[Bug 52694] New: EnumPrintersW crashes on Linux but not on Windows
https://bugs.winehq.org/show_bug.cgi?id=52694 Bug ID: 52694 Summary: EnumPrintersW crashes on Linux but not on Windows Product: Wine Version: 7.4 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: mikrutrafal(a)protonmail.com Distribution: --- ``` let argument_0 = 10000; let argument_1 = PCWSTR::default(); let argument_2 = 10000; let mut argument_3 = 100; let argument_3 = &mut argument3; let argument_4 = 10000; let mut argument_5 = 10000; let argument_5 = &mut argument5; let mut argument_6 = 10000; let argument_6 = &mut argument6; EnumPrintersW(argument_0,argument_1,argument_2,argument_3,argument_4,argument_5,argument_6); ``` seems to crash app Steps to reproduce - Download Fuzzer - https://github.com/qarmin/Win32Fuzzer/releases/download/1.1.0/win_project_64... - Create `settings.txt` in same folder - Fill it with this content ``` allowed_functions: EnumPrintersW repeating_number: 50 random: false ``` - Run `win_project_64.exe` ``` 01e0:fixme:winspool:WINSPOOL_EnumPrintersW dwType = 00002710 wine: Unhandled page fault on execute access to 0000000000000000 at address 0000000000000000 (thread 01e0), starting debugger... Unhandled exception: page fault on execute access to 0x0000000000000000 in 64-bit code (0x0000000000000000). .... .... System information: Wine build: wine-7.4 Platform: x86_64 Version: Windows 10 Host system: Linux Host version: 5.13.0-35-generic ``` -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 Rafał Mikrut <mikrutrafal(a)protonmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- URL| |https://github.com/qarmin/W | |in32Fuzzer/releases/downloa | |d/1.1.0/win_project_64.exe -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 Eric Pouech <eric.pouech(a)orange.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |eric.pouech(a)orange.fr --- Comment #1 from Eric Pouech <eric.pouech(a)orange.fr> --- (In reply to Rafał Mikrut from comment #0)
``` let argument_0 = 10000; let argument_1 = PCWSTR::default(); let argument_2 = 10000; let mut argument_3 = 100; let argument_3 = &mut argument3; let argument_4 = 10000;
in EnumPrinterW, argument_3 is supposed to be an array of bytes of size argument_4, which is clearly not the case in your scenario... hence the crash do you a real app depending on this? A+ -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 --- Comment #2 from Rafał Mikrut <mikrutrafal(a)protonmail.com> ---
do you a real app depending on this?
Nope, I just found it when creating fuzzer and this is one of ~100 functions that crashes with such (invalid) output on Linux but not Windows. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 --- Comment #3 from Alexandre Julliard <julliard(a)winehq.org> --- Unless there's an app that depends on it, the exact behavior upon invalid input is in general not something we care about. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 --- Comment #4 from Rafał Mikrut <mikrutrafal(a)protonmail.com> --- In my opinion it's still worth to fix this bug if it occurs only in Wine, because some applications can use this feature on Windows in an incorrect way (even if I didn't find any), because the application on Windows doesn't crash. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 --- Comment #5 from Alexandre Julliard <julliard(a)winehq.org> --- The same would be true for just about any function. In many cases Windows has an exception handler to hide crashes, but we don't want to do that because it's expensive to do without compiler support. So we only do it where it's required by an actual app. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 Fabian Maurer <dark.shadow4(a)web.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dark.shadow4(a)web.de --- Comment #6 from Fabian Maurer <dark.shadow4(a)web.de> --- So, what do we do with this bugreport? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|UNCONFIRMED |RESOLVED --- Comment #7 from Alexandre Julliard <julliard(a)winehq.org> --- I'd say that's a WONTFIX, until we find an app that depends on this. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|FIXED |WONTFIX -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52694 Gijs Vermeulen <gijsvrm(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #8 from Gijs Vermeulen <gijsvrm(a)gmail.com> --- Closing WONTFIX. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla