[PATCH v2 1/2] ws2_32: Validate pointers in select().

Torge Matthies openglfreak at googlemail.com
Tue Oct 19 16:32:08 CDT 2021 

The IsBad{Read,Write}Ptr implementation looked too complex to copy it
around everywhere. And idk how to debug a crash that I've only seen in
a .NET backtrace once.

Feel free to change the patches to how you would do it.
I have attached the crash message from osu!.

On Tue, 19 Oct 2021 at 19:42, Alexandre Julliard <julliard at winehq.org> wrote:
>
> Torge Matthies <openglfreak at googlemail.com> writes:
>
> > A crash in osu! was reported on Discord that segfaulted in this
> > function. I don't know if there is any underlying bug and if adding
> > these patches just hides a bug, but the current behavior of select() of
> > just crashing is definitely wrong.
>
> Maybe, but we don't want to add such pointer checks all over the
> place. If there's an actual app that requires this, it should be done
> with an exception handler. But first it should be confirmed that it's
> not a Wine bug that's causing the invalid pointer.
>
> --
> Alexandre Julliard
> julliard at winehq.org
-------------- next part --------------
```Unhandled Exception: System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
   at System.Net.UnsafeNclNativeMethods.OSSOCK.select(Int32 ignoredParameter, IntPtr[] readfds, IntPtr[] writefds, IntPtr[] exceptfds, TimeValue& timeout)
   at System.Net.Sockets.Socket.Poll(Int32 microSeconds, SelectMode mode)
   at System.Net.Sockets.NetworkStream.PollRead()
   at System.Net.Connection.StartRequest(HttpWebRequest request, Boolean canPollRead)
   at System.Net.Connection.SubmitRequest(HttpWebRequest request, Boolean forcedsubmit)
   at System.Net.ServicePoint.SubmitRequest(HttpWebRequest request, String connName)
   at System.Net.HttpWebRequest.SubmitRequest(ServicePoint servicePoint)
   at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
   at System.Net.HttpWebRequest.GetRequestStream()
   at #=zU9GgwLj5RaEe0E7qrpGlZwI=.#=zYlTSOWuM0pTl()
   at (Object , Object[] )
   at ?.(MethodBase , Object , Object[] , Boolean)
   at ?.(MethodBase , Boolean )
   at ?. (? ,   )
   at ?.()
   at ? (Boolean )
   at ?.(Object[] , Type[] , Type[] , Object[])
   at A.B.(Object )
   at A.B.D(Object r)
   at #=zU9GgwLj5RaEe0E7qrpGlZwI=.#=zrcJCJJ0=()
   at #=zU9GgwLj5RaEe0E7qrpGlZwI=.#=z6wIGVNLiIWRI()
   at #=zhkkKI1tflfG$Q9waUtVQ0EU=.#=zPxDi_Pw=(Boolean #=z4C5qFck=)
   at #=zhkkKI1tflfG$Q9waUtVQ0EU=.#=zdMebMho=()
   at #=zd_CM$W0A19JYWrgjjQ==.#=zwPPWiuLFYFV2Z9kbrddxj30=.#=zM_gy6gjbkjljblAvfksuXuU=()
   at #=zk0_LVd1jSpFyOR9OuYHvYQKByvzx.#=z8ZC8RvPW3f4$AbXVyGfDYOU=.#=zdBVy7j_OcYv0LgDxcw==(Object #=zGJzeoSR$W7hm)
   at #=zf47mx_9IofuloZZ4y1vP4cE=.#=zHeOQmHxvcVhH()
   at #=zf47mx_9IofuloZZ4y1vP4cE=.#=zHX8vAPw=()
   at #=zoVIfTMC6b5P4xBs1GN1vWBo=.#=zHeOQmHxvcVhH(#=zf47mx_9IofuloZZ4y1vP4cE= #=zYKo4k2c=)
   at #=zoVIfTMC6b5P4xBs1GN1vWBo=.#=zVX_JoE7uXf0Y()
   at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()```

More information about the wine-devel mailing list