[NTOBJSHEX] Return early from GetInfoFromPidl when pcidl is null in LPCITEMIDLIST

[muthu90tech]

Purpose

This fixes crash when attempting to drag n drop items from NTObject Namespace and System Registry.

Do a quick recap of your work here.

JIRA issues: CORE-18480, CORE-18481

Proposed changes

Perform a null check in GetInfoFromPidel on mkid in LPCITEMIDLIST

avoid_drag_drop_crash.mp4

(refer video, no more crash)

[ghost]

lgtm as based on my patch.

[learn-more]

This is a very unreadable way of checking pcidl for null, please do that instead.

[JoachimHenze]

This is a very unreadable way of checking pcidl for null, please do that instead.

?
Wouldn't he need to check "pcidl->mkid" for being NULL instead?
If pcidl was indeed NULL, then his code would not work, but crash due to null-dereference already. Which is obviously not the case.

If he was to check something else than entry, then it would also make sense to move up the check.

But honestly I do not really understand your request yet, Mark.

[learn-more]

This is a very unreadable way of checking pcidl for null, please do that instead.

? Wouldn't he need to check "pcidl->mkid" for being NULL instead? If pcidl was indeed NULL, then his code would not work, but crash due to null-dereference already.

No, checking pcidl->mkid is also wrong if pcidl is null.

Which is obviously not the case.

Think again.

If he was to check something else than entry, then it would also make sense to move up the check.

indeed.

But honestly I do not really understand your request yet, Mark.

I am unsure what is unclear about 'xxx' is an unreadable way of doing 'yyy', please do 'yyy' instead.

If the pointer math is confusing to you, try it out with a char* array on something like https://godbolt.org/

[muthu90tech]

This is a very unreadable way of checking pcidl for null, please do that instead.

? Wouldn't he need to check "pcidl->mkid" for being NULL instead? If pcidl was indeed NULL, then his code would not work, but crash due to null-dereference already.

No, checking pcidl->mkid is also wrong if pcidl is null.

The GetInfoFromPidl(pidl, &info) gets called only if pidl in not null. Please see: https://github.com/reactos/reactos/blob/master/dll/shellext/ntobjshex/regfolder.cpp#L191

So pcidl in GetInfoFromPidl can not be null.

[learn-more]

This is a very unreadable way of checking pcidl for null, please do that instead.

? Wouldn't he need to check "pcidl->mkid" for being NULL instead? If pcidl was indeed NULL, then his code would not work, but crash due to null-dereference already.

No, checking pcidl->mkid is also wrong if pcidl is null.

The GetInfoFromPidl(pidl, &info) gets called only if pidl in not null. Please see: https://github.com/reactos/reactos/blob/master/dll/shellext/ntobjshex/regfolder.cpp#L191

You have checked just one invocation:
https://git.reactos.org/?p=reactos.git&a=search&h=HEAD&st=grep&sr=1&s=GetInfoFromPidl

So pcidl in GetInfoFromPidl can not be null.

Clearly it is being called with null, otherwise your check would not catch it either.

[muthu90tech]

This is a very unreadable way of checking pcidl for null, please do that instead.

? Wouldn't he need to check "pcidl->mkid" for being NULL instead? If pcidl was indeed NULL, then his code would not work, but crash due to null-dereference already.

No, checking pcidl->mkid is also wrong if pcidl is null.

The GetInfoFromPidl(pidl, &info) gets called only if pidl in not null. Please see: https://github.com/reactos/reactos/blob/master/dll/shellext/ntobjshex/regfolder.cpp#L191

You have checked just one invocation: https://git.reactos.org/?p=reactos.git&a=search&h=HEAD&st=grep&sr=1&s=GetInfoFromPidl

So pcidl in GetInfoFromPidl can not be null.

Clearly it is being called with null, otherwise your check would not catch it either.

Ok how about checking if pcidl is not null before checking pcidl->mkid in GetInfoFromPidl?

Like:

if (!pcidl)
{
    DbgPrint("PCIDL is NULL\n");
    return E_INVALIDARG;
}

[HBelusca]

OK; if pcidl is NULL then wouldn't this mean the GetInfoFromPidl function is called "incorrectly"? (if it's not expected to have either of its parameters being NULL)

[HBelusca]

Suggested change

[HBelusca]

Suggested change

[learn-more]

This check is completely useless.

[ghost]

I confirm that this check is not needed now that the preceeding check has been added (compiled and tested, crash is correctly protected). @muthu90tech : I suggest/support to remove this second useless check as suggested by Mark.

[learn-more]

Same here, this check is completely useless

[ghost]

I confirm that this check is not needed now that the preceeding check has been added (compiled and tested, crash is correctly protected). @muthu90tech : I suggest/support to remove this second useless check as suggested by Mark.

[learn-more]

This is still a convoluted way of writing NtPidlEntry * entry = (NtPidlEntry*)pcidl;,
but whatever.

[ghost]

3 approved. Ready for merge ?