[Bug 8892] CityInfo 2.7 crash on startup

15 Feb 2008

http://bugs.winehq.org/show_bug.cgi?id=8892
Anastasius Focht focht@gmx.net changed:
What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |focht@gmx.net
--- Comment #19 from Anastasius Focht focht@gmx.net  2008-02-15 17:55:23 ---
Hello,
target is Delphi App (hence the 0xeedfade exception code) packed with Aspack
2.11
The first bug encountered is mshtml insufficiency...
--- snip ---
..
0009:fixme:mshtml:HTMLBodyElement_put_scroll (0x164cf00)->(L"auto")
0009:Call ole32.GetErrorInfo(00000000,0034fc70) ret=004748c6
0009:Ret  ole32.GetErrorInfo() retval=00000001 ret=004748c6
0009:Call
KERNEL32.FormatMessageA(00003000,00000000,80004001,00000000,0034fab4,00000100,00000000)
ret=0040de44
0009:Ret  KERNEL32.FormatMessageA() retval=00000000 ret=0040de44
0009:Call user32.LoadStringA(00400000,0000ff0f,0034f7ac,00000400) ret=00406e06
0009:Ret  user32.LoadStringA() retval=0000000e ret=00406e06
0009:Call KERNEL32.RaiseException(0eedfade,00000001,00000007,0034fc24)
ret=0050bb59
0009:trace:seh:raise_exception code=eedfade flags=1 addr=0x7b841540
0009:trace:seh:raise_exception  info[0]=0050bb59
0009:trace:seh:raise_exception  info[1]=0088d914
0009:trace:seh:raise_exception  info[2]=80004001
0009:trace:seh:raise_exception  info[3]=0050bb59
0009:trace:seh:raise_exception  info[4]=0059150c
0009:trace:seh:raise_exception  info[5]=0034fc74
0009:trace:seh:raise_exception  info[6]=0034fc40
0009:trace:seh:raise_exception  eax=7b82c259 ebx=7b8ad884 ecx=00000000
edx=0034fc24 esi=0034fc24 edi=0034fba0
0009:trace:seh:raise_exception  ebp=0034fb88 esp=0034fb24 cs=0073 ds=007b
es=007b fs=0033 gs=003b flags=00200212
0009:trace:seh:call_stack_handlers calling handler at 0x474980 code=eedfade
flags=1
0009:trace:seh:call_stack_handlers handler at 0x474980 returned 1
..
--- snip ---
You can work around it with following patch:
--- snip ---

