[Bug 11121] Night Watch crashes on startup (StarForce v3, loader: section SizeOfRawData vs. FileAlignment violation, zero padding of section remainder wipes out code executed at runtime)

WineHQ Bugzilla wine-bugs at winehq.org
Sun Dec 1 11:06:46 CST 2019 

https://bugs.winehq.org/show_bug.cgi?id=11121

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                URL|http://www.gamershell.com/d |https://www.fileplanet.com/
                   |ownload_12193.shtml         |archive/p-56695/Night-Watch
                   |                            |-Updated-Demo/download

--- Comment #20 from Anastasius Focht <focht at gmx.net> ---
Hello David,

--- quote ---
Wow, that's a lot of info! Are you able to test if this still occurs with a
newer version of Wine?
--- quote ---

yes, the issue is still present.

I had to search a bit to find sites that still provide the demo download and
the no-cd patch.

https://web.archive.org/web/20191201155126/https://www.gamesindustry.biz/articles/official-english-language-night-watch-demo-released

-> https://www.fileplanet.com/archive/p-56695/Night-Watch-Updated-Demo/download

For the no-cd patch use following search query:

https://www.google.com/search?q=lonebullet+nightwatch

I've snapshotted the patch using Internet Archive as well in case it goes away.

---

Wine source:

https://source.winehq.org/git/wine.git/blob/HEAD:/dlls/ntdll/virtual.c#l1414

--- snip ---
1414 static NTSTATUS map_image( HANDLE hmapping, ACCESS_MASK access, int fd,
int top_down, unsigned short zero_bits_64,
1415                            pe_image_info_t *image_info, int shared_fd,
BOOL removable, PVOID *addr_ptr )
1416 {
...
1510     /* map all the sections */
1511 
1512     for (i = pos = 0; i < nt->FileHeader.NumberOfSections; i++, sec++)
1513     {
1514         static const SIZE_T sector_align = 0x1ff;
1515         SIZE_T map_size, file_start, file_size, end;
1516 
1517         if (!sec->Misc.VirtualSize)
1518             map_size = ROUND_SIZE( 0, sec->SizeOfRawData );
1519         else
1520             map_size = ROUND_SIZE( 0, sec->Misc.VirtualSize );
1521 
1522         /* file positions are rounded to sector boundaries regardless of
OptionalHeader.FileAlignment */
1523         file_start = sec->PointerToRawData & ~sector_align;
1524         file_size = (sec->SizeOfRawData + (sec->PointerToRawData &
sector_align) + sector_align) & ~sector_align;
1525         if (file_size > map_size) file_size = map_size;
...
1566         TRACE_(module)( "mapping section %.8s at %p off %x size %x virt %x
flags %x\n",
1567                         sec->Name, ptr + sec->VirtualAddress,
1568                         sec->PointerToRawData, sec->SizeOfRawData,
1569                         sec->Misc.VirtualSize, sec->Characteristics );
1570 
1571         if (!sec->PointerToRawData || !file_size) continue;
1572 
1573         /* Note: if the section is not aligned properly map_file_into_view
will magically
1574          *       fall back to read(), so we don't need to check anything
here.
1575          */
1576         end = file_start + file_size;
1577         if (sec->PointerToRawData >= st.st_size ||
1578             end > ((st.st_size + sector_align) & ~sector_align) ||
1579             end < file_start ||
1580             map_file_into_view( view, fd, sec->VirtualAddress, file_size,
file_start,
1581                                 VPROT_COMMITTED | VPROT_READ |
VPROT_WRITECOPY,
1582                                 removable ) != STATUS_SUCCESS)
1583         {
1584             ERR_(module)( "Could not map section %.8s, file probably
truncated\n", sec->Name );
1585             goto error;
1586         }
1587 
1588         if (file_size & page_mask)
1589         {
1590             end = ROUND_SIZE( 0, file_size );
1591             if (end > map_size) end = map_size;
1592             TRACE_(module)("clearing %p - %p\n",
1593                            ptr + sec->VirtualAddress + file_size,
1594                            ptr + sec->VirtualAddress + end );
1595             memset( ptr + sec->VirtualAddress + file_size, 0, end -
file_size );
1596         }
1597     }
...
--- snip ---

Running the patched executable on top of demo install:

--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files (x86)/NightWatch/Run

$ WINEDEBUG=+seh,+relay wine ./NWatch.exe >>log.txt 2>&1
...
0040:Call KERNEL32.OutputDebugStringA(00ab0bd8 "WORLD VALID: no ADRESS 0\n")
ret=00496b93
0040:warn:seh:OutputDebugStringA "WORLD VALID: no ADRESS 0\n"
0040:Ret  KERNEL32.OutputDebugStringA() retval=00000000 ret=00496b93
0040:trace:seh:raise_exception code=c0000005 flags=0 addr=0x90a810 ip=0090a810
tid=0040
0040:trace:seh:raise_exception  info[0]=00000001
0040:trace:seh:raise_exception  info[1]=00000000
0040:trace:seh:raise_exception  eax=00000000 ebx=593a3a88 ecx=593a3a88
edx=0000005f esi=593a3a88 edi=00000000
0040:trace:seh:raise_exception  ebp=00000000 esp=0032f970 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010246
0040:trace:seh:call_stack_handlers calling handler at 0x964e18 code=c0000005
flags=0
0040:trace:seh:call_stack_handlers handler at 0x964e18 returned 1 
...
Unhandled exception: page fault on write access to 0x00000000 in 32-bit code
(0x0090a810).
--- snip ---

$ sha1sum night*
826a6318a016d86fab6172eab23b4a15b2b92f54  night_watch_demo_english.exe
c485bd99eb076733a3c96c02716f2c4c760aa851 
night-watch-v101-english-no-cdfixed-exe.rar

$ du -sh night*
458M    night_watch_demo_english.exe
2.1M    night-watch-v101-english-no-cdfixed-exe.rar

$ wine --version
wine-4.21

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list