[Bug 17096] Visual C++ 2005 Trial can't build project, complains when starting mspdbsrv

wine-bugs at winehq.org wine-bugs at winehq.org
Thu Feb 5 17:09:48 CST 2009 

http://bugs.winehq.org/show_bug.cgi?id=17096


Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |focht at gmx.net




--- Comment #2 from Anastasius Focht <focht at gmx.net>  2009-02-05 17:09:48 ---
Hello,

--- quote ---
MSPDBSRV: fatal error: Unable to start server: server already exist
--- quote ---

Looks like GetUserNameExW() is the first problem here.
It needs to return something useful.

--- snip ---
...
0036:Call secur32.GetUserNameExW(00000002,00000000,0033d924) ret=10314c28
0036:fixme:secur32:GetUserNameExW 2 (nil) 0x33d924
0036:Ret  secur32.GetUserNameExW() retval=00000000 ret=10314c28
0036:Call KERNEL32.GetLastError() ret=10314c2e
0036:Ret  KERNEL32.GetLastError() retval=00000000 ret=10314c2e
...
0036:Call version.GetFileVersionInfoSizeW(0033e78c L"C:\\Program
Files\\Microsoft Visual Studio 8\\Common7\\ide\\mspdbsrv.exe",0033d374)
ret=10314f3e
0036:Call KERNEL32.GetModuleHandleExW(00000000,0033e78c,0033d200) ret=65b15c77
0036:Ret  KERNEL32.GetModuleHandleExW() retval=00000000 ret=65b15c77
0036:Call KERNEL32.LoadLibraryExW(0033e78c L"C:\\Program Files\\Microsoft
Visual Studio 8\\Common7\\ide\\mspdbsrv.exe",00000000,00000002) ret=65b15c99
0036:Ret  KERNEL32.LoadLibraryExW() retval=00750001 ret=65b15c99
...
0036:Call KERNEL32.CreateProcessW(0033e78c L"C:\\Program Files\\Microsoft
Visual Studio 8\\Common7\\ide\\mspdbsrv.exe",0033e994 L"mspdbsrv.exe -start
-spawn",00000000,00000000,00000000,00000008,00000000,0033e584 L"C:\\Program
Files\\Microsoft Visual Studio 8\\Common7\\ide\\",0033d324,0033e9fc)
ret=1031505d
...
0036:trace:process:CreateProcessW started process pid 0038 tid 0039
0036:Ret  KERNEL32.CreateProcessW() retval=00000001 ret=1031505d 
--- snip ---

MSDN: http://msdn.microsoft.com/en-us/library/ms724435.aspx

With current user name returned (GetUserNameW seems sufficient when
"NameSamCompatible" is requested) it goes a little further just to unearth a
wineserver file security (SID) misconception.

The IDE creates a temporary command file for compiler (cl.exe) run.
"response file" -> *.rsp 

