#638 TShellItem::GetTypeName accesses freed PIDL (regression in 6.32 [r867])

[Vidar Hasfjord]

In 6.32 [r867], I made a code change to fix an issue with alignment mismatch between LPITEMIDLIST and ITEMIDLIST* in TPidl and TShellItem. Unfortunately, I introduced a bug: My code converted a temporary TPidl to LPCITEMIDLIST (pointer to PIDL), which then immediately pointed to deallocated memory, as the temporary object destructed and freed the PIDL.

A fix for this issue has been committed on the trunk [r8690] and merged into Owlet [r8691]. I propose that it is also merged into the release branches (6.36, 6.44 and 7) in the next update.

Related issues

• There is another issue in GetTypeName: It should retrieve the fully qualified PIDL, as required by the SHGetFileInfo documentation. This bug has been fixed in Owlet [r8693]. It should be applicable to the trunk and release branches as well.
   
• For the trunk, I also propose that the return type for TShellItem::GetPidl is changed from TPidl (copy) to const TPidl& (reference) to avoid unnecessary copying and dangling references when (possibly implicitly) converted to LPITEMIDLIST. This change has been implemented in Owlet [r8692].

[Vidar Hasfjord]

The fix for this issue has now been merged into branches/7 [r8736] for release in OWLNext 7.0.21.

PS. @jogybl, consider releasing updates for 6.44 and 6.36 with this fix as well. Or change the milestone, if not.

Edit: The fix has now been merged into branches/6.44 [r8742] and branches/6.36 [r8744] for release in OWLNext 6.44.29 and 6.36.14, respectively. Thanks!

[Vidar Hasfjord]

Note that the related issues I mentioned in the ticket description remain unresolved. I’m not using these components anymore, so I won’t be filing separate tickets, but the information is here if someone with interest in TShellItem/TPidl wants to follow up.

Also see "Improve Shell abstractions" [feature-requests:#277].