[Bug 46954] Relay trace causes crash in wine_dbgstr_wn helper due to invalid string pointer access

[wine-bugs at winehq.org]

https://bugs.winehq.org/show_bug.cgi?id=46954

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
      Fixed by SHA1|                            |bb83b68832553ed74f47c07a90a
                   |                            |ce0ed68d4e04f
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #1 from Anastasius Focht <focht at gmx.net> ---
Hello folks,

this is fixed by commit
https://source.winehq.org/git/wine.git/commitdiff/bb83b68832553ed74f47c07a90ace0ed68d4e04f
("ntdll: Define IsBadStringPtr to handle exceptions in debug traces.")

Thanks Alexandre

--- snip ---
...
002b:Call user32.EnumPropsW(0001006c,004018cb) ret=00401b3e
002b:Call user32.RemovePropW(0001006c,0033f91c L"__wine_x11_whole_window")
ret=004018e5
002b:Ret  user32.RemovePropW() retval=04e00001 ret=004018e5
002b:Call oleaut32.SysFreeString(code=c0000005 flags=0 addr=0x7bc4c51c
ip=7bc4c51c tid=002b
002b:trace:seh:raise_exception  info[0]=00000000
002b:trace:seh:raise_exception  info[1]=04e00001
002b:trace:seh:raise_exception  eax=04e00001 ebx=7bd0d000 ecx=0033f620
edx=04e00003 esi=0033f880 edi=0033fb88
002b:trace:seh:raise_exception  ebp=0033f608 esp=0033f530 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010212
002b:trace:seh:call_stack_handlers calling handler at 0x7bcb6560 code=c0000005
flags=0
002b:trace:seh:__regs_RtlUnwind code=c0000005 flags=2
002b:trace:seh:__regs_RtlUnwind eax=00000000 ebx=7bcb63ef ecx=0033f4d8
edx=0033f4d8 esi=0033f540 edi=7bcb63ef
002b:trace:seh:__regs_RtlUnwind ebp=0033efd8 esp=0033efa8 eip=7bcb63d8 cs=0023
ds=002b fs=0063 gs=006b flags=00000216
002b:trace:seh:__regs_RtlUnwind calling handler at 0x7bc922e7 code=c0000005
flags=2
002b:trace:seh:__regs_RtlUnwind handler at 0x7bc922e7 returned 1
002b:trace:relay:trace_string_w 04e00001 (invalid)) ret=004018fe
002b:Ret  oleaut32.SysFreeString() retval=ffffffff ret=004018fe
002b:Call user32.RemovePropW(0001006c,0033f91c L"$BASE") ret=004018e5
002b:Ret  user32.RemovePropW() retval=0018301c ret=004018e5
002b:Call oleaut32.SysFreeString(0018301c L"Z:\\home\\focht\\Downloads\\test")
ret=004018fe
002b:Ret  oleaut32.SysFreeString() retval=00000000 ret=004018fe
002b:Call user32.RemovePropW(0001006c,0033f91c L"$0") ret=004018e5
002b:Ret  user32.RemovePropW() retval=001830fc ret=004018e5
002b:Call oleaut32.SysFreeString(001830fc
L"Z:\\home\\focht\\Downloads\\test\\ADHOCSIGNER.EXE") ret=004018fe
002b:Ret  oleaut32.SysFreeString() retval=00000000 ret=004018fe
002b:Call user32.RemovePropW(0001006c,0033f91c L"$1") ret=004018e5
002b:Ret  user32.RemovePropW() retval=00183164 ret=004018e5
002b:Call oleaut32.SysFreeString(00183164 L"./TouchInputPC.exe") ret=004018fe
002b:Ret  oleaut32.SysFreeString() retval=00000000 ret=004018fe 
...
--- snip ---

$ wine --version
wine-4.5-185-g17056908ac

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.