--- snip ---
002e:Call KERNEL32.CreateFileW(00f5fad0
L"c:\\test\\Debug\\RSP000001846.rsp",00000000,00000000,00000000,00000003,00000000,00000000)
ret=5aee09d3
002e:trace:ntdll:NtCreateFile handle=0x7ddb29f0 access=00000000
name=L"\\??\\C:\\test\\Debug\\RSP000001846.rsp" objattr=00000040 root=(nil)
sec=(nil) io=0x7ddb29f4 alloc_size=(nil)
attr=00000000 sharing=00000000 disp=1 options=00000050 ea=(nil).0x00000000
002e:warn:ntdll:NtCreateFile L"\\??\\C:\\test\\Debug\\RSP000001846.rsp" not
found (c0000034)
002e:Ret  KERNEL32.CreateFileW() retval=ffffffff ret=5aee09d3 
...
002e:Call KERNEL32.LoadLibraryExW(00f5a5d8
L"C:\\windows\\system32\\secur32.dll",00000000,00000008) ret=5aeef431
002e:Ret  KERNEL32.LoadLibraryExW() retval=60cc0000 ret=5aeef431
...
002e:Call KERNEL32.GetProcAddress(60cc0000,5aee1388 "GetUserNameExW")
ret=5aee1016
002e:Ret  KERNEL32.GetProcAddress() retval=60cc2670 ret=5aee1016
002e:Call secur32.GetUserNameExW(00000002,7ddb2cac,7ddb2c34) ret=5aee1041
002e:fixme:secur32:GetUserNameExW 2 0x7ddb2cac 0x7ddb2c34
002e:Call advapi32.GetUserNameW(7ddb2cac,7ddb2c34) ret=60cd1fbf
002e:Ret  advapi32.GetUserNameW() retval=00000001 ret=60cd1fbf
002e:Ret  secur32.GetUserNameExW() retval=00000001 ret=5aee1041
002e:Call ntdll.RtlAllocateHeap(00550000,00000000,00000100) ret=78134ce9
002e:Ret  ntdll.RtlAllocateHeap() retval=0e176dd8 ret=78134ce9
002e:Call advapi32.LookupAccountNameW(00000000,7ddb2cac
L"focht",7ddb2af8,7ddb2a64,0e176dd8,7ddb2a5c,7ddb2c98) ret=5aee1b0c
002e:fixme:advapi:LookupAccountNameW (null) L"focht" 0x7ddb2af8 0x7ddb2a64
0xe176dd8 0x7ddb2a5c 0x7ddb2c98 - stub
002e:trace:ntdll:RtlAllocateAndInitializeSid (0x7ddb290e,
0x0002,0x00000020,0x00000220,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x7ddb2908)
002e:trace:ntdll:RtlLengthSid sid=0xf4e768
002e:trace:ntdll:RtlLengthSid sid=0xf4e768
002e:trace:ntdll:RtlLengthSid sid=0xf4e768
002e:trace:ntdll:RtlLengthSid sid=0xf4e768
002e:trace:ntdll:RtlFreeSid (0xf4e768)
002e:Ret  advapi32.LookupAccountNameW() retval=00000001 ret=5aee1b0c
...
002e:Call advapi32.GetSidLengthRequired(00000002) ret=5aee1d09
002e:Ret  advapi32.GetSidLengthRequired() retval=00000010 ret=5aee1d09
002e:Call advapi32.InitializeSid(7ddb2ae0,5aee1dac,00000002) ret=5aee1d1e
002e:Ret  advapi32.InitializeSid() retval=00000001 ret=5aee1d1e
002e:Call advapi32.GetSidSubAuthority(7ddb2ae0,00000000) ret=5aee1d44
002e:Ret  advapi32.GetSidSubAuthority() retval=7ddb2ae8 ret=5aee1d44
002e:Call advapi32.GetSidSubAuthority(7ddb2ae0,00000001) ret=5aee1d44
002e:Ret  advapi32.GetSidSubAuthority() retval=7ddb2aec ret=5aee1d44
...
002e:Call advapi32.InitializeSecurityDescriptor(0e176c78,00000001) ret=5aee0ab2
002e:Ret  advapi32.InitializeSecurityDescriptor() retval=00000001 ret=5aee0ab2
...
002e:Call
advapi32.SetSecurityDescriptorDacl(0e176c78,00000001,0e176f38,00000000)
ret=5aee1a44
002e:Ret  advapi32.SetSecurityDescriptorDacl() retval=00000001 ret=5aee1a44
002e:Call KERNEL32.CreateFileW(00f5fad0
L"c:\\test\\Debug\\RSP000001846.rsp",40000000,00000000,7ddb2be4,00000002,00000100,00000000)
ret=5aee1113
002e:trace:ntdll:NtCreateFile handle=0x7ddb2a60 access=40000000
name=L"\\??\\C:\\test\\Debug\\RSP000001846.rsp" objattr=00000040 root=(nil)
sec=0xe176c78 io=0x7ddb2a64 alloc_size=(nil)
attr=00000100 sharing=00000000 disp=5 options=00000050 ea=(nil).0x00000000
002e:trace:ntdll:RtlGetSaclSecurityDescriptor
(0xe176c78,0x7ddb2824,0x7ddb2828,0x7ddb2823)
002e:trace:ntdll:RtlGetDaclSecurityDescriptor
(0xe176c78,0x7ddb2825,0x7ddb282c,0x7ddb2823)
002e: create_file( access=40000000, attributes=00000040, sharing=00000000,
create=5, options=00000050, attrs=00000100,
objattr={rootdir=0000,sd={control=00000004,owner=<not present>,group=<not
present>,sacl={},dacl={{AceType=ACCESS_ALLOWED_ACE_TYPE,Mask=10000000,AceFlags=0,Sid={S-1-5-32-544}},{AceType=ACCESS_ALLOWED_ACE_TYPE,Mask=10000000,AceFlags=0,Sid={S-1-5-32-544}}}},name=L""},
filename="/home/focht/.wine/dosdevices/c:/test/Debug/RSP000001846.rsp" )
002e: create_file() = 0 { handle=05e4 } 
--- snip ---

