[2/9] setupapi: Validate the cabinet filename parameter in SetupIterateCabinetA.

Alexandre Julliard julliard at winehq.org
Wed Jun 16 06:26:23 CDT 2010 

Andrew Nguyen <anguyen at codeweavers.com> writes:

> ---
>  dlls/setupapi/setupcab.c        |    7 ++-
>  dlls/setupapi/tests/Makefile.in |    1 +
>  dlls/setupapi/tests/setupcab.c  |  121 +++++++++++++++++++++++++++++++++++++++
>  3 files changed, 128 insertions(+), 1 deletions(-)
>  create mode 100644 dlls/setupapi/tests/setupcab.c

It doesn't work here:

wine: Unhandled page fault on write access to 0x6864dd7b at address 0x686a1c89 (thread 003a), starting debugger...
Unhandled exception: page fault on write access to 0x6864dd7b in 32-bit code (0x686a1c89).
Register dump:
 CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b
 EIP:686a1c89 ESP:0032f6e0 EBP:0032fa68 EFLAGS:00010246(  R- --  I  Z- -P- )
 EAX:6864dd7b EBX:686b2cfc ECX:00000000 EDX:00000024
 ESI:6865d68f EDI:0032f838
Stack dump:
0x0032f6e0:  0032f93c 6864dd7b 0032f838 0032fa4c
0x0032f6f0:  686a14e0 00000000 0032f724 ffffffff
0x0032f700:  0032fa40 0032f9e4 0032f768 7bc70be0
0x0032f710:  0000000e 00000002 00000001 0032f93c
0x0032f720:  00110060 acabfeed 00121100 00000000
0x0032f730:  00000000 00038080 2e366338 00706d74
Backtrace:
=>0 0x686a1c89 SetupIterateCabinetA+0xc9(CabinetFile="", Reserved=0, MsgHandler=0x6864b9a0, Context=0x0(nil)) [/home/julliard/wine/wine/dlls/setupapi/setupcab.c:588] in setupapi (0x0032fd38)
  1 0x6864bd95 test_invalid_parametersA+0x384() [/home/julliard/wine/wine/dlls/setupapi/tests/setupcab.c:108] in setupapi_test (0x0032fd88)
  2 0x6864df0e run_test+0x14d(name=<is not available>) [/home/julliard/wine/wine/dlls/setupapi/tests/../../../include/wine/test.h:557] in setupapi_test (0x0032fe48)
  3 0x6864e0e2 main+0x131(argc=<couldn't compute location>, argv=<couldn't compute location>) [/home/julliard/wine/wine/dlls/setupapi/tests/../../../include/wine/test.h:607] in setupapi_test (0x0032fe90)
  4 0x6864e27c __wine_spec_exe_entry+0x7b(peb=0x7ffdf000) [/home/julliard/wine/wine/dlls/winecrt0/exe_entry.c:36] in setupapi_test (0x0032fea8)
  5 0x7b854ebc call_process_entry+0xb() in kernel32 (0x0032fee8)
  6 0x7b85756b start_process+0x5a(peb=0x7ffdf000) [/home/julliard/wine/wine/dlls/kernel32/process.c:996] in kernel32 (0x0032fef8)
  7 0x7bc71a40 call_thread_func+0xb() in ntdll (0x0032ffc8)
  8 0x7bc71c10 call_thread_entry_point+0x6f(entry=0x7b857510, arg=0x7ffdf000) [/home/julliard/wine/wine/dlls/ntdll/signal_i386.c:2466] in ntdll (0x0032ffe8)
  9 0x7bc4d5ca start_process+0x29(kernel_start=0x7b857510) [/home/julliard/wine/wine/dlls/ntdll/loader.c:2612] in ntdll (0x00000000)
0x686a1c89 SetupIterateCabinetA+0xc9 [/home/julliard/wine/wine/dlls/setupapi/setupcab.c:588] in setupapi: movb	$0x0,0x0(%eax)
588	    *p = '\0';

-- 
Alexandre Julliard
julliard at winehq.org

More information about the wine-devel mailing list