[Bug 50038] New: IWbemClassObject::Get method with wszName = NULL crashes inside wbemprox
https://bugs.winehq.org/show_bug.cgi?id=50038 Bug ID: 50038 Summary: IWbemClassObject::Get method with wszName = NULL crashes inside wbemprox Product: Wine Version: 5.19 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: wmi&wbemprox Assignee: wine-bugs(a)winehq.org Reporter: xerox.xerox2000x(a)gmail.com Distribution: --- Trying run powershell (2.0) with something like wine powershell -c get-wmiobject win32_process makes it crash inside wbemprox. It seems to come from wbemprox:class_object_Get (00FB59D8, (null), 00000000, 059BEA8C, 019194F8, 019194FC) Then apparently static BOOL is_system_prop( const WCHAR *name ) { return (name[0] == '_' && name[1] == '_'); } goes wrong That wszName is null is probably due to previous bugs/insufficiencies (?guess?), but at least it shouldn`t crash inside wbemprox I think (modified test in tests/query.c with name=NULL shows it returns WBEM_E_INVALID_PARAMETER). Something like return (name && name[0] == '_' && name[1] == '_'); helps prevent crash but I don`t know how to fix this properly Below +wbemprox trace 0130:trace:wbemprox:create_class_object L"Win32_Process", 00FA6930 0130:trace:wbemprox:create_class_object returning iface 00FB59D8 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {00000000-0000-0000-c000-000000000046}, 059BE5D0 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {c3fcc19e-a970-11d2-8b5a-00a0c9b7c9c4}, 059BE584 0130:fixme:wbemprox:class_object_QueryInterface interface {c3fcc19e-a970-11d2-8b5a-00a0c9b7c9c4} not implemented 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {b196b283-bab4-101a-b69c-00aa00341d07}, 059BE478 0130:fixme:wbemprox:class_object_QueryInterface interface {b196b283-bab4-101a-b69c-00aa00341d07} not implemented 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {00000003-0000-0000-c000-000000000046}, 059BE3F8 0130:fixme:wbemprox:class_object_QueryInterface interface {00000003-0000-0000-c000-000000000046} not implemented 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {00000144-0000-0000-c000-000000000046}, 059BE47C 0130:fixme:wbemprox:class_object_QueryInterface interface {00000144-0000-0000-c000-000000000046} not implemented 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {dc12a681-737f-11cf-884d-00aa004b2e24}, 059BE8A0 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__GENUS", 00000000, 059BF1B8, 059BF27C, 059BF278 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__PATH", 00000000, 059BF19C, 059BF264, 059BF260 0130:fixme:ole:thread_context_info_QueryInterface interface not implemented {51372ae0-cae7-11cf-be81-00aa00a2fa25} 0130:fixme:wmiutils:wmiutils_cf_QueryInterface interface {b196b28f-bab4-101a-b69c-00aa00341d07} not implemented 0130:fixme:wmiutils:path_QueryInterface interface {c3fcc19e-a970-11d2-8b5a-00a0c9b7c9c4} not implemented 0130:fixme:wmiutils:path_QueryInterface interface {00000003-0000-0000-c000-000000000046} not implemented 0130:fixme:wmiutils:path_QueryInterface interface {00000144-0000-0000-c000-000000000046} not implemented 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__NAMESPACE", 00000000, 059BEF4C, 018EDB90, 018EDB94 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__NAMESPACE", 00000000, 059BEF50, 018EDB90, 018EDB94 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__CLASS", 00000000, 059BEF4C, 018EDC48, 018EDC4C 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__CLASS", 00000000, 059BEF50, 018EDC48, 018EDC4C 0130:trace:wbemprox:class_object_GetNames 00FB59D8, (null), 00000030, 059BEA94 {VT_EMPTY}, 059BEA60 0130:fixme:wbemprox:class_object_GetNames qualifier not supported 0130:trace:wbemprox:class_object_Get 00FB59D8, (null), 00000000, 059BEA8C, 019194F8, 019194FC 0130:fixme:wer:WerReportSetParameter (00FBBED0, 0, L"NameOfExe", L"powershell51.exe") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 1, L"FileVersionOfSystemManagementAutomation", L"6.0.6002.18111") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 