wxWidgets and memory allocation failures.

[Jurko Gospodnetić]

   Hi.

> JG>    :-((( heh... actually I think it cause something worse than 'a 
> JG> crash'. One can expect applications to be written so that they do not 
> JG> corrupt their data in case they get terminated forcibly (power 
> JG> failure?), but there is no way to make applications safe if wxWidgets 
> JG> starts writing over memory not allocated to its objects.
> 
>  I'm not sure how is this supposed to happen. Dereferencing a NULL pointer
> seems much more likely.

   The situation I saw was in the wxString::Append( wxChar, size_t ) 
operation. It calls the wxStringBase::append( size_t, wxChar ) member 
function which, if memory allocation fails in release mode, simply 
ignores the problem and goes on to do the following:

     // len is the original string length.
     // n is the number of characters to be appended.
     GetStringData()->nDataLength = len + n;
     m_pchData[len + n] = '\0';
     for ( size_t i = 0; i < n; ++i )
         m_pchData[len + i] = ch;

   effectively writing characters beyond the end of the allocated buffer.

   All this is related to the wxWidgets sources found in the 2.8.3 
release: $Id: string.cpp,v 1.289 2007/01/07 16:17:25 VZ Exp $.

   Hope this helps...

   Best regards,
     Jurko Gospodnetić