win32all140 - WNDCLASS heap corruption in module win32gui
Alan Klietz
alank at NOSPAM.com
Sun Jan 6 04:43:40 EST 2002
While testing win32all140 with Python 2.2, I ran into a heap corruption
problem. After much searching I tracked it down to an assignment to a
WNDCLASS object's lpfnWndProc attribute. The problem is due to the wrong
member being DECREF'ed. It was freeing lpszClassName when it should have
been freeing lpfnWndProc.
*************** int PyWNDCLASS::setattr(PyObject *self,
*** 520,526 ****
return SetTCHAR(v, &pW->m_obClassName, &pW->m_WNDCLASS.lpszClassName);
}
if (strcmp("lpfnWndProc", name)==0) {
! Py_XDECREF(pW->m_obClassName);
if (!PyCallable_Check(v) && !PyDict_Check(v)) {
PyErr_SetString(PyExc_TypeError, "lpfnWndProc must be callable, or a
dictionary");
return -1;
--- 526,536 ----
return SetTCHAR(v, &pW->m_obClassName, &pW->m_WNDCLASS.lpszClassName);
}
if (strcmp("lpfnWndProc", name)==0) {
! //
! // BUG: Decrementing the wrong object!! - AEK
! //
! //Py_XDECREF(pW->m_obClassName);
! Py_XDECREF(pW->m_obWndProc); // AEK
if (!PyCallable_Check(v) && !PyDict_Check(v)) {
PyErr_SetString(PyExc_TypeError, "lpfnWndProc must be callable, or a
dictionary");
return -1;
Regards,
Alan Klietz
alank at algintech.NOSPAM.com (remove .NOSPAM)
More information about the Python-list
mailing list