https://bugs.winehq.org/show_bug.cgi?id=32786
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, obfuscation Status|UNCONFIRMED |NEW URL| |http://downloadsweb01.poi.d | |e/HappyFoto/Windows/DE/Happ | |yFoto-Designer.exe CC| |focht@gmx.net Component|-unknown |gdiplus Summary|HappyFotoDesigner.exe does |Happy Foto Designer 5.4 |not start |crashes on startup, | |reporting 'invalid pointer | |operation' Ever confirmed|0 |1
--- Comment #9 from Anastasius Focht focht@gmx.net --- Hello folks,
the original 'windowscodecs' problem is likely gone. Unfortunately an old app version is no longer available for reproducing.
Anyway, the current version still exhibits a problem on startup, albeit 'gdiplus' related. Rechristening the ticket.
Trace log with "loader" stage skipped (via command line args):
--- snip --- $ pwd /home/focht/.wine/drive_c/Program Files/HappyFoto-Designer
$ WINEDEBUG=+tid,+seh,+loaddll,+gdiplus,+msgbox,+resource wine ./HappyFoto-Designer.exe o9i7 o9i7 >>log.txt 2>&1 ... 0027:trace:gdiplus:graphics_from_image <-- 0x1ce02b0 0027:trace:gdiplus:GdipSetInterpolationMode (0x1ce02b0, 5) 0027:trace:gdiplus:GdipSetCompositingMode (0x1ce02b0, 1) 0027:trace:gdiplus:GdipDrawImageRectRectI (0x1ce02b0, 0x2061420, 0, 0, 15, 14, 101, 364, 15, 14, 2, (nil), (nil), (nil)) 0027:trace:gdiplus:GdipDrawImagePointsRect (0x1ce02b0, 0x2061420, 0x33f600, 3, 101.000000, 364.000000, 15.000000, 14.000000, 2, (nil), (nil), (nil)) 0027:trace:gdiplus:GdipDrawImagePointsRect (0.00,0.00) (15.00,0.00) (0.00,14.00) 0027:trace:gdiplus:GdipScaleMatrix (0x33f2dc, 1.00, 1.00, 1) 0027:trace:gdiplus:GdipTransformMatrixPoints (0x33f2dc, 0x33f474, 4) 0027:trace:gdiplus:GdipDrawImagePointsRect (0,0) (15,0) (0,14) (15,14) 0027:trace:gdiplus:GdipDrawImagePointsRect src pixels: 101.000000,364.000000 15.000000x14.000000 0027:trace:gdiplus:GdipDrawImagePointsRect graphics: 96.00x96.00 dpi, fmt 0xe200b, scale 1.000000, image: 96.00x96.00 dpi, fmt 0x26200a, color 00000000 0027:trace:gdiplus:GdipGetImageBounds 0x20634f0 0x33f424 0x33f2dc 0027:trace:gdiplus:GdipGetImageBounds returning (0.000000, 0.000000) (15.000000, 14.000000) unit type 2 0027:trace:gdiplus:GdipDrawImagePointsRect dst_area: (0,0)-(15,14) 0027:trace:gdiplus:GdipSetMatrixElements (0x33f3fc, 1.00, 0.00, 0.00, 1.00, -101.00, -364.00) 0027:trace:gdiplus:GdipInvertMatrix (0x33f3fc) 0027:trace:gdiplus:GdipIsMatrixInvertible (0x33f3fc, 0x33f2c8) 0027:trace:gdiplus:GdipDrawImagePointsRect src_area: 15 x 14 0027:trace:gdiplus:GdipBitmapLockBits 0x2061420 0x33f414 5 0x26200a 0x33f3e4 0027:trace:gdiplus:GdipBitmapUnlockBits (0x2061420,0x33f3e4) 0027:trace:gdiplus:GdipGetRegionHRgn (0x205b3a0, (nil), 0x33f288) 0027:trace:gdiplus:GdipDeleteGraphics (0x1ce02b0) 0027:trace:gdiplus:GdipDeleteRegion 0x205b3a0 0027:trace:gdiplus:GdipGetImageWidth 0x20634f0 0x23197b0 0027:trace:gdiplus:GdipGetImageWidth returning 15 0027:trace:gdiplus:GdipGetImageHeight 0x20634f0 0x23197b4 0027:trace:gdiplus:GdipGetImageHeight returning 14 0027:trace:resource:FindResourceExW 0x400000 #000a L"RIBBONBLUE" 0000 0027:trace:resource:LdrFindResource_U module 0x400000 type #000a name L"RIBBONBLUE" lang 0000 level 3 0027:trace:resource:find_entry_by_id root 0x131c000 dir 0x131c000 id 000a ret 0x131ce10 0027:trace:resource:find_entry_by_name root 0x131c000 dir 0x131ce10 name L"RIBBONBLUE" ret 0x131fdb0 0027:trace:resource:find_entry_by_id root 0x131c000 dir 0x131fdb0 id 0000 not found 0027:trace:resource:find_entry_by_id root 0x131c000 dir 0x131fdb0 id 0409 not found 0027:trace:resource:find_entry_by_id root 0x131c000 dir 0x131fdb0 id 0009 not found 0027:trace:resource:LoadResource 0x400000 0x1322cd0 0027:trace:gdiplus:GdipDisposeImage 0x2061420 0027:trace:seh:raise_exception code=eedfade flags=1 addr=0x7b845d61 ip=7b845d61 tid=0027 0027:trace:seh:raise_exception info[0]=0070ff93 0027:trace:seh:raise_exception info[1]=01d999f8 0027:trace:seh:raise_exception info[2]=0070ff93 0027:trace:seh:raise_exception info[3]=0070ff93 0027:trace:seh:raise_exception info[4]=00000000 0027:trace:seh:raise_exception info[5]=0033f720 0027:trace:seh:raise_exception info[6]=0033f708 0027:trace:seh:raise_exception eax=7b832afd ebx=0070ff93 ecx=0000001c edx=0033f684 esi=0070ff93 edi=00000000 0027:trace:seh:raise_exception ebp=0033f6c8 esp=0033f664 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00000287 ... 0027:trace:msgbox:MSGBOX_OnInit L"Ung\00fcltige Zeigeroperation" --- snip ---
'winetricks -q gdiplus' works around.
From brief look it seems the app is really deep into gdiplus for whatever
reasons. At the point of the Delphi exception being raised I see that 'GdipFree' entry point was hooked and subsequently called due to Wine 'GdipDisposeImage' implementation:
Source: https://source.winehq.org/git/wine.git/blob/f78a6dd15c85f374a841427d7edce742...
--- snip --- 2160 GpStatus WINGDIPAPI GdipDisposeImage(GpImage *image) 2161 { 2162 GpStatus status; 2163 2164 TRACE("%p\n", image); 2165 2166 status = free_image_data(image); 2167 if (status != Ok) return status; 2168 image->type = ~0; 2169 GdipFree(image); 2170 2171 return Ok; 2172 } --- snip ---
'gdiplus.GdipDisposeImage' -> 'gdiplus.GdipFree' -> app hook -> looks at bytes preceeding the memory chunk (-4 bytes -> heap magic) -> throw.
My guess would be the app relies on internal implementation details of MS 'gdiplus' API to work properly.
ProtectionID scan for documentation:
--- snip --- -=[ ProtectionID v0.6.6.7 DECEMBER]=- (c) 2003-2015 CDKiLLER & TippeX Build 24/12/14-22:48:13 Ready... Scanning -> C:\Program Files\HappyFoto-Designer\HappyFoto-Designer.exe File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 17882208 (0110DC60h) Byte(s) Compilation TimeStamp : 0x5559B1EC -> Mon 18th May 2015 09:33:32 (GMT) [TimeStamp] 0x5559B1EC -> Mon 18th May 2015 09:33:32 (GMT) | PE Header | - | Offset: 0x00000108 | VA: 0x00400108 | - -> File Appears to be Digitally Signed @ Offset 0110C600h, size : 01660h / 05728 byte(s) [File Heuristics] -> Flag #1 : 00000000000001001100000000100101 (0x0004C025) [Entrypoint Section Entropy] : 6.36 (section #1) ".itext " | Size : 0xB47C (46204) byte(s) [DllCharacteristics] -> Flag : (0x0000) -> NONE [SectionCount] 9 (0x9) | ImageSize 0x111D000 (17944576) byte(s) [VersionInfo] Company Name : IP Labs GmbH [VersionInfo] Product Version : 5 [VersionInfo] File Description : Happy Foto Designer [VersionInfo] File Version : 5.4.8.1 [VersionInfo] Internal Name : IP Labs PhotoGenie [VersionInfo] Version Comments : Developed 2015 by ip.labs GmbH. Bonn (www.iplabs.de) [VersionInfo] Legal Copyrights : Copyright (C) 2015 by ip.labs GmbH [CdKeySerial] found "Unregistered" @ VA: 0x0015F33D / Offset: 0x0015E73D [CdKeySerial] found "SerialNumber" @ VA: 0x004D4F5D / Offset: 0x004D435D [CdKeySerial] found "Invalid code" @ VA: 0x00EB92CA / Offset: 0x00EB78CA [CdKeySerial] found "Invalid code" @ VA: 0x00EB9317 / Offset: 0x00EB7917 [CdKeySerial] found "Invalid code" @ VA: 0x00EC5BBB / Offset: 0x00EC41BB [CdKeySerial] found "Invalid code" @ VA: 0x00EC5BEE / Offset: 0x00EC41EE [CdKeySerial] found "Serial Number" @ VA: 0x0108AE8A / Offset: 0x0107B08A [CdKeySerial] found "Serial Number" @ VA: 0x0108B639 / Offset: 0x0107B839 [CompilerDetect] -> Borland Delphi (unknown version) - 99% probability [!] File appears to have no protection or is using an unknown protection - Scan Took : 4.766 Second(s) [00000108Ah (4234) tick(s)] [499 of 573 scan(s) done] --- snip ---
$ sha1sum HappyFoto-Designer.exe a2e45c0bb64c4329f7f8ab4e879c93c63113775c HappyFoto-Designer.exe
$ du -sh HappyFoto-Designer.exe 302M HappyFoto-Designer.exe
$ wine --version wine-1.7.51-201-g60d1d6f
Regards