[Bug 54609] New: 32-bit LDAP Administrator crashes in internal Wine function proxy_manager_destroy

1 Mar 2023


      https://bugs.winehq.org/show_bug.cgi?id=54609
Bug ID: 54609
           Summary: 32-bit LDAP Administrator crashes in internal Wine
                    function proxy_manager_destroy
           Product: Wine
           Version: 8.2
          Hardware: x86
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: rpc
          Assignee: wine-bugs@winehq.org
          Reporter: alexhenrie24@gmail.com
      Distribution: ---
Created attachment 74138
  --> https://bugs.winehq.org/attachment.cgi?id=74138
WINEDEBUG=+ole
If I am reading the OLE trace correctly, the application:
1. Creates a proxy interface:
0110:trace:ole:proxy_manager_construct 01505048 created for OXID
2000000100, OID 3e
2. Sends the pointer to that interface to another thread:
0110:trace:ole:NdrBaseTypeMarshall value: 1505048
3. Releases and frees the interface:
0110:trace:ole:NdrInterfacePointerFree (04D4F594,01505048,1025B69C)
4. Receives the interface pointer on the other thread:
0100:trace:ole:NdrBaseTypeUnmarshall value: 1505048
5. Uses the interface on the other thread, despite it being freed:
0100:trace:ole:ClientIdentity_AddRef 01505048 - before 0
6. Releases and frees the interface again, which crashes:
0100:trace:ole:ClientIdentity_Release 01505048 - after 0
I don't understand how this works without crashing on Windows.
Here are all the traces that mention that interface pointer:
0110:trace:ole:proxy_manager_construct 01505048 created for OXID 2000000100,
OID 3e
0110:trace:ole:ClientIdentity_AddRef 01505048 - before 1
0110:trace:ole:ClientIdentity_Release 01505048 - after 1
0110:trace:ole:std_unmarshal_interface Successfully created proxy 01505048
0110:trace:ole:NdrBaseTypeMarshall value: 1505048
0110:trace:ole:NdrInterfacePointerFree (04D4F594,01505048,1025B69C)
0110:trace:ole:ClientIdentity_Release 01505048 - after 0
0100:trace:ole:NdrBaseTypeUnmarshall value: 1505048
0100:trace:ole:ClientIdentity_AddRef 01505048 - before 0
0100:trace:ole:ClientIdentity_Release 01505048 - after 0
The 64-bit version also crashes, but in a different way, see Bug 54606.
$ sha256sum ldapadmin-4.21.24429.0-x86-eng.msi
9d3e062b9c30d4bd73630b969414f65f969f0eafc5a3835f1ebb246c5c657d2a
-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[Bug 54609] New: 32-bit LDAP Administrator crashes in internal Wine function proxy_manager_destroy