From 0920f8e7780ae9b495c9e254d8d529578f5c60e1 Mon Sep 17 00:00:00 2001
From: Eric Pouech <eric.pouech@orange.fr>
Date: Mon, 21 Jan 2008 22:06:11 +0100
Subject: [PATCH] msvcrt: symbol undecoration: Really check that we get a
 template string before making use of it.

---
 dlls/msvcrt/tests/cpp.c |  1 +
 dlls/msvcrt/undname.c   | 13 ++++++++-----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/dlls/msvcrt/tests/cpp.c b/dlls/msvcrt/tests/cpp.c
index 85544c04a6..2788a5672b 100644
--- a/dlls/msvcrt/tests/cpp.c
+++ b/dlls/msvcrt/tests/cpp.c
@@ -984,6 +984,7 @@ static void test_demangle(void)
 {"?$AAA@$DBAB@", "AAA<`template-parameter257'>"},
 {"?$AAA@$D?4@", "AAA<`template-parameter-5'>"},
 {"?$AAA@PAUBBB@@", "AAA<struct BBB *>"},
+{"??$ccccc@PAVaaa@@@bar@bb@foo@@DGPAV0@PAV0@PAVee@@IPAPAVaaa@@1@Z", "private: static class bar * __stdcall foo::bb::bar::ccccc<class aaa *>(class bar *,class ee *,unsigned int,class aaa **,class ee *)"},
     };
     int i, num_test = (sizeof(test)/sizeof(test[0]));
     char* name;
diff --git a/dlls/msvcrt/undname.c b/dlls/msvcrt/undname.c
index d88cf79c55..dfc2241409 100644
--- a/dlls/msvcrt/undname.c
+++ b/dlls/msvcrt/undname.c
@@ -538,8 +538,8 @@ static BOOL get_class(struct parsed_symbol* sym)
             if (*++sym->current == '$') 
             {
                 sym->current++;
-                name = get_template_name(sym);
-                str_array_push(sym, name, -1, &sym->names);
+                if ((name = get_template_name(sym)))
+                    str_array_push(sym, name, -1, &sym->names);
             }
             break;
         default:
@@ -1292,17 +1292,17 @@ static BOOL symbol_demangle(struct parsed_symbol* sym)
             str_array_push(sym, function_name, -1, &sym->stack);
             break;
         }
-        sym->stack.start = 1;
     }
     else if (*sym->current == '$')
     {
         /* Strange construct, it's a name with a template argument list
            and that's all. */
         sym->current++;
-        sym->result = get_template_name(sym);
-        ret = TRUE;
+        ret = (sym->result = get_template_name(sym)) != NULL;
         goto done;
     }
+    else if (*sym->current == '?' && sym->current[1] == '$')
+        do_after = 5;
 
     /* Either a class name, or '@' if the symbol is not a class member */
     switch (*sym->current)
@@ -1331,6 +1331,9 @@ static BOOL symbol_demangle(struct parsed_symbol* sym)
     case 3:
         sym->flags &= ~UNDNAME_NO_FUNCTION_RETURNS;
         break;
+    case 5:
+        sym->names.start = 1;
+        break;
     }
 
     /* Function/Data type and access level */