Commit in reactos/lib/user32/windows on MAIN
messagebox.c+15-101.29 -> 1.30
MessageBoxIndirectA() should check whether the MB_USERICON bit was set, otherwise in case the lpszIcon field of the MSGBOXPARAMS structure, the application passed to it, was never initialized and is not being interpreted as an atom, it takes this random pointer and tries to convert the string inside it to unicode - which might cause an exception. it solves a problem with winzip hardon discovered.
The bug also exists in wine but doesn't appear to arise.
reactos/lib/user32/windows
messagebox.c 1.29 -> 1.30
diff -u -r1.29 -r1.30
--- messagebox.c	19 Nov 2004 19:34:11 -0000	1.29
+++ messagebox.c	12 Dec 2004 20:40:06 -0000	1.30
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: messagebox.c,v 1.29 2004/11/19 19:34:11 weiden Exp $

+/* $Id: messagebox.c,v 1.30 2004/12/12 20:40:06 weiden Exp $

  *
  * PROJECT:         ReactOS user32.dll
  * FILE:            lib/user32/windows/messagebox.c

@@ -739,17 +739,22 @@

     else
         captionW.Buffer = (LPWSTR)lpMsgBoxParams->lpszCaption;
 

-    if (HIWORD((UINT)lpMsgBoxParams->lpszIcon))

+    if(lpMsgBoxParams->dwStyle & MB_USERICON)

     {

-        RtlCreateUnicodeStringFromAsciiz(&iconW, (PCSZ)lpMsgBoxParams->lpszIcon);
-        /*
-         * UNICODE_STRING objects are always allocated with an extra byte so you
-         * can null-term if you want
-         */
-        iconW.Buffer[iconW.Length / sizeof(WCHAR)] = L'\0';

+        if (HIWORD((UINT)lpMsgBoxParams->lpszIcon))
+        {
+            RtlCreateUnicodeStringFromAsciiz(&iconW, (PCSZ)lpMsgBoxParams->lpszIcon);
+            /*
+             * UNICODE_STRING objects are always allocated with an extra byte so you
+             * can null-term if you want
+             */
+            iconW.Buffer[iconW.Length / sizeof(WCHAR)] = L'\0';
+        }
+        else
+            iconW.Buffer = (LPWSTR)lpMsgBoxParams->lpszIcon;

     }
     else

-        iconW.Buffer = (LPWSTR)lpMsgBoxParams->lpszIcon;

+        iconW.Buffer = NULL;

 
     msgboxW.cbSize = sizeof(msgboxW);
     msgboxW.hwndOwner = lpMsgBoxParams->hwndOwner;

@@ -770,7 +775,7 @@

     if (HIWORD((UINT)lpMsgBoxParams->lpszCaption))
         RtlFreeUnicodeString(&captionW);
 

-    if (HIWORD((UINT)lpMsgBoxParams->lpszIcon))

+    if ((lpMsgBoxParams->dwStyle & MB_USERICON) && HIWORD((UINT)iconW.Buffer))

         RtlFreeUnicodeString(&iconW);
 
     return ret;
CVSspam 0.2.8