[Bug 50038] New: IWbemClassObject::Get method with wszName = NULL crashes inside wbemprox
https://bugs.winehq.org/show_bug.cgi?id=50038
Bug ID: 50038 Summary: IWbemClassObject::Get method with wszName = NULL crashes inside wbemprox Product: Wine Version: 5.19 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: wmi&wbemprox Assignee: wine-bugs@winehq.org Reporter: xerox.xerox2000x@gmail.com Distribution: ---
Trying run powershell (2.0) with something like wine powershell -c get-wmiobject win32_process makes it crash inside wbemprox. It seems to come from
wbemprox:class_object_Get (00FB59D8, (null), 00000000, 059BEA8C, 019194F8, 019194FC)
Then apparently static BOOL is_system_prop( const WCHAR *name ) { return (name[0] == '_' && name[1] == '_'); } goes wrong
That wszName is null is probably due to previous bugs/insufficiencies (?guess?), but at least it shouldn`t crash inside wbemprox I think (modified test in tests/query.c with name=NULL shows it returns WBEM_E_INVALID_PARAMETER).
Something like
return (name && name[0] == '_' && name[1] == '_');
helps prevent crash but I don`t know how to fix this properly
Below +wbemprox trace
0130:trace:wbemprox:create_class_object L"Win32_Process", 00FA6930 0130:trace:wbemprox:create_class_object returning iface 00FB59D8 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {00000000-0000-0000-c000-000000000046}, 059BE5D0 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {c3fcc19e-a970-11d2-8b5a-00a0c9b7c9c4}, 059BE584 0130:fixme:wbemprox:class_object_QueryInterface interface {c3fcc19e-a970-11d2-8b5a-00a0c9b7c9c4} not implemented 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {b196b283-bab4-101a-b69c-00aa00341d07}, 059BE478 0130:fixme:wbemprox:class_object_QueryInterface interface {b196b283-bab4-101a-b69c-00aa00341d07} not implemented 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {00000003-0000-0000-c000-000000000046}, 059BE3F8 0130:fixme:wbemprox:class_object_QueryInterface interface {00000003-0000-0000-c000-000000000046} not implemented 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {00000144-0000-0000-c000-000000000046}, 059BE47C 0130:fixme:wbemprox:class_object_QueryInterface interface {00000144-0000-0000-c000-000000000046} not implemented 0130:trace:wbemprox:class_object_QueryInterface 00FB59D8, {dc12a681-737f-11cf-884d-00aa004b2e24}, 059BE8A0 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__GENUS", 00000000, 059BF1B8, 059BF27C, 059BF278 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__PATH", 00000000, 059BF19C, 059BF264, 059BF260 0130:fixme:ole:thread_context_info_QueryInterface interface not implemented {51372ae0-cae7-11cf-be81-00aa00a2fa25} 0130:fixme:wmiutils:wmiutils_cf_QueryInterface interface {b196b28f-bab4-101a-b69c-00aa00341d07} not implemented 0130:fixme:wmiutils:path_QueryInterface interface {c3fcc19e-a970-11d2-8b5a-00a0c9b7c9c4} not implemented 0130:fixme:wmiutils:path_QueryInterface interface {00000003-0000-0000-c000-000000000046} not implemented 0130:fixme:wmiutils:path_QueryInterface interface {00000144-0000-0000-c000-000000000046} not implemented 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__NAMESPACE", 00000000, 059BEF4C, 018EDB90, 018EDB94 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__NAMESPACE", 00000000, 059BEF50, 018EDB90, 018EDB94 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__CLASS", 00000000, 059BEF4C, 018EDC48, 018EDC4C 0130:trace:wbemprox:class_object_Get 00FB59D8, L"__CLASS", 00000000, 059BEF50, 018EDC48, 018EDC4C 0130:trace:wbemprox:class_object_GetNames 00FB59D8, (null), 00000030, 059BEA94 {VT_EMPTY}, 059BEA60 0130:fixme:wbemprox:class_object_GetNames qualifier not supported 0130:trace:wbemprox:class_object_Get 00FB59D8, (null), 00000000, 059BEA8C, 019194F8, 019194FC 0130:fixme:wer:WerReportSetParameter (00FBBED0, 0, L"NameOfExe", L"powershell51.exe") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 1, L"FileVersionOfSystemManagementAutomation", L"6.0.6002.18111") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 2, L"InnermostExceptionType", L"System.AccessViolationException") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 3, L"OutermostExceptionType", L"System.AccessViolationException") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 5, L"DeepestFrame", L"stem.Management.IWbemClassObjectFreeThreaded.Get_f") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 4, L"DeepestPowerShellFrame", L"utomation.ManagementClassApdapter.AddAllProperties") :stub 0130:fixme:wer:WerReportSetParameter (00FBBED0, 6, L"ThreadName", L"Pipeli..ution Thread") :stub 0130:fixme:wer:WerReportAddDump (00FBBED0, 0000016C, 00000000, 2, 00000000, 00000000, 0) :stub 0130:fixme:advapi:RegisterEventSourceW ((null),L".NET Runtime"): stub 0130:fixme:advapi:ReportEventW (CAFE4242,0x0001,0x0000,0x000003ff,00000000,0x0001,0x00000000,059BC580,00000000): stub 0130:err:eventlog:ReportEventW L".NET Runtime version 2.0.50727.1433 - Attempted to read or write protected memory. This is often an indication that other memory is corrupt."