diff --git a/dlls/mshtml/htmlbody.c b/dlls/mshtml/htmlbody.c
index d3bbfd0..a6df494 100644
--- a/dlls/mshtml/htmlbody.c
+++ b/dlls/mshtml/htmlbody.c
@@ -325,7 +325,7 @@ static HRESULT WINAPI
HTMLBodyElement_put_scroll(IHTMLBodyElement *iface, BSTR v
 {
     HTMLBodyElement *This = HTMLBODY_THIS(iface);
     FIXME("(%p)->(%s)\n", This, debugstr_w(v));
-    return E_NOTIMPL;
+    return S_OK;
 }
static HRESULT WINAPI HTMLBodyElement_get_scroll(IHTMLBodyElement *iface, BSTR
*p)
--- snip ---
The second bug is the real showstopper...
--- snip ---
..
0023:Call
advapi32.CryptImportKey(0014d030,0296263c,00000138,001820c0,00000000,0034fdd0)
ret=005461ce
0023:trace:crypt:CryptImportKey (0x14d030, 0x296263c, 312, 0x1820c0, 00000000,
0x34fdd0)
0023:Call
rsaenh.CPImportKey(00000001,0296263c,00000138,00000003,00000000,01d54124)
ret=604cd76b
0023:trace:crypt:RSAENH_CPImportKey (hProv=00000001, pbData=0x296263c,
dwDataLen=312, hPubKey=00000003, dwFlags=00000000, phKey=0x1d54124)
0023:Ret  rsaenh.CPImportKey() retval=00000000 ret=604cd76b
0023:Ret  advapi32.CryptImportKey() retval=00000000 ret=005461ce
0023:Call KERNEL32.GetLastError() ret=0040fdaf
0023:Ret  KERNEL32.GetLastError() retval=80090005 ret=0040fdaf
0023:Call
KERNEL32.FormatMessageA(00003000,00000000,80090005,00000000,0034fb8c,00000100,00000000)
ret=0040de44
0023:Ret  KERNEL32.FormatMessageA() retval=00000000 ret=0040de44
0023:Call user32.LoadStringA(00400000,0000ffca,0034f844,00000400) ret=00406e06
0023:Ret  user32.LoadStringA() retval=0000001c ret=00406e06
0023:Call KERNEL32.RaiseException(0eedfade,00000001,00000007,0034fc78)
ret=0040fe0a
0023:trace:seh:raise_exception code=eedfade flags=1 addr=0x7b841540
0023:trace:seh:raise_exception  info[0]=0040fe0a
0023:trace:seh:raise_exception  info[1]=022173e4
0023:trace:seh:raise_exception  info[2]=80090005
0023:trace:seh:raise_exception  info[3]=01f96c98
0023:trace:seh:raise_exception  info[4]=0034fdd0
0023:trace:seh:raise_exception  info[5]=0034fcb8
0023:trace:seh:raise_exception  info[6]=0034fc94
0023:trace:seh:raise_exception  eax=7b82c259 ebx=7b8ad884 ecx=00000000
edx=0034fc78 esi=0034fc78 edi=0034fbf0
0023:trace:seh:raise_exception  ebp=0034fbd8 esp=0034fb74 cs=0073 ds=007b
es=007b fs=0033 gs=003b flags=00200212
0023:trace:seh:call_stack_handlers calling handler at 0x40fe20 code=eedfade
flags=1
0023:trace:seh:call_stack_handlers handler at 0x40fe20 returned 1
..
--- snip ---
Wine fails to import private RSA key (BLOB).
Dumping the BLOB reveals following:
--- snip ---
xxxxx63c:  07 02 00 00 00 a4 00 00 48 ef 5b 4c 8f ec 74 62
xxxxx64c:  5f 4c fc 07 80 85 8d 35 72 0a 6e 56 5f e7 8e 40
xxxxx65c:  fb f1 dd 3b 1e 07 cc b3 af b0 4a d0 18 e9 76 3a
xxxxx66c:  de 6c 84 a2 f2 9b 7d 01 f2 4d 62 3f 02 af 2b 9e
xxxxx67c:  24 a8 ca 11 2e 8a 39 76 82 ba b7 18 70 50 cc 46
xxxxx68c:  52 0c 8a 0e d0 7b 36 26 f0 39 5b 95 08 f5 67 92
xxxxx69c:  0d 38 ae fb ef c0 8e ae 84 3b b8 fc 28 53 8b 1e
xxxxx6ac:  45 eb 11 45 5e 7f a1 42 1f 87 13 2e 07 24 91 1e
xxxxx6bc:  01 78 8a 16 86 d5 e5 4f 81 65 aa b6 bd da 79 01
xxxxx6cc:  bc cb 99 ce ec 51 fc c4 48 bf 75 8d 76 0b a0 92
xxxxx6dc:  aa 53 b5 9a 39 5e e3 97 2e 8a d7 89 14 f4 db f6
xxxxx6ec:  ff 3f 74 45 89 bb 12 6a 6c 52 a3 36 0e a6 ef 0b
xxxxx6fc:  1e 15 ee 13 a8 05 73 7b ff e1 02 ee 6c 41 4a f7
xxxxx70c:  d5 f3 a6 e4 52 07 1f ba b7 f3 80 37 50 8d d0 a3
xxxxx71c:  d1 e1 6b 99 9c ab 97 a3 a0 36 ae 46 de 9f 6c 7e
xxxxx72c:  fa db 70 2a 3a ed 09 c6 c2 c0 76 db 73 80 76 ed
xxxxx73c:  99 d6 53 c7 ce 19 90 12 fc db cc 8b ed ff 3b e4
xxxxx74c:  51 1d 55 40 4e 8b d0 89 c9 a6 89 e2 37 c0 36 e8
xxxxx75c:  c8 18 7a 20 1d 03 55 5d 7d 76 bc 9f e8 c6 69 0b
xxxxx76c:  bc f7 3c 46 58 ac fe af
--- snip ---
typedef struct _PUBLICKEYSTRUC {
    BYTE   bType;    // 0x07 (PRIVATEKEYBLOB)
    BYTE   bVersion; // 0x02 (CUR_BLOB_VERSION)
    WORD   reserved; // 0x0000
    ALG_ID aiKeyAlg; // 0x0000a400 (CALG_RSA_KEYX)
} BLOBHEADER, PUBLICKEYSTRUC;
The type is PRIVATEKEYBLOB which indicates that RSAPUBKEY should follow the
header:
typedef struct _RSAPUBKEY {
    DWORD   magic;
    DWORD   bitlen;
    DWORD   pubexp;
} RSAPUBKEY;
Wine's RSAENH_CPImportKey() looks at the magic of RSAPUBKEY for 'RSA2' in
PRIVATEKEYBLOB case and gives up if not found:
--- snip dlls/rsaenh/rsaenh.c ---
BOOL WINAPI RSAENH_CPImportKey(HCRYPTPROV hProv, CONST BYTE *pbData, DWORD
dwDataLen, 
                               HCRYPTKEY hPubKey, DWORD dwFlags, HCRYPTKEY
*phKey)
{ 
...
switch (pBlobHeader->bType)
    {
        case PRIVATEKEYBLOB:    
            if ((dwDataLen < sizeof(BLOBHEADER) + sizeof(RSAPUBKEY)) || 
                (pRSAPubKey->magic != RSAENH_MAGIC_RSA2) ||
                (dwDataLen < sizeof(BLOBHEADER) + sizeof(RSAPUBKEY) + 
                    (2 * pRSAPubKey->bitlen >> 3) + (5 *
((pRSAPubKey->bitlen+8)>>4)))) 
            {
                SetLastError(NTE_BAD_DATA);
                return FALSE;
            }  
...
--- snip dlls/rsaenh/rsaenh.c ---
My educated guess: the key BLOB is encrypted (except the BLOBHEADER of course)
and should be properly decrypted before further processing.
Regards
-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.


    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[Bug 8892] CityInfo 2.7 crash on startup