https://bugs.winehq.org/show_bug.cgi?id=49372
Bug ID: 49372 Summary: winedump crashes for sltg typelib files Product: Wine Version: 5.10 Hardware: x86 OS: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: infyquest@gmail.com Distribution: ---
Created attachment 67425 --> https://bugs.winehq.org/attachment.cgi?id=67425 tlb file
When calling trying to dump the sltg typelib files, winedump crashes with assert error and it show incorrect pad9 output.
The command line output is below: $ winedump hello.tlb Contents of hello.tlb: 2519 bytes
Header { magic = 47544c53h # file blocks = 5 res06 = 000ch size of index = 002bh first block = 1 guid = {000204ff-0000-0000-c000-000000000046} res1c = 00000034h res20 = ffff0000h } Block entry 0 { len = 0000012bh index string = 21h "6b09b0648" next = 0002h } Block entry 1 { len = 00000103h index string = 17h "7b09b0648" next = 0003h } Block entry 2 { len = 0000012fh index string = dh "8b09b0648" next = 0004h } Block entry 3 { len = 000005cbh index string = 9h "dir" next = 0000h } index: "\1CompObj" "dir" "8b09b0648" "7b09b0648" "6b09b0648"
pad9: 0000006f: 00 00 00 00 18 88 50 34-54 .....�P4T
winedump: ../../../wine/tools/winedump/tlb.c:1984: sltg_dump: Assertion `hlpstr_len == len + 6' failed. Aborted (core dumped)
Attaching the affected sltg typelib file.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #1 from Nikolay Sivov bunglehead@gmail.com --- Are there tools to generate such typelib on modern Windows systems, with example idl's ?
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #2 from Vijay Kamuju infyquest@gmail.com --- I have the sample idl/odl, but we might need older sdks to generate the tlb file. I dont think there are any modern tools to generate the older sltg format.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #3 from Vijay Kamuju infyquest@gmail.com --- wine's oleview is able to view the tlb file without the helpstrings being visible.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #4 from Dmitry Timoshkov dmitry@baikal.ru --- (In reply to Vijay Kamuju from comment #0)
winedump: ../../../wine/tools/winedump/tlb.c:1984: sltg_dump: Assertion `hlpstr_len == len + 6' failed. Aborted (core dumped)
Attaching the affected sltg typelib file.
Thanks for the report, I'll try to find time to have a look. Just curious, do you know with which tool that .tlb file was created? It uses a very old index strings naming scheme.
(In reply to Nikolay Sivov from comment #1)
Are there tools to generate such typelib on modern Windows systems, with example idl's ?
Looks like 'midl.exe /oldtlb hello.idl' is broken in Windows 10 SDK, parsing works, however it can't save the resulting .tlb. It still should be possible to find mktyplib.exe and call it like this: 'mktyplib.exe /old hello.idl'.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #5 from Vijay Kamuju infyquest@gmail.com --- It should be older version of SDK (Win95). You should try with VC6.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #6 from Dmitry Timoshkov dmitry@baikal.ru --- (In reply to Vijay Kamuju from comment #5)
It should be older version of SDK (Win95). You should try with VC6.
I have a bunch of various tools for generating .tlb files here since I've being working on adding SLTG support to widl. midl.exe from VC6 package works for most of .idl statements, however for generating SLTG typelibs mktyplib.exe works better for some pretty complex constructs. It's still useful to test wide range of tools for comparison.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #7 from Dmitry Timoshkov dmitry@baikal.ru --- (In reply to Vijay Kamuju from comment #0)
Created attachment 67425 [details] tlb file
Please attach also source .idl.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #8 from Vijay Kamuju infyquest@gmail.com --- Created attachment 67440 --> https://bugs.winehq.org/attachment.cgi?id=67440 idl file
attaching the idl file
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #9 from Dmitry Timoshkov dmitry@baikal.ru --- Created attachment 67451 --> https://bugs.winehq.org/attachment.cgi?id=67451 patch
It seems that res06 in the SLTG header is actually a size of pad9 field, at least in my experiments it works this way. Please test this patch with more SLTG typelibs generated with your tool.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #10 from Vijay Kamuju infyquest@gmail.com --- Created attachment 67452 --> https://bugs.winehq.org/attachment.cgi?id=67452 tlb file 2
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #11 from Vijay Kamuju infyquest@gmail.com --- Created attachment 67453 --> https://bugs.winehq.org/attachment.cgi?id=67453 idl file 2
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #12 from Vijay Kamuju infyquest@gmail.com --- The patch works for the first tlb file, but it fails for the second tlb file attached. It fails with below error/assert:
winedump: ../../../wine/tools/winedump/tlb.c:1199: decode_string: Assertion `strlen(buf) + strlen(p) + 1 <= buf_size' failed.
