Skip to content

Bug | Uninitialized Pointers in Dialog Result Array #147

Closed
#257
Closed
Bug | Uninitialized Pointers in Dialog Result Array#147
#257
Assignees
freakdaniel
Labels
InfiniFrame.NativebugSomething isn't working
@AnnaSasDev

Description

@AnnaSasDev
AnnaSasDev
opened on Apr 5, 2026

Severity

Critical (crash, data loss)

Describe the bug

Location: src/InfiniFrame.Native/Platform/Windows/Dialog.cpp:231-246, src/InfiniFrame.Native/Exports.cpp:653-656.
GetResults allocates new wchar_t*[count] but only initializes entries when GetItemAt and GetDisplayName(SIGDN_FILESYSPATH) both succeed. Failed entries remain uninitialized. InfiniFrame_FreeStringArray later frees all count entries unconditionally, including uninitialized pointers.

Steps to reproduce

  1. Use ShowOpenFile/ShowOpenFolder and select at least one item where SIGDN_FILESYSPATH fails.
  2. Receive result array/count from native code.
  3. Call InfiniFrame_FreeStringArray(values, count).

Expected behavior

Each returned entry is valid or null; freeing array is always safe.

Actual behavior

Uninitialized entries are freed, causing invalid memory access/free.

Logs / Error Output

Dialog.cpp: result[i] only assigned inside SUCCEEDED(GetDisplayName)
Exports.cpp: FreeStringArray frees every values[i] for i < count

Minimal reproduction

int count = 0;
AutoString* values = InfiniFrame_ShowOpenFile(..., &count);
InfiniFrame_FreeStringArray(values, count); // may free garbage pointers

.NET Version

No response

Project Version / Commit

No response

Operating System

No response

Checklist

  • I searched existing issues
  • I can reproduce this consistently
  • I included logs and/or a reproduction

Metadata

Metadata

Assignees

Labels

InfiniFrame.NativebugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions