Hi,

I have a systematic crash when browsing a folder which has a *.gz file inside (for example using GetOpenFileName). In my system, the icon of "gz" files are associated to an external "ico" file, I see it with --debugmsg +shell :

warn:shell:ParseFieldA ("C:\PROGRAM FILES\POWERARCHIVER\ICONS\GZIP.ICO",0x00000002,0x405c574c,5) semi-stub.

The crash happens in line 325 of exticon.c: RetPtr[i-nIconIndex] = LookupIconIdFromDirectoryEx( pCIDir, TRUE, cxDesired, cyDesired, 0); With Winedbg we see : i = 65386, nIconIndex = -151, nIcons = 1 and IconDirCount = 1

It seems to be linked to this bogus test (line 314): else if( nIconIndex < iconDirCount ) where nIconIndex(INT)=-151 and iconDirCount(UINT16)=1.

I Hope this will help finding the correct solution. (Odd fact : when activating +relay there is no more crash ...)

Mehmet YASAR

--------------- Backtrace with Wine20020122 --------------- First chance exception: page fault on write access to 0x406059a8 in 32-bit code (0x4082ba06). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:008f GS:0000 EIP:4082ba06 ESP:405c5888 EBP:405c5910 EFLAGS:00210287( R- 00 I S - -P1C) EAX:00000000 EBX:408c9b78 ECX:405c59a8 EDX:00010000 ESI:ffffff6a EDI:ffffff69 Stack dump: 0x405c5888 (NTDLL.DLL.memcpy+0x31fb08): 405c58d4 00000104 ffffff69 405c597c 0x405c5898 (NTDLL.DLL.memcpy+0x31fb18): 00000020 40a29a58 40388974 403aafce 0x405c58a8 (NTDLL.DLL.memcpy+0x31fb28): 405c59cc 40a17878 00000000 4006c7ea 0x405c58b8 (NTDLL.DLL.memcpy+0x31fb38): 400aa1ba 400ae78d 401018d7 405c5a2e 0x405c58c8 (NTDLL.DLL.memcpy+0x31fb48): 40133efe 403b6cbe 405c5a24 00000000 0x405c58d8 (NTDLL.DLL.memcpy+0x31fb58): 00000000 403c40b8 408bffb5 00000f6e 0x405c58e8 (NTDLL.DLL.memcpy+0x31fb68):

