Ticket #116 (closed defect: fixed)
Invalid cast followed by crash in DepersistFromTransitionFormat
| Reported by: | jasper | Owned by: | jasper |
|---|---|---|---|
| Priority: | major | Milestone: | Maintenance of Phase II |
| Component: | Client Header Files | Version: | 1.2.0.9 |
| Keywords: | Cc: |
Description
The implementation of DepersistFromTransitionFormat?, in the COBIA.h C++ header file, contains an invalid cast, which leads to a wrong VTable on the returned transition format reader (the output argument of this function) which leads to a crash in instantation of a COBIA PMC that uses saved information from a COM PMC.
Change History
Note: See
TracTickets for help on using
tickets.
Old implementation
inline COBIA::CapeBoolean DepersistFromTransitionFormat(/*in*/ICapePersistReader *reader,/*out*/CapePersistReader &transitionFormat) { COBIA::ICapeInterface *output=nullptr; COBIA::CapeBoolean bres=COBIA_INTERNAL::COBIAFUNCTIONS::instance().cobiaDepersistFromTransitionFormat((COBIA::ICapeInterface*)reader,output,1,2); if ((bres)&&(output)) { ICapePersistReader *r=(ICapePersistReader *)output; transitionFormat=r; r->vTbl->base.release(r->me); } return bres; }This invalidly casts the returned output pointer to an ICapePersistReader *. The actual implementation of cobiaDepersistFromTransitionFormat performs a cast from the implementing object to ICapeInterface*, not to ICapePersistReader*.
COBIAPersistReader* reader=new COBIAPersistReader(node,COBIATEXT("")); transitionFormat=(COBIA::ICapeInterface*)reader;Correct implementation
inline COBIA::CapeBoolean DepersistFromTransitionFormat(/*in*/ICapePersistReader *reader,/*out*/CapePersistReader &transitionFormat) { COBIA::CapeInterface output; COBIA::CapeBoolean bres=COBIA_INTERNAL::COBIAFUNCTIONS::instance().cobiaDepersistFromTransitionFormat((COBIA::ICapeInterface*)reader,&output,1,2); if ((bres)&&(output)) { transitionFormat=output; } return bres; }