1
Vote

MapiStubLibrary can crash if Mapi32.dll has been overwritten

description

On line 149 of StubUtils.cpp, GetProcAddress( "FGetComponentPath") is called on the version of Mapi32.dll in the system path. Our customer must have had some other vendor's software installed that replaced the system copy at some point, but that's not all that uncommon, as I recall. This rogue copy of Mapi32.dll didn't export FGetComponentPath, so GetProcAddress failed. However, on line 150, the result of GetProcAddress is blindly called without verifying that GetProcAddress succeeded, which can result in a crash. Adding an if statement fixed the crash and allowed the search logic to continue, eventually finding the right MAPI implementation.

if (hMapiStub)
{
    FGetComponentPathType pFGetCompPath = (FGetComponentPathType)GetProcAddress(hMapiStub, SzFGetComponentPath);
    if (pFGetCompPath)
        fReturn = pFGetCompPath(szComponent, szQualifier, szDllPath, cchBufferSize, fInstall);
    FreeLibrary(hMapiStub);
}

comments