0011: sel=008f base=4011a4e0 limit=00000fff 32-bit rw- Backtrace: =>0 0x4082ba06 (ICO_ExtractIconExW+0x386(lpszExeFileName=0x403c4558, RetPtr=0x405c59a8, nIconIndex=0xffffff69, nIcons=0x1, cxDesired=0x20, cyDesired=0x20) [exticon.c:325] in libuser32.so) (ebp=405c5910) 1 0x4082c1c5 (PrivateExtractIconsW+0xf5(lpwstrFile=0x403c4558, nIndex=0xffffff69, sizeX=0x20, sizeY=0x20, phicon=0x405c59a8, w=0x0, nIcons=0x1, y=0x0) [exticon.c:555] in libuser32.so) (ebp=405c5948) 2 0x4082c251 (PrivateExtractIconsA+0x71(lpstrFile=0x405c5a20, nIndex=0xffffff69, sizeX=0x20, sizeY=0x20, phicon=0x405c59a8, w=0x0, nIcons=0x1, y=0x0) [exticon.c:578] in libuser32.so) (ebp=405c597c) 3 0x4065ed8d (SIC_LoadIcon+0x3d(sSourceFile=0x405c5a20, dwSourceIndex=0xffffff69) [iconcache.c:115] in libshell32.so) (ebp=405c59b8) 4 0x4065eeb9 (SIC_GetIconIndex+0xb9(sSourceFile=0x405c5a20, dwSourceIndex=0xffffff69) [iconcache.c:154] in libshell32.so) (ebp=405c5a00) 5 0x4065f32c (PidlToSicIndex+0xcc(sh=0x403c48f4, pidl=0x403b6cb0, bBigIcon=0x0, uFlags=0x0, pIndex=0x405c5b58) [iconcache.c:311] in libshell32.so) (ebp=405c5b3c) 6 0x4065f3d2 (SHMapPIDLToSystemImageListIndex+0x72(sh=0x403c48f4, pidl=0x403b6cb0, pIndex=0x0) [iconcache.c:346] in libshell32.so) (ebp=405c5b68) 7 0x40677e61 (ShellView_OnNotify+0x3b1(This=0x403bd0c4, CtlID=0xffffff4f, lpnmh=0x405c626c) [shlview.c:1178] in libshell32.so) (ebp=405c600c) 8 0x4067850e (ShellView_WndProc+0x18e(hWnd=0x30034, uMessage=0x4e, wParam=0xffffff4f, lParam=0x405c626c) [shlview.c:1405] in libshell32.so) (ebp=405c602c) 9 0x408947a3 (WINPROC_wrapper+0x17 in libuser32.so) (ebp=405c6050) 10 0x4089483d (WINPROC_CallWndProc+0x8d(proc=0x40678380, hwnd=0x30034, msg=0x4e, wParam=0xffffff4f, lParam=0x405c626c) [winproc.c:167] in libuser32.so) (ebp=405c6080) 11 0x4089a46a (WINPROC_CallProc32WTo32A+0x8a(func=0x40678380, hwnd=0x30034, msg=0x4e, wParam=0xffffff4f, lParam=0x405c626c) [winproc.c:2439] in libuser32.so) (ebp=405c60a8) 12 0x4089aa32 (CallWindowProcW+0xb2(func=0x40b606d2, hwnd=0x30034, msg=0x4e, wParam=0xffffff4f, lParam=0x405c626c) [winproc.c:2646] in libuser32.so) (ebp=405c60dc) 13 0x40830727 (call_window_proc+0xd7(hwnd=0x30034, msg=0x4e, wparam=0xffffff4f, lparam=0x405c626c, unicode=0x1) [message.c:1351] in libuser32.so) (ebp=405c6138) 14 0x40831301 (SendMessageTimeoutW+0xe1(hwnd=0x30034, msg=0x4e, wparam=0xffffff4f, lparam=0x405c626c, flags=0x0, timeout=0xffffffff, res_ptr=0x405c61bc) [message.c:1721] in libuser32.so) (ebp=405c6198) 15 0x40831587 (SendMessageW+0x37(hwnd=0x30034, msg=0x4e, wparam=0xffffff4f, lparam=0x405c626c) [message.c:1801] in libuser32.so) (ebp=405c61cc) 16 0x4096b033 (dispinfo_notifyT+0x1d3(self=0x30035, code=0xffffff4f, pdi=0x405c626c, isW=0x1) [listview.c:330] in libcomctl32.so) (ebp=405c6234) 17 0x40971f9e (LISTVIEW_GetItemT+0x34e(hwnd=0x30035, lpLVItem=0x405c630c, internal=0x1, isW=0x1) [listview.c:5040] in libcomctl32.so) (ebp=405c62b8) 18 0x4096ed6d (LISTVIEW_DrawItem+0xed(hwnd=0x30035, hdc=0x860, nItem=0x1, rcItem=0x0, FullSelect=0x0, SuggestedFocus=0x405c67b8) [listview.c:354] in