2, L"InnermostExceptionType", L"System.AccessViolationException") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 3, L"OutermostExceptionType", L"System.AccessViolationException") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 5, L"DeepestFrame", L"stem.Management.IWbemClassObjectFreeThreaded.Get_f") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 4, L"DeepestPowerShellFrame", L"utomation.ManagementClassApdapter.AddAllProperties") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 6, L"ThreadName", L"Pipeli..ution Thread") :stub 0130:fixme:wer:WerReportAddDump (00FBBED0, 0000016C, 00000000, 2, 00000000, 00000000, 0) :stub 0130:fixme:advapi:RegisterEventSourceW ((null),L".NET Runtime"): stub 0130:fixme:advapi:ReportEventW (CAFE4242,0x0001,0x0000,0x000003ff,00000000,0x0001,0x00000000,059BC580,00000000): stub 0130:err:eventlog:ReportEventW L".NET Runtime version 2.0.50727.1433 - Attempted to read or write protected memory. This is often an indication that other memory is corrupt." -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=50038 Louis Lenders <xerox.xerox2000x(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- URL| |http://download.windowsupda | |te.com/msdownload/update/so | |ftware/updt/2009/11/windows | |server2003-kb968930-x64-eng | |_8ba702aa016e4c5aed58181464 | |7f4d55635eff5c.exe Keywords| |download --- Comment #1 from Louis Lenders <xerox.xerox2000x(a)gmail.com> --- Note: To work around bug https://bugs.winehq.org/show_bug.cgi?id=25740 I used custum winescript script from https://bugs.winehq.org/show_bug.cgi?id=49966 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=50038 --- Comment #2 from Hans Leidekker <hans(a)meelstraat.net> --- Created attachment 68482 --> https://bugs.winehq.org/attachment.cgi?id=68482 patch Can you try this patch? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=50038 --- Comment #3 from Louis Lenders <xerox.xerox2000x(a)gmail.com> --- (In reply to Hans Leidekker from comment #2)
Created attachment 68482 [details] patch
Can you try this patch?
Hi Hans, The patch fixes the crash, thanks! (Note: The command "powershell -c get-wmiobject win32_process" still doesn`t work correctly***, but that`s then another bug. This patch is enough to fix the aforementioned crash, that prevented several installers using chocolatey from finishing correctly. With this patch they finish fine, thanks again) ***: Current behaviour after applying patch: 010c:fixme:wbemprox:class_object_GetMethodQualifierSet 001B4D80, L"GetOwner", 04C0EA94 010c:fixme:path:parse_url failed to parse L"System.Management.Automation.resources" 010c:fixme:path:parse_url failed to parse L"System.Management.Automation.resources" format-default : The following exception occurred while retrieving members: "The method or operation is not implemented." + CategoryInfo : NotSpecified: (:) [format-default], ExtendedTypeSystemException + FullyQualifiedErrorId : CatchFromBaseGetMembers,Microsoft.PowerShell.Commands.FormatDefaultCommand -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=50038 --- Comment #4 from Louis Lenders <xerox.xerox2000x(a)gmail.com> --- Hi Hans, just for the info: After applying your next patch https://www.winehq.org/pipermail/wine-devel/2020-October/176003.html the command works correctly now! Nice job! WINEDEBUG=-all wine powershell -c get-wmiobject win32_process wine: Read access denied for device L"\\??\\Z:\\", FS volume label and serial are not available. __GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="32 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \\DEBIAN\ROOT\CIMV2:Win32_Process.Handle="32 Caption : powershell.exe CommandLine : "C:\windows\system32\WindowsPowershell\v1.0\powershell.exe" -c get-wmiobject win32_process Description : powershell.exe Handle : 32 Name : powershell.exe ParentProcessID : 0 ProcessID : 32 ThreadCount : 4 WorkingSetSize : 0 __GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="56 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \\DEBIAN\ROOT\CIMV2:Win32_Process.Handle="56 