When I load a picture with OleLoadPicture and then I try to get its dimensions with the get_Width and get_Height methods of IPicture, everything goes well unless.... the picture is not a valid image file. In this case the app freezes completely... In the app I'm working at, the user can create his own "image libraries (gif, jpg, bmp)", so I have to be careful for invalid picture files. The problem is that the get_Width & get_Height methods don't return an error, they just freeze my app... I have been thinking to manually check the image files for validity or to rely on SEH, but these don't seem ....eeemmm.... elegant solutions. Any ideas ?
Posted on 2002-10-30 02:38:04 by micmic
Did you check the hResult of OleLoadPicture? If it is not S_OK, then you have an invalid object reference you're calling the width method on.
Posted on 2002-10-30 22:56:52 by Ernie
The problem is that OleLoadPicture returns S_OK, so I have no way of checking...
Posted on 2002-10-31 01:44:42 by micmic
Dang... thats a huge problem.

Well, you can try to pre-check for proper file formats first ("BM" in the header, etc), but things can sneak thru that too.

How about the pvObj OleLoadPicture returns? Is it perhaps NULL for bad pictures?
Posted on 2002-11-03 08:43:28 by Ernie
OleLoadPicture stores a valid pointer, also. As far as I have seen, it could be called OleLoadAnythingYouWant :) I guess the getWidth method is exploited by reading an out-of-bounds value (a zero perhaps ?) where it should be reading a dimension... and apparently there is no bounds checking...
Posted on 2002-11-04 01:55:44 by micmic