Two "access allowed" ACEs are present in security descriptor, SID:
"S-1-5-32-544" -> "Administrators" (GetUserNameExW -> LookupAccountNameW ->
default Admin SID) and GENERIC_ALL access.
Owner and group are not set in SD.

Later, file access fails which blocks the build/compiler run:

--- snip ---
....
0031:Call KERNEL32.CreateFileW(00531190
L"c:\\test\\Debug\\RSP000001846.rsp",80000000,00000003,0033fba8,00000003,00000080,00000000)
ret=781657d7
0031:trace:ntdll:NtCreateFile handle=0x33fa90 access=80000000
name=L"\\??\\C:\\test\\Debug\\RSP000001846.rsp" objattr=00000042 root=(nil)
sec=(nil) io=0x33fa94 alloc_size=(nil)
attr=00000080 sharing=00000003 disp=1 options=00000050 ea=(nil).0x00000000
0031: create_file( access=80000000, attributes=00000042, sharing=00000003,
create=1, options=00000050, attrs=00000080,
objattr={rootdir=0000,sd={},name=L""},
filename="/home/focht/.wine/dosdevices/c:/test/Debug/RSP000001846.rsp" )
0031: create_file() = ACCESS_DENIED { handle=0000 }
0031:Ret  KERNEL32.CreateFileW() retval=ffffffff ret=781657d7 
...
--- snip ---

--- snip ---
[Debug]$ ls -lsa
total 40
...
 8 -rw-rw-r-- 1 focht focht  6084 2009-02-05 21:27 BuildLog.htm
 4 ---------- 1 focht focht   462 2009-02-05 21:27 RSP000001846.rsp
 4 ---------- 1 focht focht   822 2009-02-05 21:27 RSP000002846.rsp
...
--- snip ---

When a security descriptor is supplied with create_file(), wineserver looks at
the owner and if not present, it retrieves the SID from current user process
token.
The (default) "interactive" SID is the one returned, leading to following
problem...

When wineserver translates the security descriptor to appropriate mode bits
(sd_to_mode), it loops through ACEs, in this case two (identical) "access
allowed" ACEs of admin SID.
Due to SID mismatch (neither "world" nor "owner" SID), no mode bits are
actually set with the result seen above.

The next problem is mspdb client trying to establish secure RPC (NTLM auth) to
mspdbsrv.exe server (GetUserNameExW needed).
No password is given hence it fails while trying to retrieve cached credentials
if winbind/samba is not properly set up.
You could patch ntlm_InitializeSecurityContextW() to fall back to empty passwd
again (which was the case some time ago).

Regards


-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list