Caption : services.exe CommandLine : Description : services.exe Handle : 56 Name : services.exe ParentProcessID : 40 ProcessID : 56 ThreadCount : 11 WorkingSetSize : 0 __GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="68 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \\DEBIAN\ROOT\CIMV2:Win32_Process.Handle="68 Caption : svchost.exe CommandLine : Description : svchost.exe Handle : 68 Name : svchost.exe ParentProcessID : 56 ProcessID : 68 ThreadCount : 3 WorkingSetSize : 0 __GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="92 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \\DEBIAN\ROOT\CIMV2:Win32_Process.Handle="92 Caption : winedevice.exe CommandLine : Description : winedevice.exe Handle : 92 Name : winedevice.exe ParentProcessID : 56 ProcessID : 92 ThreadCount : 4 WorkingSetSize : 0 __GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="116 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \\DEBIAN\ROOT\CIMV2:Win32_Process.Handle="116 Caption : plugplay.exe CommandLine : Description : plugplay.exe Handle : 116 Name : plugplay.exe ParentProcessID : 56 ProcessID : 116 ThreadCount : 6 WorkingSetSize : 0 __GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="172 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \\DEBIAN\ROOT\CIMV2:Win32_Process.Handle="172 Caption : winedevice.exe CommandLine : Description : winedevice.exe Handle : 172 Name : winedevice.exe ParentProcessID : 56 ProcessID : 172 ThreadCount : 6 WorkingSetSize : 0 __GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="236 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \\DEBIAN\ROOT\CIMV2:Win32_Process.Handle="236 Caption : explorer.exe CommandLine : Description : explorer.exe Handle : 236 Name : explorer.exe ParentProcessID : 40 ProcessID : 236 ThreadCount : 3 WorkingSetSize : 0 __GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="256 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \\DEBIAN\ROOT\CIMV2:Win32_Process.Handle="256 Caption : rpcss.exe CommandLine : Description : rpcss.exe Handle : 256 Name : rpcss.exe ParentProcessID : 56 ProcessID : 256 ThreadCount : 7 WorkingSetSize : 0 __GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="292 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \\DEBIAN\ROOT\CIMV2:Win32_Process.Handle="292 Caption : conhost.exe CommandLine : Description : conhost.exe Handle : 292 Name : conhost.exe ParentProcessID : 32 ProcessID : 292 ThreadCount : 1 WorkingSetSize : 0 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=50038 Louis Lenders <xerox.xerox2000x(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |b1ceb7853cf0d7abe99fd917e65 | |a22507795f7de Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #5 from Louis Lenders <xerox.xerox2000x(a)gmail.com> --- This was fixed by b1ceb7853cf0d7abe99fd917e65a22507795f7de Thanks Hans -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=50038 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #6 from Alexandre Julliard <julliard(a)winehq.org> --- Closing bugs fixed in 5.21. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=50038 Michael Stefaniuc <mstefani(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |5.0.x -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=50038 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- URL|http://download.windowsupda |https://web.archive.org/web |te.com/msdownload/update/so |/20200924155535/http://down |ftware/updt/2009/11/windows |load.windowsupdate.com/msdo |server2003-kb968930-x64-eng |wnload/update/software/updt |_8ba702aa016e4c5aed58181464 |/2009/11/windowsserver2003- |7f4d55635eff5c.exe |kb968930-x64-eng_8ba702aa01 | |6e4c5aed581814647f4d55635ef | |f5c.exe CC| |focht(a)gmx.net -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=50038 Michael Stefaniuc <mstefani(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|5.0.x |--- --- Comment #7 from Michael Stefaniuc <mstefani(a)winehq.org> --- Removing the 5.0.x milestone from bug fixes included in 5.0.4. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla