[Bug 38422] SentriLock SentriCard utility installer 4.0.x crashes with arithmetic exception due to large input rect in 'GdipMeasureCharacterRanges'
wine-bugs at winehq.org
wine-bugs at winehq.org
Sun Oct 14 04:42:36 CDT 2018
https://bugs.winehq.org/show_bug.cgi?id=38422
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
URL|http://www.sentrilock.com/c |https://www.sentrilock.com/
|u/sentrilock/SentriCardUtil |updates/SentriCardUtilityIn
|ityInstaller-4.0.11.exe |staller-4.0.13.exe
Resolution|--- |FIXED
Summary|Arithmetic exception in |SentriLock SentriCard
|GdipMeasureCharacterRanges |utility installer 4.0.x
| |crashes with arithmetic
| |exception due to large
| |input rect in
| |'GdipMeasureCharacterRanges
| |'
Fixed by SHA1| |6b97abf930ac40dd9a668ec1fed
| |588fcefd192fb
CC| |focht at gmx.net
Status|UNCONFIRMED |RESOLVED
--- Comment #2 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
I can't reproduce this with recent Wine version.
https://www.sentrilock.com/files/
https://www.sentrilock.com/updates/SentriCardUtilityInstaller-4.0.18.exe
The most matching installer that is still for download (using version
substitution on the URL):
https://www.sentrilock.com/updates/SentriCardUtilityInstaller-4.0.13.exe
With that installer I could reproduce the problem with reported Wine version.
--- snip ---
$ wine --version
wine-1.7.39-2-g84005b8f60
--- snip ---
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/SentriCardUtility
$ WINEDEBUG=+tid,+seh,+relay,+gdiplus wine ./CardUtility.exe >>log.txt 2>&1
...
0023:Call gdiplus.GdipMeasureCharacterRanges(00173758,0016b33c
L"Groupbox",ffffffff,00173848,0033f01c,001736d8,00000001,00f838f8) ret=006ca213
0023:trace:gdiplus:GdipMeasureCharacterRanges (0x173758 L"Groupbox" -1 0x173848
(0.00,0.00,56.88,340282346638528859811704183484516925440.00) 0x1736d8 1
0xf838f8)
0023:Call gdi32.CreateCompatibleDC(00000000) ret=7c252895
0023:Ret gdi32.CreateCompatibleDC() retval=008c0042 ret=7c252895
0023:trace:gdiplus:GdipMeasureCharacterRanges may be ignoring some format
flags: attr 800
0023:trace:gdiplus:GdipTransformPoints (0x173758, 2, 0, 0x33eef8, 3)
0023:trace:gdiplus:GdipSetMatrixElements (0x33ee38, 1.00, 0.00, 0.00, 1.00,
0.00, 0.00)
0023:trace:gdiplus:GdipMultiplyMatrix (0x33ee38, 0x173798, 1)
0023:trace:gdiplus:GdipScaleMatrix (0x33ee38, 1.00, 1.00, 1)
0023:trace:gdiplus:GdipTransformMatrixPoints (0x33ee38, 0x33eef8, 3)
0023:Call gdi32.CreateCompatibleDC(00000000) ret=7c25219f
0023:Ret gdi32.CreateCompatibleDC() retval=00420045 ret=7c25219f
0023:trace:gdiplus:GdipTransformPoints (0x173758, 2, 0, 0x33edc0, 3)
0023:trace:gdiplus:GdipSetMatrixElements (0x33ed28, 1.00, 0.00, 0.00, 1.00,
0.00, 0.00)
0023:trace:gdiplus:GdipMultiplyMatrix (0x33ed28, 0x173798, 1)
0023:trace:gdiplus:GdipScaleMatrix (0x33ed28, 1.00, 1.00, 1)
0023:trace:gdiplus:GdipTransformMatrixPoints (0x33ed28, 0x33edc0, 3)
0023:Call gdi32.CreateFontIndirectW(0033ee14) ret=7c25236e
0023:Ret gdi32.CreateFontIndirectW() retval=00400044 ret=7c25236e
0023:Call gdi32.SelectObject(00420045,00400044) ret=7c25237f
