[Bug 45980] New: Cisco packet tracer crashes ( secur32.LsaGetLogonSessionData is a stub)
https://bugs.winehq.org/show_bug.cgi?id=45980
Bug ID: 45980 Summary: Cisco packet tracer crashes (secur32.LsaGetLogonSessionData is a stub) Product: Wine Version: 3.17 Hardware: x86 URL: https://drive.google.com/file/d/1qK79wHrDjvnWa_4JSw0AP MIJUTsrxpLW/view OS: Linux Status: NEW Keywords: download Severity: normal Priority: P2 Component: secur32 Assignee: wine-bugs@winehq.org Reporter: xerox.xerox2000x@gmail.com Distribution: ---
Hi, a user reported trouble with this app on the forum: https://forum.winehq.org/viewtopic.php?f=9&t=31265
It throws up an error box as can be seen in the forum-thread. I was not able to get the backtrace from the user, for me it hangs after clicking OK.
AFAICT it only needs the LogonTime from the _SECURITY_LOGON_SESSION_DATA structure to return something useful, then the errorwindow is gone for me, even if still returning STATUS_NOT_IMPLEMENTED; hack below makes the app start without errorwindow
sha1sum Packet\ Tracer\ 7.2\ for\ Windows\ 32\ bit.zip f84e1a08b0b4f38ac977a11c7071e20c028b8d3e Packet Tracer 7.2 for Windows 32 bit.zip
diff --git a/dlls/secur32/lsa.c b/dlls/secur32/lsa.c index 694971d714..549de73511 100644 --- a/dlls/secur32/lsa.c +++ b/dlls/secur32/lsa.c @@ -153,7 +153,10 @@ NTSTATUS WINAPI LsaGetLogonSessionData(PLUID LogonId, PSECURITY_LOGON_SESSION_DATA* ppLogonSessionData) { FIXME("%p %p stub\n", LogonId, ppLogonSessionData); - *ppLogonSessionData = NULL; + // *ppLogonSessionData = NULL; + SECURITY_LOGON_SESSION_DATA fake; + fake.LogonTime.QuadPart = 44; + *ppLogonSessionData = &fake; return STATUS_NOT_IMPLEMENTED; }
https://bugs.winehq.org/show_bug.cgi?id=45980
--- Comment #1 from Louis Lenders xerox.xerox2000x@gmail.com --- Created attachment 62540 --> https://bugs.winehq.org/attachment.cgi?id=62540 +relay,+seh,+tid
part of a +relay,+seh,+tid log
https://bugs.winehq.org/show_bug.cgi?id=45980
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |focht@gmx.net Summary|Cisco packet tracer crashes |Cisco Packet Tracer 7.2 |(secur32.LsaGetLogonSession |crashes on startup |Data is a stub) |(secur32.LsaGetLogonSession | |Data is a stub)
--- Comment #2 from Anastasius Focht focht@gmx.net --- Hello Louis,
confirming, looks like some bugged application.
--- snip --- $ pwd /home/focht/.wine/drive_c/Program Files (x86)/Cisco Packet Tracer 7.2/bin
$ WINEDEBUG=+seh,+relay wine ./PacketTracer7.exe >>log.txt 2>&1 ... 002a:Call advapi32.OpenProcessToken(ffffffff,00000008,0033fad4) ret=01a9dfdf 002a:Ret advapi32.OpenProcessToken() retval=00000001 ret=01a9dfdf 002a:Call advapi32.GetTokenInformation(00000130,0000000a,0033fad8,00000038,0033facc) ret=01a9e002 002a:Ret advapi32.GetTokenInformation() retval=00000001 ret=01a9e002 002a:Call KERNEL32.CloseHandle(00000130) ret=01a9e03f 002a:Ret KERNEL32.CloseHandle() retval=00000001 ret=01a9e03f 002a:Call secur32.LsaGetLogonSessionData(0033fb48,0033fb5c) ret=01a9e08c 002a:fixme:secur32:LsaGetLogonSessionData 0x33fb48 0x33fb5c stub 002a:Ret secur32.LsaGetLogonSessionData() retval=c0000002 ret=01a9e08c 002a:Call KERNEL32.FileTimeToLocalFileTime(00000030,0033fb50) ret=01a9e09d 002a:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7b47caa8 ip=7b47caa8 tid=002a 002a:trace:seh:raise_exception info[0]=00000000 002a:trace:seh:raise_exception info[1]=00000034 002a:trace:seh:raise_exception eax=00000030 ebx=0033fb50 ecx=0033fb00 edx=00000008 esi=0033fb38 