, cb); + // We are calling with lpOverlapped == NULL so pcbWritten has to be present + // to prevent crashes in Win7 and below. + _ASSERTE(pcbWritten); + if (!::WriteFile(m_hFile, pv, cb, pcbWritten, NULL)) { hr = HRESULT_FROM_GetLastError(); diff --git a/src/zap/zapwriter.cpp b/src/zap/zapwriter.cpp index 2cd784b271..357aebdd32 100644 --- a/src/zap/zapwriter.cpp +++ b/src/zap/zapwriter.cpp @@ -388,8 +388,11 @@ void ZapWriter::WritePad(DWORD dwSize, BYTE fill) while (dwSize >= WRITE_BUFFER_SIZE) { + ULONG cbWritten; cbAvailable = min(WRITE_BUFFER_SIZE, dwSize); - IfFailThrow(m_pStream->Write(m_pBuffer, cbAvailable, NULL)); + IfFailThrow(m_pStream->Write(m_pBuffer, cbAvailable, &cbWritten)); + _ASSERTE(cbWritten == cbAvailable); + dwSize -= cbAvailable; } |