http://bugs.winehq.org/show_bug.cgi?id=15847
Summary: rpcrt4's server crosstest crashes on windows Product: Wine Version: CVS/GIT Platform: Other URL: http://test.winehq.org OS/Version: other Status: UNCONFIRMED Severity: normal Priority: P2 Component: rpc AssignedTo: wine-bugs@winehq.org ReportedBy: niko.lecam@gmail.com CC: robertshearman@gmail.com
The rpcrt4's server crosstest crashes on my WinXP and Win2k boxes (same seems to happen on other systems according to test.winehq.org).
I have tried to find out the problem but this part of the code is really out of my competence.
The problematic commit is a05923e1d303788c9b7bfda61eb2ca9ae48653f7 Author: Rob Shearman rob@codeweavers.com Date: Mon, 24 Dec 2007 17:01:20 +0000
rpcrt4: Add tests for varying and conformant varying arrays.
The conformance test crashes in NdrpEmbeddedRepeatPointerUnmarshall with an access violation.
Stack trace is : 0022fa50 77e82a17 00249568 d6fb03f4 00000003 rpcrt4!NdrpEmbeddedRepeatPointerUnmarshall+0x9e 0022fa84 77e914ea 00000001 0022fcd4 00430652 rpcrt4!NdrpEmbeddedPointerUnmarshall+0x68 0022fab8 0041a200 00000001 0022fc54 0000003c rpcrt4!NdrVaryingArrayUnmarshall+0x177
NdrVaryingArrayUnmarshall is called from function get_5numbers() in server_c.c
Reverting the patch fix the problem.
CC'ed to Rob Shearman as it's his patch.
Hope this will help fixing the problem.
regards, Nicolas Le Cam
http://bugs.winehq.org/show_bug.cgi?id=15847
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |regression
http://bugs.winehq.org/show_bug.cgi?id=15847
--- Comment #1 from Rob Shearman robertshearman@gmail.com 2008-10-30 08:49:13 --- This is a bug in Windows' version of rpcrt4.dll. I forget the details, but it is caused by something like the code executed as part of NdrVaryingArrayUnmarshall not setting a variable (possibly MIDL_STUB_MESSAGE::ActualCount) before calling NdrpEmbeddedPointerUnmarshall and so reads off the end of the array.
http://bugs.winehq.org/show_bug.cgi?id=15847
Jeff Zaroyko jeffz@jeffz.name changed:
What |Removed |Added ---------------------------------------------------------------------------- Version|CVS/GIT |1.1.9
http://bugs.winehq.org/show_bug.cgi?id=15847
Rob Shearman robertshearman@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution| |FIXED
--- Comment #2 from Rob Shearman robertshearman@gmail.com 2009-02-08 16:41:29 --- Fixed by a9950e3ceef6a8cfbfa8d4ed60df1210724036f7.
http://bugs.winehq.org/show_bug.cgi?id=15847
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #3 from Alexandre Julliard julliard@winehq.org 2009-02-13 11:11:24 --- Closing bugs fixed in 1.1.15.
-
wine-bugs@winehq.org