edi=0033fb08 002a:trace:seh:raise_exception ebp=0033fae8 esp=0033fab8 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010206 002a:trace:seh:call_stack_handlers calling handler at 0x1f8dccd code=c0000005 flags=0 002a:trace:seh:call_stack_handlers handler at 0x1f8dccd returned 1 002a:trace:seh:call_stack_handlers calling handler at 0x1f8effb code=c0000005 flags=0 002a:trace:seh:call_stack_handlers handler at 0x1f8effb returned 1 002a:trace:seh:call_stack_handlers calling handler at 0x1b2b6ab code=c0000005 flags=0 ... 002a:Call user32.MessageBoxW(00000000,06de1fb8 L"Packet Tracer has stopped working unexpectedly. Please save a diagnostic (dmp) file, report a bug on Packet Tracer's issue tracking system (http://ptbugs.netacad.net) with detailed information and steps to reproduce, and attach the saved diagnostic file and log file to the reported bug.\n\nYour defau"...,0298c2a4 L"Cisco Packet Tracer",00000010) ret=018a9ea8 --- snip ---
Disassembly:
--- snip --- 01A9E07F LEA EAX,[EBP-14] 01A9E082 PUSH EAX ; ppLogonSessionData 01A9E083 LEA EAX,[EBP-28] 01A9E086 PUSH EAX ; LogonId 01A9E087 CALL <JMP.&Secur32.LsaGetLogonSessionData> 01A9E08C LEA EAX,[EBP-20] 01A9E08F PUSH EAX 01A9E090 MOV EAX,DWORD PTR SS:[EBP-14] 01A9E093 ADD EAX,30 ; offset LogonTime 01A9E096 PUSH EAX ; FileTime 01A9E097 CALL DWORD PTR DS:[<&KERNEL32.FileTimeToLocalFileTime>] --- snip ---
Not checking NTSTATUS value before accessing out parameter(!) values is a big no-no.
https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/ns-ntsecapi-_s...
--- snip --- typedef struct _SECURITY_LOGON_SESSION_DATA { ULONG Size; LUID LogonId; LSA_UNICODE_STRING UserName; LSA_UNICODE_STRING LogonDomain; LSA_UNICODE_STRING AuthenticationPackage; ULONG LogonType; ULONG Session; PSID Sid; LARGE_INTEGER LogonTime; ... --- snip ---
Tidbit: while debugging one gets to see this lovely piece of code:
--- snip --- ... ; UNICODE "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s" 01A9EFB5 PUSH OFFSET 0298C1D8 01A9EFBA CALL DWORD PTR DS:[<&KERNEL32.OutputDebugStringW>] 01A9EFC0 XOR EBX,EBX 01A9EFC2 MOV ESI,DWORD PTR DS:[<&USER32.FindWindowW>] 01A9EFC8 PUSH EBX 01A9EFC9 PUSH OFFSET 0298A54C ; UNICODE "OLLYDBG" 01A9EFCE CALL ESI 01A9EFD0 PUSH EBX 01A9EFD1 TEST EAX,EAX 01A9EFD3 JE SHORT 01A9EFDB 01A9EFD5 CALL DWORD PTR DS:[<&KERNEL32.ExitProcess>] 01A9EFDB PUSH OFFSET 0298A55C ; UNICODE "WinDbgFrameClass" 01A9EFE0 CALL ESI 01A9EFE2 TEST EAX,EAX 01A9EFE4 JE SHORT 01A9EFE9 01A9EFE6 PUSH EBX 01A9EFE7 JMP SHORT 01A9EFD5 --- snip ---
Seriously? Poor man's anti-debug, to be defeated in a millisecond. Instead of focusing on code robustness/quality they put that crap in.
BTW there are sources for various apps/tools available on Github that make use of 'LsaGetLogonSessionData'. Might be useful later as testsuite/testcases.
https://www.google.com/search?&q=github+LsaGetLogonSessionData+LogonTime
Wine source:
https://source.winehq.org/git/wine.git/blob/HEAD:/dlls/secur32/lsa.c#l152
--- snip --- 152 NTSTATUS WINAPI LsaGetLogonSessionData(PLUID LogonId, 153 PSECURITY_LOGON_SESSION_DATA* ppLogonSessionData) 154 { 155 FIXME("%p %p stub\n", LogonId, ppLogonSessionData); 156 *ppLogonSessionData = NULL; 157 return STATUS_NOT_IMPLEMENTED; 158 } --- snip ---
$ wine --version wine-3.18
Regards
https://bugs.winehq.org/show_bug.cgi?id=45980
Louis Lenders xerox.xerox2000x@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.winehq.org/sho | |w_bug.cgi?id=46023
-
wine-bugs@winehq.org