[Bug 47038] New: Zero Time Dilemma crashes with unhandled page fault on read access in CryptGenRandom

wine-bugs at winehq.org wine-bugs at winehq.org
Thu Apr 18 09:47:04 CDT 2019 

https://bugs.winehq.org/show_bug.cgi?id=47038

            Bug ID: 47038
           Summary: Zero Time Dilemma crashes with unhandled page fault on
                    read access in CryptGenRandom
           Product: Wine
           Version: 4.6
          Hardware: x86
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: advapi32
          Assignee: wine-bugs at winehq.org
          Reporter: tijs96 at hotmail.com
      Distribution: ---

The game crashes instantly after launching, before even opening a window.

The game makes a call to CryptAcquireContextA which fails because the game
doesn't set the CRYPT_NEWKEYSET flag and wine assumes the existence of a
certain registry key. The registry key doesn't exist, wine returns an error and
the game calls CryptGenRandom with the value it received from
CryptAcquireContextA without checking for an error.

Relevant log lines:

0288:Call
advapi32.CryptAcquireContextA(0032fc08,00000000,00000000,00000001,00000000)
ret=004087cc
0288:Call rsaenh.CPAcquireContext(063a5e80,00000000,00000000,063a09e8)
ret=7e93ce36
0288:Call advapi32.GetUserNameA(0032f78c,0032f788) ret=7b9e46b0
0288:Ret  advapi32.GetUserNameA() retval=00000001 ret=7b9e46b0
0288:Call advapi32.RegOpenKeyExA(80000001,0032f5cc
"Software\\Wine\\Crypto\\RSA\\thijs",00000000,00020019,0032f730) ret=7b9dcb6e
0288:Ret  advapi32.RegOpenKeyExA() retval=00000002 ret=7b9dcb6e
0288:Ret  rsaenh.CPAcquireContext() retval=00000000 ret=7e93ce36
0288:Ret  advapi32.CryptAcquireContextA() retval=00000000 ret=004087cc
0288:Call advapi32.CryptGenRandom(00000004,00000004,0032fc04) ret=004087db
...
wine: Unhandled page fault on read access to 0x00000004 at address 0x7e93d3f3
(thread 0288), starting debugger...

I patched CryptAcquireContextA with "*phProv = 0;" before returning. This fixes
the crash and the game runs fine at first glance, so it seems the game does not
rely on a correct implementation. The link below contains the full
+relay,+crypt log (includes a lot of output from Steam).

https://mega.nz/#!TAVWWKIZ!Z2W5IquxzNEOkR-DxkWAyPwTRz8ZlHjWK9CvQkQUCmc

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list