http://bugs.winehq.org/show_bug.cgi?id=14221
--- Comment #4 from Anastasius Focht focht@gmx.net 2008-07-02 09:16:24 --- Created an attachment (id=14532) --> (http://bugs.winehq.org/attachment.cgi?id=14532) Patch which fixes bonjour service crash in winsock/iphlpapi
Hello,
don't dismiss user bugs too early. Actually this one is valid.
The Bonjour malware^H^H^H^H^H^H^Hnuisance isn't necessarily installed by iTunes. Adobe CS3 also installs the Apple Bonjour service (http://developer.apple.com/networking/bonjour/download).
The first service crash (also seen in other bug reports) should now be fixed by this recent commit:
http://source.winehq.org/git/wine.git/?a=commit;h=7e8ecd2d6437c0ed2ee83fc2b6... (service arg)
The next crash is due to winsock/iphlpapi bug.
--- snip --- 0016:trace:iphlpapi:GetIpForwardTable pIpForwardTable (nil), pdwSize 0x7eb81728, bOrder 0 0016:trace:iphlpapi:GetIpForwardTable returning 122 0016:trace:iphlpapi:GetIpForwardTable pIpForwardTable 0x571738, pdwSize 0x7eb81728, bOrder 0 0016:trace:iphlpapi:GetIpForwardTable returning 0 0016:trace:iphlpapi:GetPerAdapterInfo (IfIndex 4, pPerAdapterInfo (nil), pOutBufLen 0x7eb81740) 0016:trace:winsock:WSAStringToAddressA code=c0000005 flags=0 addr=0x6008e6b3 0016:trace:seh:raise_exception info[0]=00000000 0016:trace:seh:raise_exception info[1]=00000010 0016:trace:seh:raise_exception eax=00000010 ebx=6017dff4 ecx=00000000 edx=7eb81690 esi=7eb8143c edi=7eb8168c 0016:trace:seh:raise_exception ebp=7eb814c4 esp=7eb80e90 cs=0073 ds=007b es=007b fs=0033 gs=003b flags=00010246 0016:trace:seh:call_stack_handlers calling handler at 0x4254f0 code=c0000005 flags=0 wine: Unhandled page fault on read access to 0x00000010 at address 0x6008e6b3 (thread 0016), starting debugger... --- snip ---
GetPerAdapterInfo() is called with NULL pPerAdapterInfo parameter to figure out buffer size.
Actually MSDN is a bit vague/contradictory about this one.
http://msdn.microsoft.com/en-us/library/aa366012(VS.85).aspx
The service code checks for ERROR_BUFFER_OVERFLOW in this case and allocates buffer accordingly. The patch submitter should add conformance test for this one. You should be aware that wine <-> windows result for NULL pPerAdapterInfo might differ depending on if the adapter index is really valid (windows). Wine's impl is only a stub not taking that fact into account.
Attached patch fixes this and lets the service successfully start.
Regards