[Bug 45769] New: 0CC-FamiTracker etc. crashes after saving, due to AfxFormatString1(out=in)

wine-bugs at winehq.org wine-bugs at winehq.org
Tue Sep 4 05:58:05 CDT 2018 

https://bugs.winehq.org/show_bug.cgi?id=45769

            Bug ID: 45769
           Summary: 0CC-FamiTracker etc. crashes after saving, due to
                    AfxFormatString1(out=in)
           Product: Wine
           Version: 3.14
          Hardware: x86-64
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: -unknown
          Assignee: wine-bugs at winehq.org
          Reporter: jimbo1qaz at gmail.com
      Distribution: ---

0CC-FamiTracker 0.3.14.5 (http://hertzdevil.info/programs/0CCft_v0314r5.7z )
and my j0CC fork
(https://github.com/jimbo1qaz/j0CC-FamiTracker/releases/download/j0.6.0a/j0CC-Famitracker-j0.6.0a.exe
) crash after saving.

Confirmed on multiple machines including Ubuntu with 3.14 and 3.15, and a
Debian x64 VM with a .wine created under Debian version, and upgraded to 3.0.2.

Instructions:
- Open 0CC (and optionally open an existing file.
- Press Space (to enable editing) and mash the keyboard a bit to enter notes.
- Press Ctrl+S and specify a filename.
- Mash a few keys and press Ctrl+S a few times.

At this point 0CC will usually crash with an assertion error in CString, often
with a backtrace consisting of a single entry of 0x0. One time I got a
backtrace pointing to MFC UI code.

------------

I think this is a memory corruption issue arising from calling
`AfxFormatString1(text, IDS_FILE_SAVED, text);` with the same input and output
=
https://github.com/HertzDevil/0CC-FamiTracker/blob/v0.3.14.5/Source/FamiTrackerDoc.cpp#L701

But it doesn't crash on Windows. Is that a program bug or Wine bug?

- I think MFC is statically linked.

I thought it was a regression from some unknown earlier revision, but I
installed a Debian Stretch 64 VM, `apt-get install wine wine32`
(https://packages.debian.org/stretch/wine = 1.8.7-2), and `wine
0CC-FamiTracker.exe` experiences the same issue. Maybe the crash doesn't
manifest on Wine 32? IDK.

-----------

The code in question has been removed from 0CC, and I will be including a
workaround (don't call AfxFormatString1(out=in)) into j0CC soon.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list