From: Nikolay Sivov <nsivov@codeweavers.com>
Subject: Re: [PATCH] msxml3: Null check url in parseURL.
Message-Id: <41ab25ca-f9bb-3aa9-9f13-3dfa341b136a@codeweavers.com>
Date: Tue, 15 Jun 2021 10:36:54 +0300
In-Reply-To: <4530cb5e-ce6d-0a97-0d9f-da919bf3409d@aoeu2code.com>
References: <4530cb5e-ce6d-0a97-0d9f-da919bf3409d@aoeu2code.com>

> @@ -2745,6 +2745,8 @@ static HRESULT internal_parseURL(
>  
>      TRACE("(%p)->(%s)\n", This, debugstr_w(url));
>  
> +    if (!url) return E_INVALIDARG;
> +
>      hr = create_moniker_from_url(url, &mon);
>      if(FAILED(hr))
>          return hr;
This is used in IVB* interface too, which is not tested.

> +        /* crashes on new versions */
> +        if (IsEqualGUID(table->clsid, &CLSID_SAXXMLReader) ||
> +            IsEqualGUID(table->clsid, &CLSID_SAXXMLReader30)) {
> +            hr = ISAXXMLReader_parseURL(reader, NULL);
> +            EXPECT_HR(hr, E_INVALIDARG);
> +        }
> +
We might want to do the same, there is a 'version' field to account for
that.