https://bugs.winehq.org/show_bug.cgi?id=37882
Bug ID: 37882 Summary: user32.GetKeyboardLayoutNameA/W can't handle NULL out parameter, causing crash in custom application Product: Wine Version: 1.7.34 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: user32 Assignee: wine-bugs@winehq.org Reporter: focht@gmx.net Distribution: ---
Hello folks,
as the summary says.
A user in #winehq asked about this and I looked into it.
Kind of non-standard use case but since Wine strives to be compatible with as many Windows apps as possible this should work too.
Relevant part of trace log:
--- snip --- ... 003d:Starting process L"Z:\home\focht\Downloads\44217C15F30538A1FBDF614C9785C9B7.exe" (entryproc=0x437927) 003d:Call user32.GetKeyboardLayoutNameW(00000000) ret=00437377 003d:Call PE DLL (proc=0x7dd53e78,module=0x7dcf0000 L"winex11.drv",reason=PROCESS_ATTACH,res=(nil)) 003d:Ret PE DLL (proc=0x7dd53e78,module=0x7dcf0000 L"winex11.drv",reason=PROCESS_ATTACH,res=(nil)) retval=1 003d:Call winex11.drv.wine_get_gdi_driver(0000002e) ret=7eb3c4d4 003d:Ret winex11.drv.wine_get_gdi_driver() retval=7dd7ace0 ret=7eb3c4d4 003d:Call winex11.drv.CreateDesktopWindow(00010020) ret=7ec6200a 003d:Ret winex11.drv.CreateDesktopWindow() retval=00000001 ret=7ec6200a 003d:Call winex11.drv.wine_get_gdi_driver(0000002e) ret=7eb3c4d4 003d:Ret winex11.drv.wine_get_gdi_driver() retval=7dd7ace0 ret=7eb3c4d4 003d:Call winex11.drv.GetKeyboardLayoutName(00000000) ret=7ec61cc6 003d:trace:seh:raise_exception code=c0000005 flags=0 addr=0xf75bdf80 ip=f75bdf80 tid=003d 003d:trace:seh:raise_exception info[0]=00000001 003d:trace:seh:raise_exception info[1]=00000000 003d:trace:seh:raise_exception eax=00000000 ebx=f7755000 ecx=00000000 edx=00000030 esi=0033f9b4 edi=0033f984 003d:trace:seh:raise_exception ebp=0033f908 esp=0033f660 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00210293 003d:trace:seh:call_stack_handlers calling handler at 0x7bc9ed1b code=c0000005 ... Backtrace: =>0 0xf75bdf80 vsnprintfW+0x546(str=*** invalid address 0x2 ***, len=0x7fffffff, format="%08x", valist="Ó¸×}HÜÎ{") [/home/focht/projects/wine/wine.repo/src/libs/wine/string.c:485] in libwine.so.1 (0x0033f908) 1 0xf75be096 sprintfW+0x38(str=0x0(nil), format="%08x") [/home/focht/projects/wine/wine.repo/src/libs/wine/string.c:525] in libwine.so.1 (0x0033f938) 2 0x7dd1b261 X11DRV_GetKeyboardLayoutName+0x57(name=0x0(nil)) [/home/focht/projects/wine/wine.repo/src/dlls/winex11.drv/keyboard.c:1590] in winex11 (0x0033f978) 3 0x7bc6e63e relay_call+0x39() in ntdll (0x0033f998) 4 0x7dcfa6ad frame_dummy+0xcc() in winex11 (0x0033f9c8) 5 0x7ec61cc6 loaderdrv_GetKeyboardLayoutName+0x18(name=0x0(nil)) [/home/focht/projects/wine/wine.repo/src/dlls/user32/driver.c:618] in user32 (0x0033f9c8) 6 0x7ec77b70 GetKeyboardLayoutNameW+0x25(pwszKLID=0x0(nil)) [/home/focht/projects/wine/wine.repo/src/dlls/user32/input.c:969] in user32 (0x0033f9e8) 7 0x7bc6e63e relay_call+0x39() in ntdll (0x0033fa00) 8 0x7ec33b05 in user32 (+0x3b04) (0x0033fa64) 9 0x00437377 in 44217c15f30538a1fbdf614c9785c9b7Z:\home\focht\Downloads\44217C15F30538A1FBDF614C9785C9B7.exe (+0x37376) (0x0033fa64) ... --- snip ---
MSDN: http://msdn.microsoft.com/en-us/library/windows/desktop/ms646298%28v=vs.85%2...
With 'FALSE' being returned, the application checks the last error code for 0x3e6 ('ERROR_NOACCESS') and bails if not matching.
With that part fixed, the app runs much farther (doesn't fully work yet, but that could be subject to additional bugs).
$ sha1sum 44217C15F30538A1FBDF614C9785C9B7.exe 64f4d39d57b33e58a3937a23e37889583dce47dc 44217C15F30538A1FBDF614C9785C9B7.exe
$ du -sh 44217C15F30538A1FBDF614C9785C9B7.exe 388K 44217C15F30538A1FBDF614C9785C9B7.exe
$ wine --version wine-1.7.34
Regards