http://bugs.winehq.org/show_bug.cgi?id=16161
Summary: GetOverlappedResult called with NULL for lpNumberOfBytesTransferred Product: Wine Version: 1.1.9 Platform: All OS/Version: other Status: UNCONFIRMED Severity: normal Priority: P2 Component: ole32 AssignedTo: wine-bugs@winehq.org ReportedBy: martinmnet@hotmail.com
In function local_server_thread line 1932, GetOverlappedResult is called with lpNumberOfBytesTransferred as NULL. The lpNumberOfBytesTransferred param should not be NULL for this API, even though the value is undefined for NamedPipes.
WINE does check for this in GetOverlappedResult, but seems its not what windows does as NULL for that parameter causes access violation as long as file handle is valid.
http://bugs.winehq.org/show_bug.cgi?id=16161
--- Comment #1 from martinmnet martinmnet@hotmail.com 2008-11-22 15:56:57 --- Forgot to note that this is in ole32/rpc.c
http://bugs.winehq.org/show_bug.cgi?id=16161
Dmitry Timoshkov dmitry@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |source Platform|All |Other
--- Comment #2 from Dmitry Timoshkov dmitry@codeweavers.com 2008-11-23 22:54:06 --- Please send a test case for GetOverlappedResult, and the fix for ole32/rpc.c.
http://bugs.winehq.org/show_bug.cgi?id=16161
--- Comment #3 from martinmnet martinmnet@hotmail.com 2008-11-24 09:02:07 --- Created an attachment (id=17430) --> (http://bugs.winehq.org/attachment.cgi?id=17430) ole32/rpc.c fix
http://bugs.winehq.org/show_bug.cgi?id=16161
--- Comment #4 from martinmnet martinmnet@hotmail.com 2008-11-24 09:04:44 --- Sorry, Forgot the text.
Even though MS can be off on their documentation, Normally, NULL as a parameter should not be used for any MS API unless MS documentation read so.
For a quick test, you can use the server and client code on MS web site at http://msdn.microsoft.com/en-us/library/aa365588(VS.85).aspx
Add flag FILE_FLAG_OVERLAPPED to the call to CreateNamedPipe
Make modifications in function InstanceThread: Add variable OVERLAPPED ovl; Change last params for ReadFile and WriteFile to &ovl and add GetOverlappedResult with null param after the readfile, for example.
http://bugs.winehq.org/show_bug.cgi?id=16161
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |patch
http://bugs.winehq.org/show_bug.cgi?id=16161
Christoph von Wittich Christoph@ApiViewer.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |Christoph@ApiViewer.de
--- Comment #5 from Christoph von Wittich Christoph@ApiViewer.de 2009-01-22 05:09:17 --- The same problem applies to DeviceIoControl. In both functions ERR("bad caller xy must not be NULL\n") should be added to find other locations with similar issues.
http://bugs.winehq.org/show_bug.cgi?id=16161
Florian florian@fkoeberle.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |florian@fkoeberle.de
--- Comment #6 from Florian florian@fkoeberle.de 2009-01-22 05:18:01 --- For the implementation of the test case this link might be helpfull: http://www.winehq.org/pipermail/wine-devel/2007-May/056618.html
http://bugs.winehq.org/show_bug.cgi?id=16161
Ged gediintheuk@yahoo.co.uk changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever Confirmed|0 |1
--- Comment #7 from Ged gediintheuk@yahoo.co.uk 2009-01-22 05:21:23 --- *** This bug has been confirmed by popular vote. ***
http://bugs.winehq.org/show_bug.cgi?id=16161
--- Comment #8 from Christoph von Wittich Christoph@ApiViewer.de 2009-01-22 05:42:46 --- from kernel32/test/file.c
static void test_overlapped(void) { OVERLAPPED ov; DWORD r, result;
/* GetOverlappedResult crashes if the 2nd or 3rd param are NULL */
http://bugs.winehq.org/show_bug.cgi?id=16161
--- Comment #9 from Florian florian@fkoeberle.de 2009-01-22 06:03:54 --- Created an attachment (id=18893) --> (http://bugs.winehq.org/attachment.cgi?id=18893) test case
http://bugs.winehq.org/show_bug.cgi?id=16161
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |bunglehead@gmail.com
--- Comment #10 from Nikolay Sivov bunglehead@gmail.com 2009-01-22 06:10:00 --- A patch sent for this. Please check a behavior on other then XP systems to document this in a test (I haven't anything but an XP SP2 to test).
http://www.winehq.org/pipermail/wine-patches/2009-January/068179.html
(In reply to comment #9)
Created an attachment (id=18893)
--> (http://bugs.winehq.org/attachment.cgi?id=18893) [details]
test case
As I see usually such crash cases in tests are just commented out with some text description.
http://bugs.winehq.org/show_bug.cgi?id=16161
--- Comment #11 from Christoph von Wittich Christoph@ApiViewer.de 2009-01-22 06:22:39 --- GetCommState in kernel32/comm.c does the same with DeviceIoControl
http://bugs.winehq.org/show_bug.cgi?id=16161
--- Comment #12 from Florian florian@fkoeberle.de 2009-01-22 06:24:57 --- I sent my test case patch as well: http://www.winehq.org/pipermail/wine-patches/2009-January/068180.html
I don't know which patch is "better". Now Alexandre Julliard can pick the test he wants.
http://bugs.winehq.org/show_bug.cgi?id=16161
Florian florian@fkoeberle.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #18893|0 |1 is obsolete| |
--- Comment #13 from Florian florian@fkoeberle.de 2009-01-22 06:33:32 --- Created an attachment (id=18894) --> (http://bugs.winehq.org/attachment.cgi?id=18894) updated patch: forgot to mark tests as todo
http://bugs.winehq.org/show_bug.cgi?id=16161
--- Comment #14 from Nikolay Sivov bunglehead@gmail.com 2009-01-22 08:51:52 --- This is fixed:
http://source.winehq.org/git/wine.git/?a=commit;h=32cc4011ee04046d41a41549d5...
http://bugs.winehq.org/show_bug.cgi?id=16161
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED
--- Comment #15 from Austin English austinenglish@gmail.com 2009-01-22 10:23:26 --- Fixed.
http://bugs.winehq.org/show_bug.cgi?id=16161
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #16 from Alexandre Julliard julliard@winehq.org 2009-01-30 11:04:32 --- Closing bugs fixed in 1.1.14.
-
wine-bugs@winehq.org