On 6/15/21 6:39 PM, Zebediah Figura (she/her) wrote:
On 6/15/21 11:29 AM, Rémi Bernon wrote:
On 6/14/21 9:26 AM, Marvin wrote:
=== w864 (64 bit report) ===
Report validation errors: ntoskrnl.exe:ntoskrnl crashed (c0000374)
FWIW this is crashing there:
ret = CertCloseStore(ctx->root_store, CERT_CLOSE_STORE_CHECK_FLAG);
But I have absolutely no idea why. Somehow the certificate store got corrupted? It's not related to the patches, but it doesn't crash all the time.
It seems it's been happening for a while now. Probably something's wrong with the cert code in the test. Unfortunately I haven't been able to find any errors from manual reëxamination, and I'm not sure how else to proceed.
Does anyone know of a memory checker that can be used on Windows? It may be tricky to use it while avoiding looking at crypt32 internals, but it's at least worth a try...
I think it may be coming from CertFreeCertificateContext, which either is not necessary after CertDeleteCertificateFromStore, or w8 messed up its refcounts.
MSDN states:
The CertDeleteCertificateFromStore function always frees pCertContext by calling the CertFreeCertificateContext function, even if an error is encountered. Freeing the context reduces the context's reference count by one. If the reference count reaches zero, memory allocated for the certificate is freed.
Which is not completely clear to me if that means CertFreeCertificateContext should not be called, and maybe w8 implemented it that way?
I'm sending a patch which removes the calls, it seems to have fixed the crash according to 10 flawless runs.