[Bug 56932] New: Null pointer dereference in MiniDumpWriteDump
https://bugs.winehq.org/show_bug.cgi?id=56932 Bug ID: 56932 Summary: Null pointer dereference in MiniDumpWriteDump Product: Wine Version: 9.1 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: dbghelp Assignee: wine-bugs(a)winehq.org Reporter: madebr(a)gmail.com Distribution: --- Created attachment 76754 --> https://bugs.winehq.org/attachment.cgi?id=76754 Program Error details When using sdlprocdump [1] to get a minidump and stackframe of a crashing program, wine segfaults inside DbgHelp.MiniDumpWriteDump. I've attached the error when running the following crashing programming under sdlprocdump.exe. ``` int main(int argc, char *argv[]) { return argc / (argc - 1); } ``` sdlprocdump usage: ``` wine sdlprocdump.exe a.exe ``` [1] https://github.com/libsdl-org/SDL/blob/main/test/win32/sdlprocdump.c -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56932 Vijay Kamuju <infyquest(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |infyquest(a)gmail.com --- Comment #1 from Vijay Kamuju <infyquest(a)gmail.com> --- try the latest wine 9.12 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56932 Eric Pouech <eric.pouech(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |eric.pouech(a)gmail.com --- Comment #2 from Eric Pouech <eric.pouech(a)gmail.com> --- actually, I wonder if the generated minidump if fully reloadble... - it doesn't use the exception info from the corresponding debug event to write the minidump; instead it tries to create an empty one (which generates the crash on Wine) - when reloading the minidump, it looks like the backtrace will not be available because of this (and most of the exception context) so I wonder if the program shouldn't be fixed instead (even if the NULL deref exists on Wine side) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56932 --- Comment #3 from Maarten <madebr(a)gmail.com> --- Indeed, filling in the "PMINIDUMP_EXCEPTION_INFORMATION ExceptionParam" argument of MiniDumpWriteDump with the current Exception and Context record makes the null pointer dereference go away. sdlprocdump has already successfully created minidumps on Windows, but I indeed noticed the exception record displayed as unknown in Visual Studio. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56932 --- Comment #4 from Maarten <madebr(a)gmail.com> --- I fixed SDL's sdlprocdump minidump generation in https://github.com/libsdl-org/SDL/commit/be43dec79848e5dc16ec0767ee691eb62b0..., but the wine segfault can still happen when passing a NULL ExceptionParam, as explained in https://bugs.winehq.org/show_bug.cgi?id=56932#c3 Feel free to close this issue if you think this was user error, or keep it open when you think this should be fixed in wine. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56932 Eric Pouech <eric.pouech(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |ASSIGNED --- Comment #5 from Eric Pouech <eric.pouech(a)gmail.com> --- thanks for providing a fix for sdlprocdump I'll keep this bug report open as Wine shouldn't crash -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=56932 Eric Pouech <eric.pouech@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |FIXED Fixed by SHA1| |5234acc5d8774d7d3b3a121327f | |a1b00638d994d --- Comment #6 from Eric Pouech <eric.pouech@gmail.com> --- fixed by 5234acc5d8774d7d3b3a121327fa1b00638d994d -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=56932 Alexandre Julliard <julliard@winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #7 from Alexandre Julliard <julliard@winehq.org> --- Closing bugs fixed in 11.0-rc3. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (2)
-
WineHQ Bugzilla -
WineHQ Bugzilla