[Bug 29004] New: Crash in winhttp
http://bugs.winehq.org/show_bug.cgi?id=29004 Bug #: 29004 Summary: Crash in winhttp Product: Wine Version: 1.3.32 Platform: x86-64 OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: winhttp AssignedTo: wine-bugs(a)winehq.org ReportedBy: rosslagerwall(a)gmail.com Classification: Unclassified My application segfaults when it tries to use the winhttp dll. With the native windows winhttp.dll, it works perfectly. Attached is the log from the program with WINEDEBUG=+winhttp. To reproduce: Download http://www.numberwise.com/files/Numberwise-1.13.exe Install it. Run the program and enter random values for AccountNo, FirstName and Surname and then try and logon. The program will then segfault. Compile by hand on Opensuse 11.4 64 bit with ./configure --prefix=/tmp Thanks! -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 --- Comment #1 from Ross Lagerwall <rosslagerwall(a)gmail.com> 2011-11-06 06:38:58 CST --- Created attachment 37333 --> http://bugs.winehq.org/attachment.cgi?id=37333 debug output -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #37333|application/octet-stream |text/plain mime type| | -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|winhttp |-unknown Summary|Crash in winhttp |Unknown application crashes --- Comment #2 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2011-11-06 08:32:59 CST --- The crash is not in winhttp. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 ocean04(a)suomi24.fi changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ocean04(a)suomi24.fi --- Comment #3 from ocean04(a)suomi24.fi 2011-11-06 09:02:54 CST --- winetricks winhttp helps, so winhttp is correct component -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 Vitaliy Margolen <vitaliy-bugzilla(a)kievinfo.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download URL| |http://www.numberwise.com/f | |iles/Numberwise-1.13.exe Summary|Unknown application crashes |Numberwise crashes when | |trying to log-in -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 --- Comment #4 from Ross Lagerwall <rosslagerwall(a)gmail.com> 2011-11-07 03:59:51 CST --- While the crash may not be in winhttp, it certainly doesn't happen with the native winhttp vs the builtin winhttp. Anyway, I think it does happen *during* a call in winhttp. request_send_and_receive() in winhttp/request.c calls VariantChangeType() which eventually calls a bad memcpy(). This can be seen in the backtrace from the log: """ =>0 0xf74f0d16 memcpy+0x46() in libc.so.6 (0x0100e7b8) ... 5 0x7ea0a60c VariantChangeType+0x3b(pvargDest=0x100ea08, pvargSrc=0x1766c0, wFlags=0, vt=0x2011) [/home/ross/Downloads/wine-1.3.32/dlls/oleaut32/variant.c:982] in oleaut32 (0x0100e9b8) 6 0x7e2e2b0d request_send_and_receive+0x17c(request=<is not available>) [/home/ross/Downloads/wine-1.3.32/dlls/winhttp/request.c:2879] in winhttp (0x0100ea38) """ Thanks for the winetricks tip. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|-unknown |oleaut32 -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 Hans Leidekker <hans(a)meelstraat.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|oleaut32 |winhttp --- Comment #5 from Hans Leidekker <hans(a)meelstraat.net> 2011-11-08 05:46:23 CST --- The crash in oleaut32 is a separate bug. It turns out that native winhttp has special treatment for string data; it will convert to utf-8 and set a content type header. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 --- Comment #6 from Ross Lagerwall <rosslagerwall(a)gmail.com> 2011-11-09 00:20:35 CST ---
It turns out that native winhttp has special treatment for string data; it will convert to utf-8 and set a content type header.
Right. Does this mean it's an easy fix? Thanks -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 Dan Kegel <dank(a)kegel.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW CC| |dank(a)kegel.com Ever Confirmed|0 |1 --- Comment #7 from Dan Kegel <dank(a)kegel.com> 2011-11-09 08:26:48 CST --- For Hans, maybe: http://www.winehq.org/pipermail/wine-patches/2011-November/108659.html http://www.winehq.org/pipermail/wine-patches/2011-November/108660.html http://www.winehq.org/pipermail/wine-patches/2011-November/108661.html -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 --- Comment #8 from Ross Lagerwall <rosslagerwall(a)gmail.com> 2011-11-09 12:40:09 CST --- Thanks. I tried the patches and while they fix the crash happening, the behavior is still different. Attached are two tcpdump logs, one from the builtin winhttp and another from the native winhttp. As can be seen, the builtin winhttp has an additional "; charset=utf-8" in the content-type. More importantly, the content-lengths differ and the builtin winhttp does not appear to transmit the correct data. There is a curious line in the builtin winhttp tcpdump: ".lB..?.TW.i.n.H.t.t.p.R.e.q.u.e.s.t...5.)...me=R....USE.H.o.s.t...all&Unique...." which looks like it may be sending data from a bad location in memory. Cheers -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 --- Comment #9 from Ross Lagerwall <rosslagerwall(a)gmail.com> 2011-11-09 12:40:30 CST --- Created attachment 37405 --> http://bugs.winehq.org/attachment.cgi?id=37405 builtin tcpdump -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 --- Comment #10 from Ross Lagerwall <rosslagerwall(a)gmail.com> 2011-11-09 12:40:47 CST --- Created attachment 37406 --> http://bugs.winehq.org/attachment.cgi?id=37406 native tcpdump -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 Jerome Leclanche <adys.wh(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |patch CC| |adys.wh(a)gmail.com --- Comment #11 from Jerome Leclanche <adys.wh(a)gmail.com> 2011-11-09 16:20:54 CST --- Two out of three patches committed. 82965248d141042ad712a2b6aedd80010ce8a12e 5d6425498695ca26791301f23af5f2ef95f1b07b Can't mark fixed yet. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |3c9d356bc44c208264c07e7d123 | |a62dfdc068255 Status|NEW |RESOLVED Resolution| |FIXED --- Comment #12 from Austin English <austinenglish(a)gmail.com> 2011-11-14 13:46:30 CST --- (In reply to comment #11)
Two out of three patches committed.
82965248d141042ad712a2b6aedd80010ce8a12e 5d6425498695ca26791301f23af5f2ef95f1b07b
Can't mark fixed yet.
http://source.winehq.org/git/wine.git/commitdiff/3c9d356bc44c208264c07e7d123... -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 --- Comment #13 from Ross Lagerwall <rosslagerwall(a)gmail.com> 2011-11-15 01:04:58 CST --- Thanks for the fixes. However, it unfortunately does not post the data correctly. I opened this as a new bug at http://bugs.winehq.org/show_bug.cgi?id=29093 Cheers -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29004 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #14 from Alexandre Julliard <julliard(a)winehq.org> 2011-11-18 13:04:05 CST --- Closing bugs fixed in 1.3.33. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org