Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-16174

UDFCommonCreate uninitialized var used

    XMLWordPrintable

Details

    Description

      ReturnedInformation is used without being initialized.

      Happens when running an executable from VS2010Express1.iso

      0.4.13-dev-568-g545692e89e

      kd> kp
      		 
      ChildEBP RetAddr  
      f6dd4378 f76c6135 udfs!_RTC_DefaultErrorFuncW(int errType = 0n3, wchar_t * file = 0xf76c8998 "unknown file", int line = 0n-1, wchar_t * module = 0xf76c8978 "unknown module", wchar_t * format = 0xf76c89b8 "Use of uninitialized variable %S!.")+0x5 [r:\src\dev\sdk\lib\runtmchk\rtcapi.c @ 29]
      		 
      f6dd439c f769c5e4 udfs!_RTC_UninitUse(char * _Varname = 0xf769cbce "ReturnedInformation")+0x25 [r:\src\dev\sdk\lib\runtmchk\rtcapi.c @ 102]
      		 
      f6dd43a4 f769c070 udfs!UDFCommonCreate(struct _UDFIrpContext * PtrIrpContext = 0xb4b7c7c8, struct _IRP * Irp = 0xb4883760)+0x4384 [r:\src\dev\drivers\filesystems\udfs\create.cpp @ 2233]
      		 
      f6dd4784 f769cde8 udfs!UDFCommonCreate(struct _UDFIrpContext * PtrIrpContext = 0xb4b7c7c8, struct _IRP * Irp = 0xb4883760)+0x3e10 [r:\src\dev\drivers\filesystems\udfs\create.cpp @ 2077]
      		 
      f6dd47dc 80483807 udfs!UDFCreate(struct _DEVICE_OBJECT * DeviceObject = 0xb4b84020, struct _IRP * Irp = 0xb4883760)+0x158 [r:\src\dev\drivers\filesystems\udfs\create.cpp @ 90]
      		 
      f6dd4808 804762b9 nt!IofCallDriver(struct _DEVICE_OBJECT * DeviceObject = 0xb4b84020, struct _IRP * Irp = 0xb4883760)+0xc7 [r:\src\dev\ntoskrnl\io\iomgr\irp.c @ 1286]
      		 
      f6dd49b4 8050c4dc nt!IopParseDevice(void * ParseObject = 0xb4c0d038, void * ObjectType = 0x00000000, struct _ACCESS_STATE * AccessState = 0xb4965f30, char AccessMode = 0n1 '', unsigned long Attributes = 0x40, struct _UNICODE_STRING * CompleteName = 0xf6dd4ae0 "\Device\CdRom2\VCExpress\System32\nfs41_np.dll", struct _UNICODE_STRING * RemainingName = 0xf6dd4a60 "\VCExpress\System32\nfs41_np.dll", void * Context = 0xf6dd4b50, struct _SECURITY_QUALITY_OF_SERVICE * SecurityQos = 0x00000000, void ** Object = 0xf6dd4a84)+0x16e9 [r:\src\dev\ntoskrnl\io\iomgr\file.c @ 997]
      		 
      f6dd4a8c 80504a7b nt!ObpLookupObjectName(void * RootHandle = 0x00000000, struct _UNICODE_STRING * ObjectName = 0xf6dd4ae0 "\Device\CdRom2\VCExpress\System32\nfs41_np.dll", unsigned long Attributes = 0x40, struct _OBJECT_TYPE * ObjectType = 0x00000000, char AccessMode = 0n1 '', void * ParseContext = 0xf6dd4b50, struct _SECURITY_QUALITY_OF_SERVICE * SecurityQos = 0x00000000, void * InsertObject = 0x00000000, struct _ACCESS_STATE * AccessState = 0xb4965f30, struct _OBP_LOOKUP_CONTEXT * LookupContext = 0xb4965fd4, void ** FoundObject = 0xf6dd4af0)+0x8cc [r:\src\dev\ntoskrnl\ob\obname.c @ 986]
      		 