https://bugs.winehq.org/show_bug.cgi?id=50038
Louis Lenders xerox.xerox2000x@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- URL| |http://download.windowsupda | |te.com/msdownload/update/so | |ftware/updt/2009/11/windows | |server2003-kb968930-x64-eng | |_8ba702aa016e4c5aed58181464 | |7f4d55635eff5c.exe Keywords| |download
--- Comment #1 from Louis Lenders xerox.xerox2000x@gmail.com --- Note: To work around bug https://bugs.winehq.org/show_bug.cgi?id=25740 I used custum winescript script from https://bugs.winehq.org/show_bug.cgi?id=49966
https://bugs.winehq.org/show_bug.cgi?id=50038
--- Comment #2 from Hans Leidekker hans@meelstraat.net --- Created attachment 68482 --> https://bugs.winehq.org/attachment.cgi?id=68482 patch
Can you try this patch?
https://bugs.winehq.org/show_bug.cgi?id=50038
--- Comment #3 from Louis Lenders xerox.xerox2000x@gmail.com --- (In reply to Hans Leidekker from comment #2)
Created attachment 68482 [details] patch
Can you try this patch?
Hi Hans,
The patch fixes the crash, thanks!
(Note: The command "powershell -c get-wmiobject win32_process" still doesn`t work correctly***, but that`s then another bug. This patch is enough to fix the aforementioned crash, that prevented several installers using chocolatey from finishing correctly. With this patch they finish fine, thanks again)
***: Current behaviour after applying patch:
010c:fixme:wbemprox:class_object_GetMethodQualifierSet 001B4D80, L"GetOwner", 04C0EA94 010c:fixme:path:parse_url failed to parse L"System.Management.Automation.resources" 010c:fixme:path:parse_url failed to parse L"System.Management.Automation.resources" format-default : The following exception occurred while retrieving members: "The method or operation is not implemented." + CategoryInfo : NotSpecified: (:) [format-default], ExtendedTypeSystemException + FullyQualifiedErrorId : CatchFromBaseGetMembers,Microsoft.PowerShell.Commands.FormatDefaultCommand
https://bugs.winehq.org/show_bug.cgi?id=50038
--- Comment #4 from Louis Lenders xerox.xerox2000x@gmail.com --- Hi Hans, just for the info:
After applying your next patch https://www.winehq.org/pipermail/wine-devel/2020-October/176003.html the command works correctly now! Nice job!
WINEDEBUG=-all wine powershell -c get-wmiobject win32_process wine: Read access denied for device L"\??\Z:\", FS volume label and serial are not available.
__GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="32 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \DEBIAN\ROOT\CIMV2:Win32_Process.Handle="32 Caption : powershell.exe CommandLine : "C:\windows\system32\WindowsPowershell\v1.0\powershell.exe" -c get-wmiobject win32_process Description : powershell.exe Handle : 32 Name : powershell.exe ParentProcessID : 0 ProcessID : 32 ThreadCount : 4 WorkingSetSize : 0
__GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="56 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \DEBIAN\ROOT\CIMV2:Win32_Process.Handle="56 Caption : services.exe CommandLine : Description : services.exe Handle : 56 Name : services.exe ParentProcessID : 40 ProcessID : 56 ThreadCount : 11 WorkingSetSize : 0
__GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="68 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \DEBIAN\ROOT\CIMV2:Win32_Process.Handle="68 Caption : svchost.exe CommandLine : Description : svchost.exe Handle : 68 Name : svchost.exe ParentProcessID : 56 ProcessID : 68 ThreadCount : 3 WorkingSetSize : 0
__GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="92 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \DEBIAN\ROOT\CIMV2:Win32_Process.Handle="92 Caption : winedevice.exe CommandLine : Description : winedevice.exe Handle : 92 Name : winedevice.exe ParentProcessID : 56 ProcessID : 92 ThreadCount : 4 WorkingSetSize : 0
__GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="116 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \DEBIAN\ROOT\CIMV2:Win32_Process.Handle="116 Caption : plugplay.exe CommandLine : Description : plugplay.exe Handle : 116 Name : plugplay.exe ParentProcessID : 56 ProcessID : 116 ThreadCount : 6 WorkingSetSize : 0
__GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="172 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \DEBIAN\ROOT\CIMV2:Win32_Process.Handle="172 Caption : winedevice.exe CommandLine : Description : winedevice.exe Handle : 172 Name : winedevice.exe ParentProcessID : 56 ProcessID : 172 ThreadCount : 6 WorkingSetSize : 0
__GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="236 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \DEBIAN\ROOT\CIMV2:Win32_Process.Handle="236 Caption : explorer.exe CommandLine : Description : explorer.exe Handle : 236 Name : explorer.exe ParentProcessID : 40 ProcessID : 236 ThreadCount : 3 WorkingSetSize : 0
__GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="256 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \DEBIAN\ROOT\CIMV2:Win32_Process.Handle="256 Caption : rpcss.exe CommandLine : Description : rpcss.exe Handle : 256 Name : rpcss.exe ParentProcessID : 56 ProcessID : 256 ThreadCount : 7 WorkingSetSize : 0
__GENUS : 2 __CLASS : Win32_Process __RELPATH : Win32_Process.Handle="292 __PROPERTY_COUNT : 9 __SERVER : DEBIAN __NAMESPACE : ROOT\CIMV2 __PATH : \DEBIAN\ROOT\CIMV2:Win32_Process.Handle="292 Caption : conhost.exe CommandLine : Description : conhost.exe Handle : 292 Name : conhost.exe ParentProcessID : 32 ProcessID : 292 ThreadCount : 1 WorkingSetSize : 0
https://bugs.winehq.org/show_bug.cgi?id=50038
Louis Lenders xerox.xerox2000x@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |b1ceb7853cf0d7abe99fd917e65 | |a22507795f7de Status|NEW |RESOLVED Resolution|--- |FIXED
--- Comment #5 from Louis Lenders xerox.xerox2000x@gmail.com --- This was fixed by b1ceb7853cf0d7abe99fd917e65a22507795f7de
Thanks Hans
https://bugs.winehq.org/show_bug.cgi?id=50038
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #6 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 5.21.
https://bugs.winehq.org/show_bug.cgi?id=50038
Michael Stefaniuc mstefani@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |5.0.x
https://bugs.winehq.org/show_bug.cgi?id=50038
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- URL|http://download.windowsupda |https://web.archive.org/web |te.com/msdownload/update/so |/20200924155535/http://down |ftware/updt/2009/11/windows |load.windowsupdate.com/msdo |server2003-kb968930-x64-eng |wnload/update/software/updt |_8ba702aa016e4c5aed58181464 |/2009/11/windowsserver2003- |7f4d55635eff5c.exe |kb968930-x64-eng_8ba702aa01 | |6e4c5aed581814647f4d55635ef | |f5c.exe CC| |focht@gmx.net
https://bugs.winehq.org/show_bug.cgi?id=50038
Michael Stefaniuc mstefani@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|5.0.x |---
--- Comment #7 from Michael Stefaniuc mstefani@winehq.org --- Removing the 5.0.x milestone from bug fixes included in 5.0.4.
-
WineHQ Bugzilla