libcomctl32.so) (ebp=405c6748) 19 0x4096ffd5 (LISTVIEW_RefreshList+0x175(hwnd=0x30035, hdc=0x860, cdmode=0x0) [listview.c:3552] in libcomctl32.so) (ebp=405c67e4) 20 0x4097036f (LISTVIEW_Refresh+0xbf(hwnd=0x30035, hdc=0x860) [listview.c:3677] in libcomctl32.so) (ebp=405c6824) 21 0x4097633e (LISTVIEW_Paint+0x5e(hwnd=0x30035, hdc=0x0) [listview.c:8170] in libcomctl32.so) (ebp=405c6880) 22 0x40977a70 (LISTVIEW_WindowProc+0xdc0(hwnd=0x30035, uMsg=0xf, wParam=0x0, lParam=0x0) [listview.c:8922] in libcomctl32.so) (ebp=405c689c) 23 0x408947a3 (WINPROC_wrapper+0x17 in libuser32.so) (ebp=405c68c0) 24 0x4089483d (WINPROC_CallWndProc+0x8d(proc=0x40976cb0, hwnd=0x30035, msg=0xf, wParam=0x0, lParam=0x0) [winproc.c:167] in libuser32.so) (ebp=405c68f0) 25 0x4089aa4e (CallWindowProcW+0xce(func=0x40b604b4, hwnd=0x30035, msg=0xf, wParam=0x0, lParam=0x0) [winproc.c:2650] in libuser32.so) (ebp=405c6924) 26 0x4087c494 (DispatchMessageW+0x134(msg=0x405c69a0) [message.c:1126] in libuser32.so) (ebp=405c6968) 27 0x40870b26 (IsDialogMessageW+0xb6(hwndDlg=0x20023, msg=0x405c69a0) [dialog.c:1533] in libuser32.so) (ebp=405c698c) 28 0x4086fe10 (DIALOG_DoDialogBox+0xa0(hwnd=0x20023, owner=0x10021) [dialog.c:1040] in libuser32.so) (ebp=405c69cc) 29 0x408701af (DialogBoxIndirectParamA+0x2f(hInstance=0x405e5000, template=0x40622a60, owner=0x10021, dlgProc=0x405ee730, param=0x403b7798) [dialog.c:1163] in libuser32.so) (ebp=405c69e0) 30 0x405ed76c (GetFileName95+0x10c(fodInfos=0x403b7798) [filedlg95.c:249] in libcomdlg32.so) (ebp=405c6a08) 31 0x405edc02 (GetFileDialog95W+0x352(ofn=0x1008c40, iDlgType=0x2) [filedlg95.c:467] in libcomdlg32.so) (ebp=405c6a6c) 32 0x405ed580 (GetOpenFileNameW+0x40(ofn=0x1008c40) [filedlg.c:1606] in libcomdlg32.so) (ebp=405c6a88) 33 0x01001dc1 (notepad.exe..text+0xdc1 in C:\winnt\notepad.exe) (ebp=405c6ce8) 34 0x010028bd (notepad.exe..text+0x18bd in C:\winnt\notepad.exe) (ebp=405c6d08) 35 0x408947a3 (WINPROC_wrapper+0x17 in libuser32.so) (ebp=405c6d2c) 36 0x4089483d (WINPROC_CallWndProc+0x8d(proc=0x100248f, hwnd=0x10021, msg=0x111, wParam=0xa, lParam=0x0) [winproc.c:167] in libuser32.so) (ebp=405c6d5c) 37 0x4089aa4e (CallWindowProcW+0xce(func=0x40b60640, hwnd=0x10021, msg=0x111, wParam=0xa, lParam=0x0) [winproc.c:2650] in libuser32.so) (ebp=405c6d90) 38 0x4087c494 (DispatchMessageW+0x134(msg=0x405c6dec) [message.c:1126] in libuser32.so) (ebp=405c6dd4) 39 0x01002a64 (notepad.exe..text+0x1a64 in C:\winnt\notepad.exe) (ebp=405c6e08) 40 0x01006576 (notepad.exe.EntryPoint+0x156 in C:\winnt\notepad.exe) (ebp=405c6ea4) 41 0x400d3b18 (start_process+0x1f8 [process.c:397] in libntdll.so) (ebp=405c6f38) 42 0x400d7307 (call_on_thread_stack+0x27(func=0x400d3920) [sysdeps.c:91] in libntdll.so) (ebp=405c6ff4) 43 0x400d74c0 (SYSDEPS_CallOnStack+0x14 in libntdll.so) (ebp=00000000)

0x4082ba06 (ICO_ExtractIconExW+0x386 [exticon.c:325] in libuser32.so): movl %eax,0x0(%ecx,%edx,4) 320 for( i = nIconIndex; i < nIconIndex + nIcons; i++ )