[Bug 38841] New: PunkBuster 'PnkBstrB.exe' initialization fails (K32EnumProcessModules write to NULL pointer)
https://bugs.winehq.org/show_bug.cgi?id=38841
Bug ID: 38841 Summary: PunkBuster 'PnkBstrB.exe' initialization fails (K32EnumProcessModules write to NULL pointer) Product: Wine Version: 1.7.46 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: kernel32 Assignee: wine-bugs@winehq.org Reporter: o.dierick@piezo-forte.be Distribution: ---
PunkBuster bundled with the game APB Reloaded failed to initialize PnkBstrB.exe on my system.
--- +relay output --- ... 0031:Call KERNEL32.K32EnumProcessModules(ffffffff,00000000,00100000,0076e9a8) ret=0044ef87 0031:Call KERNEL32.UnhandledExceptionFilter(0076e4c8) ret=7bc99dad ... --- end +relay output ---
+relay debug output shows that PnkBstrB.exe call kernel32.K32EnumProcessModules() with a NULL pointer as parameter 'lphModule' and a non-zero value in parameter 'cb'. The current Wine code does not check if lphModule is NULL, it writes module information in lphModule until cb size is not enough. Writing to NULL pointer raises the exception.
I first tried to put this code in the K32EnumProcessModules() function:
--- code --- if(!lphModule) { cb = 0; } --- end code ---
With this code, the K32EnumProcessModules() call succeeds, but after that PnkBstrB.exe tries to read at the NULL pointer and crashes anyway.
So I used this code instead:
--- code --- if(!lphModule) { SetLastEror(ERROR_NOACCESS); return FALSE; } --- end code ---
With that code, PnkBstrB.exe does not crash. It loads fine when the game starts. I could play the game 3 hours long without getting kicked, and I could play again today. The pbcl.log file shows that everything PunkBuster related is working.
https://bugs.winehq.org/show_bug.cgi?id=38841
--- Comment #1 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 51772 --> https://bugs.winehq.org/attachment.cgi?id=51772 Patch to handle NULL pointer gracefully in kernel32.K32EnumProcessModules()
Here is the patch.
It is quite simple and I don't think it can harm anything.
I'll submit it to wine-patches right away.
https://bugs.winehq.org/show_bug.cgi?id=38841
--- Comment #2 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Works with both GamersFirst and Steam versions of APB Reloaded.
https://bugs.winehq.org/show_bug.cgi?id=38841
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |sebastian@fds-team.de
--- Comment #3 from Sebastian Lackner sebastian@fds-team.de --- I didn't test with APB Reloaded, but it looks like the issue was fixed a while ago with http://source.winehq.org/git/wine.git/patch/c3f95eddc1bf73b0c5dc95fdfde2b0f8.... Can this bug report be closed?
https://bugs.winehq.org/show_bug.cgi?id=38841
Olivier F. R. Dierick o.dierick@piezo-forte.be changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |FIXED
--- Comment #4 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Thanks for reminding me about this.
Marking as fixed.
https://bugs.winehq.org/show_bug.cgi?id=38841
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |c3f95eddc1bf73b0c5dc95fdfde | |2b0f8a6d292a2
https://bugs.winehq.org/show_bug.cgi?id=38841
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #5 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 1.7.51.
-
wine-bugs@winehq.org