https://bugs.winehq.org/show_bug.cgi?id=47783
Bug ID: 47783 Summary: Rockstar Games Launcher installer crashes Product: Wine Version: 4.16 Hardware: x86 URL: https://gamedownloads.rockstargames.com/public/install er/Rockstar-Games-Launcher.exe OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: ntdll Assignee: wine-bugs@winehq.org Reporter: bshanks@codeweavers.com Distribution: ---
The Rockstar Games Launcher installer (downloadable from https://gamedownloads.rockstargames.com/public/installer/Rockstar-Games-Laun...) displays a window and then crashes quickly after launching.
Running the installer with "warn+all" generates constant heap corruption errors ( i.e. "err:heap:HEAP_ValidateInUseArena Heap 0x110000: block 0x198350 tail overwritten at 0x198388 (byte 0/8 == 0x52)"), but the installer does not crash and successfully installs.
The installer is built with NSIS v3.04, and essentially does the following:
WINDOWINFO *wi = GlobalAlloc(GMEM_ZEROINIT, 56); wi->cbSize = 56; GetWindowInfo(hWnd, wi); GlobalFree(wi);
The problem is that sizeof(WINDOWINFO) is actually 60. For some reason Windows has always ignored cbSize and writes 60 bytes into the buffer, Wine does the same. The hard-coded 56 has been in NSIS example code (https://nsis.sourceforge.io/GetWindowInfo) for years, it's very possible there are other installers having this problem.
Based on this article (https://blogs.msdn.microsoft.com/jiangyue/2010/03/15/windows-heap-overrun-mo...) and some testing I did in a debugger, it appears that Windows heap allocations leave healthy padding/unused bytes at the end, and this must be why the installer doesn't crash on Windows.
Running Wine with "warn+heap" adds padding to the end of heap allocations, which is why the installer doesn't crash there.
I think the fix for this is to increase/add padding to the end of heap allocations. Also a WARN should be added to GetWindowInfo() if cbSize is incorrect.