Subject: [Boost-bugs] [Boost C++ Libraries] #5306: get_wmi_class_attribute crashes
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2011-03-14 14:44:38
#5306: get_wmi_class_attribute crashes
-------------------------------+--------------------------------------------
Reporter: habdank@… | Owner: igaztanaga
Type: Bugs | Status: new
Milestone: To Be Determined | Component: interprocess
Version: Boost 1.45.0 | Severity: Showstopper
Keywords: |
-------------------------------+--------------------------------------------
Dears,
Independently of #4895, #5120 and #4350 there is yet another bug in
function:
inline bool get_wmi_class_attribute( std::wstring& strValue, const wchar_t
*wmi_class, const wchar_t *wmi_class_var)
in the file:
boost\interprocess\detail\win32_api.hpp
The problem is that at the end of function there is a sequence:
pIWbemLocator->Release();
pWbemServices->Release();
pEnumObject->Release();
pClassObject->Release();
But there is no guarantee that pClassObject != NULL especially that it is
initilized to be NULL and then perhaps modification is made in:
pEnumObject->Next( WBEM_INFINITE_IG, uCount, &pClassObject, &uReturned )
but under some conditions pClassObject remains NULL and then
pClassObject->Release();
crashes with memory violation error.
Obviously when pClassObject == NULL then pClassObject->Release();
dereferences NULL pointer.
My honest suggestion would be to carefully track all execution paths
in that function to observe its complete behavior.
I would appreciate to get patch for that problem.
Temporarily I could patch myself, but that will have limited focus,
as I have no big picture.
Best regards,
Seweryn Habdank-Wojewodzki.
-- Ticket URL: <https://svn.boost.org/trac/boost/ticket/5306> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-02-16 18:50:05 UTC