[Bug 27172] New: Some msvcrt string functions incorrectly return status from 'safe' versions (Corel Draw 12 demo installer fails)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sun May 15 05:14:35 CDT 2011
http://bugs.winehq.org/show_bug.cgi?id=27172
Summary: Some msvcrt string functions incorrectly return status
from 'safe' versions (Corel Draw 12 demo installer
fails)
Product: Wine
Version: 1.3.20
Platform: x86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: msvcrt
AssignedTo: wine-bugs at winehq.org
ReportedBy: focht at gmx.net
Hello,
while revisiting bug 4971 I noticed a potential regression ...
--- snip ---
005c:Ret PE DLL (proc=0x110c8ac,module=0x1100000
L"MSICrlPCU.dll",reason=PROCESS_ATTACH,res=(nil)) retval=1
005c:Ret KERNEL32.LoadLibraryA() retval=01100000 ret=010c2f22
005c:Call KERNEL32.GetProcAddress(01100000,010dbb48 "AcquireKey") ret=010c2f34
005c:Ret KERNEL32.GetProcAddress() retval=01101d10 ret=010c2f34
...
005c:Call KERNEL32.CreateFileW(01121ba0
L"C:\\users\\focht\\Temp\\Corel\\84ACAA88-5FD7-411D-81F6-24407CE7C94A\\Programs\\DR12.dta",80000000,00000001,00000000,00000003,00000080,00000000)
ret=01102ad7
005c:Ret KERNEL32.CreateFileW() retval=0000001c ret=01102ad7
005c:Call KERNEL32.GetFileSize(0000001c,00000000) ret=01102b32
005c:Ret KERNEL32.GetFileSize() retval=00000068 ret=01102b32
005c:Call KERNEL32.ReadFile(0000001c,009add08,00000068,009add04,00000000)
ret=01102b55
005c:Ret KERNEL32.ReadFile() retval=00000001 ret=01102b55
005c:Call KERNEL32.CloseHandle(0000001c) ret=01102b5c
005c:Ret KERNEL32.CloseHandle() retval=00000001 ret=01102b5c
005c:Call msvcrt._strupr(009add0c "DR12WTX-1740841-KCM") ret=01102b8c
005c:Ret msvcrt._strupr() retval=00000000 ret=01102b8c
005c:trace:seh:raise_exception code=c0000005 flags=0 addr=0x1102b95 ip=01102b95
tid=005c
005c:trace:seh:raise_exception info[0]=00000000
005c:trace:seh:raise_exception info[1]=00000000
005c:trace:seh:raise_exception eax=00000000 ebx=0000000a ecx=00000000
edx=01121eb8 esi=01121ba0 edi=0000001c
005c:trace:seh:raise_exception ebp=7b820890 esp=009adcdc cs=0073 ds=007b
es=007b fs=0033 gs=003b flags=00010202
005c:trace:seh:call_vectored_handlers calling handler at 0x68e827aa
code=c0000005 flags=0
005c:trace:seh:call_vectored_handlers handler at 0x68e827aa returned 0
--- snip ---
App code:
--- snip ---
00DC2B66 8D4424 54 LEA EAX,[ESP+54]
00DC2B6A 8D96 14020000 LEA EDX,[ESI+214]
00DC2B70 8BC8 MOV ECX,EAX
00DC2B72 83C4 04 ADD ESP,4
00DC2B75 2BD1 SUB EDX,ECX
00DC2B77 8A08 MOV CL,BYTE PTR DS:[EAX]
00DC2B79 880C02 MOV BYTE PTR DS:[EAX+EDX],CL
00DC2B7C 40 INC EAX
00DC2B7D 84C9 TEST CL,CL
00DC2B7F ^ 75 F6 JNE SHORT 00DC2B77
00DC2B81 8D5424 30 LEA EDX,[ESP+30]
00DC2B85 52 PUSH EDX
00DC2B86 FF15 7487DD00 CALL DWORD PTR DS:[<&MSVCR71._strupr>]
00DC2B8C 83C4 04 ADD ESP,4
00DC2B8F 8D96 18030000 LEA EDX,[ESI+318]
00DC2B95 8A08 MOV CL,BYTE PTR DS:[EAX]
00DC2B97 40 INC EAX
00DC2B98 880A MOV BYTE PTR DS:[EDX],CL
00DC2B9A 42 INC EDX
00DC2B9B 84C9 TEST CL,CL
00DC2B9D ^ 75 F6 JNE SHORT 00DC2B95
--- snip ---
_strupr() is cdecl, return ptr value in EAX
--- snip dlls/msvcrt/string.c ---
int CDECL _strupr(char *str)
{
return _strupr_s_l(str, -1, NULL);
}
--- snip dlls/msvcrt/string.c ---
Because Wine returns/takes the status from 's' version instead of string ptr,
the app crashes.
MSDN: http://msdn.microsoft.com/en-us/library/sch3dy08.aspx
--- snip ---
Returns a pointer to the altered string. Because the modification is done in
place, the pointer returned is the same as the pointer passed as the input
argument. No return value is reserved to indicate an error.
--- snip ---
You might want to check others too (_strlwr ...).
BTW .. the serial is from trial, no harm ;-)
Regards
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list