wine-bugs May 2024

wine-bugs@winehq.org

1 participants
1807 discussions

[Bug 56590] New: Buffer Overflow in jpeg_decoder_initialize
by WineHQ Bugzilla 02 Jul '24

02 Jul '24

https://bugs.winehq.org/show_bug.cgi?id=56590 Bug ID: 56590 Summary: Buffer Overflow in jpeg_decoder_initialize Product: Wine Version: 9.7 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: major Priority: P2 Component: windowscodecs Assignee: wine-bugs(a)winehq.org Reporter: franco(a)blackwinghq.com Distribution: --- The vulnerable jpeg_decoder_initialize function in file libjpeg.c (https://github.com/wine-mirror/wine/blob/master/dlls/windowscodecs/libjpeg.…) is used to decompress jpegs and create a raw bitmap version of the image. In jpeg_decoder_initialize, the values for cinfo.output_width and cinfo.output_height are retrieved directly from a jpeg file's header. cinfo.output_width and cinfo.output_height can be manipulated by editing the header of the jpeg file being processed. They are two bytes each in the image's header so their values can range from 0x0000 to 0xFFFF. These variables are multiplied with frame.bpp. When these three values are multiplied together they can exceed the limit of a 32-bit unsigned integer, leading to an integer overflow vulnerability. This product is used to set the size of the image_data buffer, which will store the decompressed jpeg (https://github.com/wine-mirror/wine/blob/master/dlls/windowscodecs/libjpeg.…). When the sizing arguments overflow, the buffer becomes too small to store the decompressed data. The program writes the decompressed image to the buffer using the jpeg_read_scanlines function. The function ends up writing to out-of-bounds memory due to the buffer’s small size (https://github.com/wine-mirror/wine/blob/master/dlls/windowscodecs/libjpeg.…). This causes data in memory adjacent to the buffer to be overwritten. An attacker is in control of the image's height, width, and contents. This allows an attacker to craft an exploit to overwrite data in memory with data they control. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

1 5

[Bug 56668] New: Visual Studio 2022 Community Edition doesn't install in quiet mode (Mono.Security.X509.X509Store.get_Crls)
by WineHQ Bugzilla 02 Jul '24

02 Jul '24

https://bugs.winehq.org/show_bug.cgi?id=56668 Bug ID: 56668 Summary: Visual Studio 2022 Community Edition doesn't install in quiet mode (Mono.Security.X509.X509Store.get_Crls) Product: Wine Version: 9.8 Hardware: x86-64 URL: https://visualstudio.microsoft.com/vs/community/ OS: Linux Status: NEW Keywords: download, Installer Severity: normal Priority: P2 Component: mscoree Assignee: wine-bugs(a)winehq.org Reporter: austinenglish(a)gmail.com Distribution: Debian Created attachment 76454 --> https://bugs.winehq.org/attachment.cgi?id=76454 installer log austin@debian:~/Downloads$ du -sh VisualStudioSetup.exe 3.9M VisualStudioSetup.exe austin@debian:~/Downloads$ sha1sum VisualStudioSetup.exe 5d0923c690a40a5113a0dec506c14a412b4ee2e4 VisualStudioSetup.exe The installer will fail early if run normally / with the GUI (see bug 56644). If quiet mode is used: wine VisualStudioSetup-2022.exe --quiet --noweb --norestart --installPath "%ProgramFiles%\\Microsoft Visual Studio\\2022" --add Microsoft.Component.MSBuild It gets a bit further, but then fails to download anything. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

1 1

[Bug 21227] New: cmd doesn't echo redirection like native
by wine-bugs＠winehq.org 01 Jul '24

01 Jul '24

http://bugs.winehq.org/show_bug.cgi?id=21227 Summary: cmd doesn't echo redirection like native Product: Wine Version: 1.1.35 Platform: x86 OS/Version: Linux Status: NEW Keywords: download, source, testcase Severity: normal Priority: P3 Component: programs AssignedTo: wine-bugs(a)winehq.org ReportedBy: dank(a)kegel.com Native cmd echoes commands after some canonicalization has been done on their redirects. A batch file containing dir 1> ok dir > bad dir | bad dir > blah > bad echoes as dir 1> ok dir 1> bad dir | bad dir 1> bad (note the extra space inserted before the > or |). Wine's cmd doesn't currently do this, but it could probably do so without too much trouble; it already collects redirects separately for each command. For the moment I'll probably put a kludge in the cmd conformance test runner to compensate. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

2 15

[Bug 54335] New: fp.exe has no mouse, resize does not work, escape string don't work
by WineHQ Bugzilla 01 Jul '24

01 Jul '24

https://bugs.winehq.org/show_bug.cgi?id=54335 Bug ID: 54335 Summary: fp.exe has no mouse, resize does not work, escape string don't work Product: Wine Version: 8.0-rc4 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: margers.roked(a)inbox.lv Distribution: --- fp.exe download link http://downloads.freepascal.org/fpc/dist/3.2.2/i386-win32/fpc-3.2.2.i386-wi… Fail to start from shortcut/launcher. Starting form terminal: 1) has no mouse support 2) not all escape strings work for example Alt+F does not open File menu 3) resize terminal window does not resize program window accordingly. Starting from cmd has the same problems + after exit cmd is broken -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

