<span style="font-family:arial,helvetica,sans-serif; font-size:12px">Certainly not a "feature", but just that (certainly because it is only for user-mode AND the out pointer is not optional) the MS dev who introduced these functions didn't want to (or just more simply forgot to) not check for such NULL pointer.</span><br> <span style="font-family:arial,helvetica,sans-serif; font-size:12px">And thus, if you pass NULL, it's just your fault if your app crashes.</span><br> <span style="font-family:arial,helvetica,sans-serif; font-size:12px">And of course, since ReactOS also want to behave similarly... we don't check for NULL either!</span><br> <br> <span style="font-family:arial,helvetica,sans-serif; font-size:12px">H.</span> <div class="gl_quote" style="margin-top: 20px; padding-top: 5px;"> <div class="gl_quote" style="margin-top: 20px; padding-top: 5px;">De : xxxx<br> A : ros-dev(a)reactos.org&lt;br&gt; Envoyé: mardi 31 octobre 2017 16:10<br> Objet : Re: [ros-dev] [ros-diffs] [reactos] 01/01: CID 1206831 Dereference after null check<br> &nbsp; <div class="gl_quoted"> <div dir="ltr">Seems like this API has a 'feature' where by it throws exceptions if&nbsp;<span style="font-size:12.8px">BytesRead is null?</span></div> <div class="gmail_extra">&nbsp; <div class="gmail_quote">On Sun, Oct 29, 2017 at 8:02 AM, Jerome Gardou <span dir="ltr">&lt;<a href="mailto:jerome.gardou@reactos.org" target=&quot;_blank&quot;&gt;jerome.gardou(a)reactos.org&lt;/a&gt;&amp;gt;&lt;/span&gt; wrote: <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">HI,<br> <br> that doesn't look good, as shown by <a href="https://reactos.org/testman/compare.php?ids=56275,56276" rel="noreferrer" target="_blank">https://reactos.org/testman/co<wbr>mpare… <br> Jérôme<br> <br> <br> Le 29/10/2017 à 11:17, Samuel Serapion a écrit&nbsp;: <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><a href="https://git.reactos.org/?p=reactos.git;a=commitdiff;h=b3b2a23f05… rel="noreferrer" target="_blank">https://git.reactos.org/?p=rea<wbr>ctos.… <br> commit b3b2a23f05e5188dc1475961fcd7f0<wbr>36f0046d25<br> Author: Samuel Serapion &lt;<a href="mailto:samcharly@hotmail.com" target=&quot;_blank&quot;&gt;samcharly(a)hotmail.com&lt;/a&gt;&amp;gt;&lt;br&gt; AuthorDate: Fri Oct 20 14:00:32 2017 -0400<br> <br> &nbsp; &nbsp; &nbsp;CID 1206831 Dereference after null check<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; BytesRead is an optional out parameter and must be checked before being written to.<br> ---<br> &nbsp; sdk/lib/rtl/memstream.c | 3 ++-<br> &nbsp; 1 file changed, 2 insertions(+), 1 deletion(-)<br> <br> diff --git a/sdk/lib/rtl/memstream.c b/sdk/lib/rtl/memstream.c<br> index 0549424ca4..8fe4169fb1 100644<br> --- a/sdk/lib/rtl/memstream.c<br> +++ b/sdk/lib/rtl/memstream.c<br> @@ -185,7 +185,8 @@ RtlReadMemoryStream(<br> &nbsp; &nbsp; &nbsp; &nbsp; Stream-&gt;Current = (PUCHAR)Stream-&gt;Current + CopyLength;<br> &nbsp; -&nbsp; &nbsp; *BytesRead = CopyLength;<br> +&nbsp; &nbsp; if (BytesRead)<br> +&nbsp; &nbsp; &nbsp; &nbsp; *BytesRead = CopyLength;<br> &nbsp; &nbsp; &nbsp; &nbsp; return S_OK;<br> &nbsp; }<br> &nbsp;</blockquote> <br> <br> ______________________________<wbr>_________________<br> Ros-dev mailing list<br> <a href="mailto:Ros-dev@reactos.org" target=&quot;_blank&quot;&gt;Ros-dev(a)reactos.org&lt;/a&gt;&lt;br&gt; <a href="http://www.reactos.org/mailman/listinfo/ros-dev" rel="noreferrer" target="_blank">http://www.reactos.org/mailman<wbr>/list… </div> </div> <!-- PART SEPARATOR --><br> <br> <br> _______________________________________________<br> Ros-dev mailing list<br> Ros-dev(a)reactos.org&lt;br&gt; http://www.reactos.org/mailman/listinfo/ros-dev</div> <div class="gl_quoted">&nbsp;</div> </div> </div>