[Bug 35200] New: Knytt Stories level editor crashes when trying to save a compressed level
http://bugs.winehq.org/show_bug.cgi?id=35200 Bug ID: 35200 Summary: Knytt Stories level editor crashes when trying to save a compressed level Product: Wine Version: 1.7.9 Hardware: x86 URL: http://nifflas.ni2.se/content/Knytt%20Stories/Knytt%20 Stories%20121.zip OS: Linux Status: NEW Keywords: download Severity: normal Priority: P2 Component: comdlg32 Assignee: wine-bugs(a)winehq.org Reporter: gyebro69(a)gmail.com Classification: Unclassified Created attachment 46951 --> http://bugs.winehq.org/attachment.cgi?id=46951 terminal output Steps to reproduce the problem: 1. after unpacking the game start 'Level Editor.exe' 2. click on <Load level> at the left bottom corner. 3. from the menu choose <Level> -> <Compress> and click on the Save button in the Save as file dialog...the level editor crashes with the following backtrace: ... Backtrace: =>0 0x6666694e (0x0033f9d8) 1 0x7ea31828 GetSaveFileNameA+0x27(ofn=0x33fa08) [/home/gyebro/sources/wine-1.7.9/dlls/comdlg32/filedlg.c:4159] in comdlg32 (0x0033f9f8) ... -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=35200 --- Comment #1 from GyB <gyebro69(a)gmail.com> --- Created attachment 46952 --> http://bugs.winehq.org/attachment.cgi?id=46952 +comdlg traces -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 Qian Hong <fracting(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fracting(a)gmail.com --- Comment #2 from Qian Hong <fracting(a)gmail.com> --- Interesting, it seems doesn't crash with +relay log. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 --- Comment #3 from Béla Gyebrószki <gyebro69(a)gmail.com> --- Created attachment 52528 --> https://bugs.winehq.org/attachment.cgi?id=52528 backtrace (wine-1.7.52-190-gd548639) Still crashes when saving a compressed level, but the backtrace is different: Backtrace: =>0 0x7e8b37c7 GetFileDialog95A+0x3d7(ofn=0x6e6b2e65, iDlgType=<is not available>) [/home/gyebro/sources/wine-git/dlls/comdlg32/filedlg.c:479] in comdlg32 (0x006e6962) 0x7e8b37c7 GetFileDialog95A+0x3d7 [/home/gyebro/sources/wine-git/dlls/comdlg32/filedlg.c:479] in comdlg32: testb $0x8,0x9773c(%ebx) 479 TRACE("selected file: %s\n",ofn->lpstrFile); Wine compiled with -O0 vs.-O2 optimization flag also results in different backtraces. The attachment contains 2 backtraces, the first one was made with -O0, the second one with -O2. wine-1.7.52-190-gd548639 Fedora 22 32-bit gcc version 5.1.1 20150618 (Red Hat 5.1.1-4) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 --- Comment #4 from Bruno Jesus <00cpxxx(a)gmail.com> --- Initial analysis shows that this is a heap corruption that happens when comdlg32 tries to copy the file title to lpstrFileTitle. The application says that the buffer has 260 bytes (nMaxFileTitle) but that does not seem to be true. So when the file name is copied it messes up. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 super_man(a)post.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |super_man(a)post.com --- Comment #5 from super_man(a)post.com --- Could bug #26139 be related. It mentions GetFileDialog95A -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 Bruno Jesus <00cpxxx(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |00cpxxx(a)gmail.com --- Comment #6 from Bruno Jesus <00cpxxx(a)gmail.com> --- Created attachment 52620 --> https://bugs.winehq.org/attachment.cgi?id=52620 patch This is the patch that I'm trying to prove it is right, it works for me. But this kind of test takes time. In the mean time I appreciate more tests with it =) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 Bruno Jesus <00cpxxx(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #52620|0 |1 is obsolete| | --- Comment #7 from Bruno Jesus <00cpxxx(a)gmail.com> --- Created attachment 52622 --> https://bugs.winehq.org/attachment.cgi?id=52622 patch v2 Wrong version, this is the correct. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 --- Comment #8 from Bruno Jesus <00cpxxx(a)gmail.com> --- Actually my patch may work but seems wrong, Windows blindly corrupts the struct as well so there is something else going on. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 Alistair Leslie-Hughes <leslie_alistair(a)hotmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #52622|0 |1 is patch| | -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 Alistair Leslie-Hughes <leslie_alistair(a)hotmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |patch CC| |leslie_alistair(a)hotmail.com -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 --- Comment #9 from super_man(a)post.com --- Maybe add fixmes/errs for showing the buffer sizes before and after filling them for testing. There are no trace messages. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 Sebastian Lackner <sebastian(a)fds-team.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Staged patchset| |https://github.com/wine-com | |pholio/wine-staging/tree/ma | |ster/patches/comdlg32-lpstr | |FileTitle Status|NEW |STAGED CC| |dmitry(a)baikal.ru, | |erich.e.hoover(a)wine-staging | |.com, michael(a)fds-team.de, | |sebastian(a)fds-team.de -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 Bruno Jesus <00cpxxx(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |DUPLICATE Status|STAGED |RESOLVED --- Comment #10 from Bruno Jesus <00cpxxx(a)gmail.com> --- This bug is older but Dmitry did the analysis of the problem in bug 38400 and I believe we don't need two bugs opened for the same issue, so resolving as duplicate. *** This bug has been marked as a duplicate of bug 38400 *** -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 --- Comment #11 from Dmitry Timoshkov <dmitry(a)baikal.ru> --- (In reply to Bruno Jesus from comment #10)
This bug is older but Dmitry did the analysis of the problem in bug 38400 and I believe we don't need two bugs opened for the same issue, so resolving as duplicate.
*** This bug has been marked as a duplicate of bug 38400 ***
I'd suggest to keep this bug separate from bug 38400. Although the symptoms are similar these two are really distinct bugs (and two separate fixes): one for A another for W implementation of the GetSaveFileName API, moreover the bug 38400 also needs a fix to GetOpenFileNameW, and it's a coincidence that the same fix works for it as well. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 Bruno Jesus <00cpxxx(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|DUPLICATE |--- Status|RESOLVED |REOPENED --- Comment #12 from Bruno Jesus <00cpxxx(a)gmail.com> --- (In reply to Dmitry Timoshkov from comment #11)
I'd suggest to keep this bug separate from bug 38400. Although the symptoms are similar these two are really distinct bugs (and two separate fixes): one for A another for W implementation of the GetSaveFileName API, moreover the bug 38400 also needs a fix to GetOpenFileNameW, and it's a coincidence that the same fix works for it as well.
Ok, will do. I think I may have misinterpreted your previous comments. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 Bruno Jesus <00cpxxx(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |STAGED -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=35200 André H. <nerv(a)dawncrow.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nerv(a)dawncrow.de Staged patchset|https://github.com/wine-com |https://github.com/wine-sta |pholio/wine-staging/tree/ma |ging/wine-staging/tree/mast |ster/patches/comdlg32-lpstr |er/patches/comdlg32-lpstrFi |FileTitle |leTitle -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org