1 5

[Bug 24026] New: Tab completion for cmd
by wine-bugs＠winehq.org 01 Jul '24

01 Jul '24

http://bugs.winehq.org/show_bug.cgi?id=24026 Summary: Tab completion for cmd Product: Wine Version: 1.3.0 Platform: x86 OS/Version: Linux Status: UNCONFIRMED Severity: enhancement Priority: P2 Component: cmd AssignedTo: wine-bugs(a)winehq.org ReportedBy: andrew.millington(a)gmail.com Pressing tab only creates a space but should complete a file name in the same way that Windows does with their Command Prompt. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

2 16

[Bug 53711] New: Final Fantasy XI Crashes
by WineHQ Bugzilla 01 Jul '24

01 Jul '24

https://bugs.winehq.org/show_bug.cgi?id=53711 Bug ID: 53711 Summary: Final Fantasy XI Crashes Product: Wine Version: 7.17 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: pandora.xero(a)gmail.com Distribution: --- Created attachment 73136 --> https://bugs.winehq.org/attachment.cgi?id=73136 most recent backtrace, 20220920 122500 US Central. I have multiple occurrences over the past several months (most of which I have saved the backtraces for) of the game crashing. Symptoms include: Game crash on logout Occasional Game crash on zone Failure to load textures, or glitched textures loaded I am unable to glean any information from the backtraces, primarily because I am not familiar with x86 assembly, but I have had issues like these for a while now. They mostly occur after switching between characters multiple times, or zoning a large number of times, but the most recent one (attached) was totally random as I was walking through a zone. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

1 31

[Bug 56580] New: Xdefiant Beta pdh.dll.PdhGetFormattedCounterArrayA
by WineHQ Bugzilla 01 Jul '24

01 Jul '24

https://bugs.winehq.org/show_bug.cgi?id=56580 Bug ID: 56580 Summary: Xdefiant Beta pdh.dll.PdhGetFormattedCounterArrayA Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: pdh Assignee: wine-bugs(a)winehq.org Reporter: hippo1555(a)gmail.com Distribution: --- Launch game, after getting to main menu load any mode. during loading land on: wine: Call from 000000007B013AD7 to unimplemented function -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

1 8

[Bug 55949] New: PEB->PostProcessInitRoutine broken / unimplemented
by WineHQ Bugzilla 01 Jul '24

01 Jul '24

https://bugs.winehq.org/show_bug.cgi?id=55949 Bug ID: 55949 Summary: PEB->PostProcessInitRoutine broken / unimplemented Product: Wine Version: 8.19 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: ntdll Assignee: wine-bugs(a)winehq.org Reporter: novae.harpist06(a)icloud.com Distribution: --- Created attachment 75533 --> https://bugs.winehq.org/attachment.cgi?id=75533 Reproducer Reproducer attached. Windows output: Hello world! Wine output: (nothing) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

1 1

[Bug 55752] New: ntdll:wow64 - The 32-bit test_peb_teb() fails in Wine's the new WoW mode
by WineHQ Bugzilla 01 Jul '24

01 Jul '24

https://bugs.winehq.org/show_bug.cgi?id=55752 Bug ID: 55752 Summary: ntdll:wow64 - The 32-bit test_peb_teb() fails in Wine's the new WoW mode Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: ntdll Assignee: wine-bugs(a)winehq.org Reporter: fgouget(a)codeweavers.com Distribution: --- ntdll:wow64 - The 32-bit test_peb_teb() fails in Wine's the new WoW mode: wow64.c:874: Test failed: wrong Tib.ExceptionList 7ffffe1ff530 / 7FFC2000 See https://test.winehq.org/data/patterns.html#ntdll:wow64 In particular one can see this issue on fg-deb64-i386, fgtb-debian11-i386, fgtb-debian12-i386 and rbernon-*-wow64 which all run the 32-bit tests in the new Windows-on-Windows Wine mode. This failure does no happen in the 64-bit test, or when running in a pure 32-bit environment or in the old Windows-on-Windows mode. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

1 3

[Bug 52755] New: Visual Novel "A Clockwork Ley-Line" hangs with blackscreen
by WineHQ Bugzilla 30 Jun '24

30 Jun '24

https://bugs.winehq.org/show_bug.cgi?id=52755 Bug ID: 52755 Summary: Visual Novel "A Clockwork Ley-Line" hangs with blackscreen Product: Wine Version: 7.5 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: dark.shadow4(a)web.de Distribution: --- For the Launcher issue see bug 44397. You need to run LeyLine.exe directly. Using the standalone (non-steam) version. The game starts, shows its splashscreen, but then hangs indefinitely with a blackscreen instead of going into the main menu. Bisected to commit f15c23df4a281a93087b5c0d2ca421463c7b9e4a Author: Jactry Zeng <jzeng(a)codeweavers.com> Date: Mon Apr 6 11:54:07 2020 -0500 qasf: Implement IFileSourceFilter_Load() for WM ASF reader. Signed-off-by: Jactry Zeng <jzeng(a)codeweavers.com> Signed-off-by: Zebediah Figura <zfigura(a)codeweavers.com> Signed-off-by: Alexandre Julliard <julliard(a)winehq.org> Not sure what component that is though... Would you mind talking a look, please? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

1 5

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

wine-bugs May 2024