Complete output:
Contents of /home/vijay/dspcalc2.tlb: 3329 bytes
Header { magic = 47544c53h # file blocks = 6 pad = 000dh size of index = 0035h first block = 1 guid = {000204ff-0000-0000-c000-000000000046} res1c = 00000034h res20 = ffff0000h } Block entry 0 { len = 000000cbh index string = 2bh "8b09b0558" next = 0002h } Block entry 1 { len = 00000224h index string = 21h "9b09b0558" next = 0003h } Block entry 2 { len = 00000104h index string = 17h "ab09b0558" next = 0004h } Block entry 3 { len = 00000145h index string = dh "bb09b0558" next = 0005h } Block entry 4 { len = 00000707h index string = 9h "dir" next = 0000h } index: "\1CompObj" "dir" "bb09b0558" "ab09b0558" "9b09b0558" "8b09b0558"
pad: 00000081: 00 00 00 00 00 00 00 00-00 00 36 28 50 ..........6(P
Block 0 { 0000008e: 01 05 ff ff ff ff ff ff-ff ff 1e 00 00 00 ff ff ..��������....�� 0000009e: ff ff 00 00 00 00 01 00-ff ff 02 00 02 00 01 00 ��......��...... 000000ae: ff ff 01 6e 00 00 00 0a-1a 12 00 64 00 00 00 56 ��.n.......d...V 000000be: 00 00 00 00 40 fe ff ff-ff 0a 1a 24 00 74 00 01 ....@����..$.t.. 000000ce: 00 56 00 12 00 00 40 fe-ff ff ff 0a 1a 36 00 84 .V....@����..6.� 000000de: 00 02 00 56 00 24 00 00-40 fe ff ff ff 0a 1a 48 ...V.$..@����..H 000000ee: 00 96 00 03 00 56 00 36-00 00 40 fe ff ff ff 0a .�...V.6..@����. 000000fe: 1a ff ff a6 00 04 00 56-00 48 00 00 40 fe ff ff .���...V.H..@��� 0000010e: ff ff ff 36 00 ff ff 12-00 ff ff ff ff 24 00 48 ���6.��..����$.H 0000011e: 00 ff ff 00 00 00 00 05-00 00 00 00 00 ff ff 00 .��..........��. 0000012e: 00 ff ff ff ff 48 00 ff-ff ff ff ff ff 00 00 00 .����H.������... 0000013e: 00 00 00 00 00 02 00 01-00 ff ff ff ff 00 00 ff .........����..� 0000014e: ff ff ff ff ff ff ff 0a-00 5a 00 �������..Z. } Block 0 { magic = 0501h href offset = ffffffffh res06 = ffffffffh member offset = 0x1e (+0x8e=0xac) res0e = ffffffffh version = 00000000h res16 = ffff0001h misc = 00020002h misc: unknown1 02, flags 0000, unknown2 02, typekind 0 (TKIND_ENUM) res1e = ffff0001h member_header starts at 0xac, current offset = 0xb0 res00 = 6e01h res02 = 0000h res04 = 00h extra = 00121a0ah variable 0 { 000000b9: 64 00 00 00 56 00 00 00-00 40 fe ff ff ff 0a 1a d...V....@����.. 000000c9: 24 00 $. magic = 64h flags = 00h next offset = 0 (+0xb9=0xb9) name = 0056h oInst = 0000h type offset = 0x4000 (+0xb9=0x40b9) type: type description starts at 0x40b9 ff80 | (127) type description ends at 0x40b9 memid = fffffffeh helpcontext = 1a0ah helpstring offset = 0x24 (+0xb9=0xdd) winedump: ../../../wine/tools/winedump/tlb.c:1199: decode_string: Assertion `strlen(buf) + strlen(p) + 1 <= buf_size' failed. Aborted (core dumped)
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #13 from Dmitry Timoshkov dmitry@baikal.ru --- (In reply to Vijay Kamuju from comment #12)
The patch works for the first tlb file, but it fails for the second tlb file attached. It fails with below error/assert:
winedump: ../../../wine/tools/winedump/tlb.c:1199: decode_string: Assertion `strlen(buf) + strlen(p) + 1 <= buf_size' failed.
Thanks for testing, that's a different problem.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #14 from Vijay Kamuju infyquest@gmail.com --- the patch is now committed but second crash is still occurring.
https://bugs.winehq.org/show_bug.cgi?id=49372
--- Comment #15 from Dmitry Timoshkov dmitry@baikal.ru --- (In reply to Vijay Kamuju from comment #14)
the patch is now committed but second crash is still occurring.
Please open a separate bug report for the next crash, it's completely different issue.
https://bugs.winehq.org/show_bug.cgi?id=49372
Vijay Kamuju infyquest@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Fixed by SHA1| |77bf4d497394bb0e93ae4f55680 | |40e745b3d6880 Status|NEW |RESOLVED
--- Comment #16 from Vijay Kamuju infyquest@gmail.com --- Fix committed https://source.winehq.org/git/wine.git/commitdiff/77bf4d497394bb0e93ae4f5568...
https://bugs.winehq.org/show_bug.cgi?id=49372
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #17 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 5.11.
https://bugs.winehq.org/show_bug.cgi?id=49372
Michael Stefaniuc mstefani@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |5.0.x
https://bugs.winehq.org/show_bug.cgi?id=49372
Michael Stefaniuc mstefani@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|5.0.x |---
--- Comment #18 from Michael Stefaniuc mstefani@winehq.org --- Removing the 5.0.x milestone from bug fixes included in 5.0.3.
-
WineHQ Bugzilla