0023:Ret gdi32.SelectObject() retval=0001001e ret=7c25237f
0023:Call gdi32.GetTextMetricsW(00420045,0033edd8) ret=7c252391
0023:Ret gdi32.GetTextMetricsW() retval=00000001 ret=7c252391
0023:Call gdi32.CreateFontIndirectW(0033ee14) ret=7c252448
0023:Ret gdi32.CreateFontIndirectW() retval=00500043 ret=7c252448
0023:Call gdi32.DeleteDC(00420045) ret=7c25245b
0023:Ret gdi32.DeleteDC() retval=00000001 ret=7c25245b
0023:Call gdi32.DeleteObject(00400044) ret=7c252461
0023:Ret gdi32.DeleteObject() retval=00000001 ret=7c252461
0023:Call gdi32.SelectObject(008c0042,00500043) ret=7c2526e0
0023:Ret gdi32.SelectObject() retval=0001001e ret=7c2526e0
0023:trace:gdiplus:GdipSetEmpty 0x1737f0
0023:Call ntdll.RtlAllocateHeap(00110000,00000008,00000012) ret=7c242d44
0023:Ret ntdll.RtlAllocateHeap() retval=00173828 ret=7c242d44
0023:trace:seh:raise_exception code=c0000090 flags=0 addr=0x7c24ca28
ip=7c24ca2b tid=0023
0023:trace:seh:raise_exception eax=0033eee8 ebx=7c2a2000 ecx=0033edc0
edx=00000038 esi=00000001 edi=00000000
0023:trace:seh:raise_exception ebp=0033ee68 esp=0033edd0 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010202
0023:trace:seh:call_stack_handlers calling handler at 0x6ca243 code=c0000090
flags=0
0023:trace:seh:call_stack_handlers handler at 0x6ca243 returned 1
...
0023:Call KERNEL32.MultiByteToWideChar(0000fde9,00000000,005d5a8c
"TText6",00000005,00f7946c,00000006) ret=0040da34
0023:Ret KERNEL32.MultiByteToWideChar() retval=00000005 ret=0040da34
0023:Call user32.LoadStringW(00400000,0000ff6b,0033b078,00001000) ret=0040d9d2
0023:Ret user32.LoadStringW() retval=00000018 ret=0040d9d2
0023:Call KERNEL32.RaiseException(0eedfade,00000001,00000007,0033d0ac)
ret=004b9264
0023:trace:seh:raise_exception code=eedfade flags=1 addr=0x7eba938b ip=7eba938b
tid=0023
0023:trace:seh:raise_exception info[0]=004b9264
0023:trace:seh:raise_exception info[1]=00f79400
0023:trace:seh:raise_exception info[2]=00eea820
0023:trace:seh:raise_exception info[3]=004b9496
0023:trace:seh:raise_exception info[4]=0033f300
0023:trace:seh:raise_exception info[5]=0033d0fc
0023:trace:seh:raise_exception info[6]=0033d0c8
0023:trace:seh:raise_exception eax=7eb97109 ebx=00000018 ecx=0033cff4
edx=0033d0ac esi=0033d0fc edi=0033d070
0023:trace:seh:raise_exception ebp=0033d048 esp=0033cfd4 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00000216
...
<exception stack overflow>
--- snip ---
It was fixed by commit
https://source.winehq.org/git/wine.git/commitdiff/6b97abf930ac40dd9a668ec1fed588fcefd192fb
("gdiplus: Handle large input rect in GdipMeasureCharacterRanges.")
Thanks Vincent
--- snip ---
$ git describe --contains 6b97abf930ac40dd9a668ec1fed588fcefd192fb | sed
's/~.*//'
wine-1.7.40
--- snip ---
$ sha1sum SentriCardUtilityInstaller-4.0.13.exe
2ab716e12f35ce12eea6a92f7e5b1e1e2b933e36 SentriCardUtilityInstaller-4.0.13.exe
$ du -sh SentriCardUtilityInstaller-4.0.13.exe
4.1M SentriCardUtilityInstaller-4.0.13.exe
$ wine --version
wine-3.18
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list