https://bugs.winehq.org/show_bug.cgi?id=37408 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P4 |P2 Status|UNCONFIRMED |NEW URL| |http://www.mtsac.edu/~bluet | |eam/Forensic/NwInvestigator | |Setup.exe Keywords| |download CC| |focht(a)gmx.net Ever confirmed|0 |1 Summary|GetDiskFreeSpaceExW - Does |NetWitness 9.x fails: |not accept path to file |GetDiskFreeSpaceExW - Does | |not accept path to file Severity|major |normal --- Comment #1 from Anastasius Focht <focht(a)gmx.net> --- Hello, from the logs it seems you are trying to run N^HRSA NetWitness Investigator v9.x --- quote --- According to standard Microsoft documentation the GetDiskFreeSpaceExW WINAPI call should fail if a directory is not given as the path to check free disk space for. The documentation is incorrect. Making a call to GetDiskFreeSpaceExW with a full path to a file (and not a directory) does indeed succeed on standard windows. --- quote --- I doubt that MS makes such obvious documentation mistake, given a parameter 'lpDirectoryName'. If the app makes such a call it doesn't mean it's correct. That are gazillion broken apps containing stupid code that works by chance or fails silently. Please write a test case and submit it to Wine test bot to prove your claim: http://wiki.winehq.org/WineTestBot Since you provided your own analysis (which is likely incorrect) you omitted the important info: crash information (backtrace), error messages, terminal logs etc. Also specify the *exact* version of the app (9.5, 9.6, ???). Tidbit: the app version 9.6 I found seems to be protected by Themida DRM scheme. --- snip --- -=[ ProtectionID v0.6.5.5 OCTOBER]=- (c) 2003-2013 CDKiLLER & TippeX Build 31/10/13-21:09:09 Ready... Scanning -> C:\Program Files\NetWitness\NetWitness 9.6\Investigator\NwInvestigatorPE.exe File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 7936336 (0791950h) Byte(s) -> File Appears to be Digitally Signed @ Offset 0790200h, size : 01750h / 05968 byte(s) [File Heuristics] -> Flag : 00000000000001001100000000000111 (0x0004C007) [Entrypoint Section Entropy] : 1.50 [!] Themida v2.0.1.0 - v2.1.8.0 (or newer) detected ! [i] Hide PE Scanner Option used - Scan Took : 0.738 Second(s) [0000002E2h tick(s)] [533 scan(s) done] --- snip --- $ sha1sum NwInvestigatorSetup.exe da176dab04c67c98dba6c017b54842b9be607ad65 NwInvestigatorSetup.exe $ du -sh NwInvestigatorSetup.exe 132M NwInvestigatorSetup.exe $ wine --version wine-1.7.29-57-gfbf2557 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.