https://bugs.winehq.org/show_bug.cgi?id=45980
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |focht@gmx.net Summary|Cisco packet tracer crashes |Cisco Packet Tracer 7.2 |(secur32.LsaGetLogonSession |crashes on startup |Data is a stub) |(secur32.LsaGetLogonSession | |Data is a stub)
--- Comment #2 from Anastasius Focht focht@gmx.net --- Hello Louis,
confirming, looks like some bugged application.
--- snip --- $ pwd /home/focht/.wine/drive_c/Program Files (x86)/Cisco Packet Tracer 7.2/bin
$ WINEDEBUG=+seh,+relay wine ./PacketTracer7.exe >>log.txt 2>&1 ... 002a:Call advapi32.OpenProcessToken(ffffffff,00000008,0033fad4) ret=01a9dfdf 002a:Ret advapi32.OpenProcessToken() retval=00000001 ret=01a9dfdf 002a:Call advapi32.GetTokenInformation(00000130,0000000a,0033fad8,00000038,0033facc) ret=01a9e002 002a:Ret advapi32.GetTokenInformation() retval=00000001 ret=01a9e002 002a:Call KERNEL32.CloseHandle(00000130) ret=01a9e03f 002a:Ret KERNEL32.CloseHandle() retval=00000001 ret=01a9e03f 002a:Call secur32.LsaGetLogonSessionData(0033fb48,0033fb5c) ret=01a9e08c 002a:fixme:secur32:LsaGetLogonSessionData 0x33fb48 0x33fb5c stub 002a:Ret secur32.LsaGetLogonSessionData() retval=c0000002 ret=01a9e08c 002a:Call KERNEL32.FileTimeToLocalFileTime(00000030,0033fb50) ret=01a9e09d 002a:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7b47caa8 ip=7b47caa8 tid=002a 002a:trace:seh:raise_exception info[0]=00000000 002a:trace:seh:raise_exception info[1]=00000034 002a:trace:seh:raise_exception eax=00000030 ebx=0033fb50 ecx=0033fb00 edx=00000008 esi=0033fb38 edi=0033fb08 002a:trace:seh:raise_exception ebp=0033fae8 esp=0033fab8 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010206 002a:trace:seh:call_stack_handlers calling handler at 0x1f8dccd code=c0000005 flags=0 002a:trace:seh:call_stack_handlers handler at 0x1f8dccd returned 1 002a:trace:seh:call_stack_handlers calling handler at 0x1f8effb code=c0000005 flags=0 002a:trace:seh:call_stack_handlers handler at 0x1f8effb returned 1 002a:trace:seh:call_stack_handlers calling handler at 0x1b2b6ab code=c0000005 flags=0 ... 002a:Call user32.MessageBoxW(00000000,06de1fb8 L"Packet Tracer has stopped working unexpectedly. Please save a diagnostic (dmp) file, report a bug on Packet Tracer's issue tracking system (http://ptbugs.netacad.net) with detailed information and steps to reproduce, and attach the saved diagnostic file and log file to the reported bug.\n\nYour defau"...,0298c2a4 L"Cisco Packet Tracer",00000010) ret=018a9ea8 --- snip ---
Disassembly:
--- snip --- 01A9E07F LEA EAX,[EBP-14] 01A9E082 PUSH EAX ; ppLogonSessionData 01A9E083 LEA EAX,[EBP-28] 01A9E086 PUSH EAX ; LogonId 01A9E087 CALL <JMP.&Secur32.LsaGetLogonSessionData> 01A9E08C LEA EAX,[EBP-20] 01A9E08F PUSH EAX 01A9E090 MOV EAX,DWORD PTR SS:[EBP-14] 01A9E093 ADD EAX,30 ; offset LogonTime 01A9E096 PUSH EAX ; FileTime 01A9E097 CALL DWORD PTR DS:[<&KERNEL32.FileTimeToLocalFileTime>] --- snip ---
Not checking NTSTATUS value before accessing out parameter(!) values is a big no-no.
https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/ns-ntsecapi-_s...
--- snip --- typedef struct _SECURITY_LOGON_SESSION_DATA { ULONG Size; LUID LogonId; LSA_UNICODE_STRING UserName; LSA_UNICODE_STRING LogonDomain; LSA_UNICODE_STRING AuthenticationPackage; ULONG LogonType; ULONG Session; PSID Sid; LARGE_INTEGER LogonTime; ... --- snip ---
Tidbit: while debugging one gets to see this lovely piece of code:
--- snip --- ... ; UNICODE "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s" 01A9EFB5 PUSH OFFSET 0298C1D8 01A9EFBA CALL DWORD PTR DS:[<&KERNEL32.OutputDebugStringW>] 01A9EFC0 XOR EBX,EBX 01A9EFC2 MOV ESI,DWORD PTR DS:[<&USER32.FindWindowW>] 01A9EFC8 PUSH EBX 01A9EFC9 PUSH OFFSET 0298A54C ; UNICODE "OLLYDBG" 01A9EFCE CALL ESI 01A9EFD0 PUSH EBX 01A9EFD1 TEST EAX,EAX 01A9EFD3 JE SHORT 01A9EFDB 01A9EFD5 CALL DWORD PTR DS:[<&KERNEL32.ExitProcess>] 01A9EFDB PUSH OFFSET 0298A55C ; UNICODE "WinDbgFrameClass" 01A9EFE0 CALL ESI 01A9EFE2 TEST EAX,EAX 01A9EFE4 JE SHORT 01A9EFE9 01A9EFE6 PUSH EBX 01A9EFE7 JMP SHORT 01A9EFD5 --- snip ---
Seriously? Poor man's anti-debug, to be defeated in a millisecond. Instead of focusing on code robustness/quality they put that crap in.
BTW there are sources for various apps/tools available on Github that make use of 'LsaGetLogonSessionData'. Might be useful later as testsuite/testcases.
https://www.google.com/search?&q=github+LsaGetLogonSessionData+LogonTime
Wine source:
https://source.winehq.org/git/wine.git/blob/HEAD:/dlls/secur32/lsa.c#l152
--- snip --- 152 NTSTATUS WINAPI LsaGetLogonSessionData(PLUID LogonId, 153 PSECURITY_LOGON_SESSION_DATA* ppLogonSessionData) 154 { 155 FIXME("%p %p stub\n", LogonId, ppLogonSessionData); 156 *ppLogonSessionData = NULL; 157 return STATUS_NOT_IMPLEMENTED; 158 } --- snip ---
$ wine --version wine-3.18
Regards