      f6dd4af8 80477225 nt!ObOpenObjectByName(struct _OBJECT_ATTRIBUTES * ObjectAttributes = 0x0012e608, struct _OBJECT_TYPE * ObjectType = 0x00000000, char AccessMode = 0n1 '', struct _ACCESS_STATE * PassedAccessState = 0xb4965f30, unsigned long DesiredAccess = 0x80, void * ParseContext = 0xf6dd4b50, void ** Handle = 0xf6dd4bd0)+0x16b [r:\src\dev\ntoskrnl\ob\obhandle.c @ 2609]
      		 
      f6dd4ce0 80478ad6 nt!IopQueryAttributesFile(struct _OBJECT_ATTRIBUTES * ObjectAttributes = 0x0012e608, _FILE_INFORMATION_CLASS FileInformationClass = FileBasicInformation (0n4), unsigned long FileInformationSize = 0x28, void * FileInformation = 0x0012e5d4)+0x205 [r:\src\dev\ntoskrnl\io\iomgr\file.c @ 2404]
      		 
      f6dd4cf8 8054c25b nt!NtQueryAttributesFile(struct _OBJECT_ATTRIBUTES * ObjectAttributes = 0x0012e608, struct _FILE_BASIC_INFORMATION * FileInformation = 0x0012e5d4)+0x16 [r:\src\dev\ntoskrnl\io\iomgr\file.c @ 3985]
      		 
      f6dd4d10 80549ea8 nt!KiSystemCallTrampoline(void * Handler = 0x80478ac0, void * Arguments = 0x0012e5c0, unsigned long StackBytes = 8)+0x1b [r:\src\dev\ntoskrnl\include\internal\i386\ke.h @ 766]
      		 
      f6dd4d5c 80403e23 nt!KiSystemServiceHandler(struct _KTRAP_FRAME * TrapFrame = 0xf6dd4d64, void * Arguments = 0x0012e5c0)+0x278 [r:\src\dev\ntoskrnl\ke\i386\traphdlr.c @ 1813]
      		 
      f6dd4d5c 7c936aee nt!KiFastCallEntry+0x8c
      		 
      0012e5b4 7c96a7f7 ntdll!KiFastSystemCallRet
      		 
      0012e5b8 7c95920b ntdll!ZwQueryAttributesFile+0xc
      		 
      0012e654 7c9590f8 ntdll!RtlDoesFileExists_UstrEx(struct _UNICODE_STRING * FileName = 0x0012e668 "F:\VCExpress\System32\nfs41_np.dll", unsigned char SucceedIfBusy = 0x00 '')+0x9b [r:\src\dev\sdk\lib\rtl\path.c @ 1352]
      		 
      0012e674 7c9597cb ntdll!RtlDoesFileExists_UEx(wchar_t * FileName = 0x00146458 "F:\VCExpress\System32\nfs41_np.dll", unsigned char SucceedIfBusy = 0x00 '')+0x38 [r:\src\dev\sdk\lib\rtl\path.c @ 1401]
      		 
      0012e6b8 7c92e259 ntdll!RtlDosSearchPath_U(wchar_t * Path = 0x001474b2 ".;C:\ReactOS\System32;C:\ReactOS\system;C:\ReactOS;.;C:\ReactOS\bin;C:\ReactOS\System32;C:\ReactOS;C:\ReactOS\System32\Wbem", wchar_t * FileName = 0x0012ea44 "System32\nfs41_np.dll", wchar_t * Extension = 0x00000000 "", unsigned long Size = 0x212, wchar_t * Buffer = 0x0012e7a0 "쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌쳌???", wchar_t ** PartName = 0x00000000)+0x23b [r:\src\dev\sdk\lib\rtl\path.c @ 2175]
      		 
      0012e9e8 7c92fa5e ntdll!LdrpCheckForLoadedDll(wchar_t * DllPath = 0x00147498 "F:\VCExpress;.;C:\ReactOS\System32;C:\ReactOS\system;C:\ReactOS;.;C:\ReactOS\bin;C:\ReactOS\System32;C:\ReactOS;C:\ReactOS\System32\Wbem", struct _UNICODE_STRING * DllName = 0x0012ea34 "System32\nfs41_np.dll", unsigned char Flag = 0x00 '', unsigned char RedirectedDll = 0x00 '', struct _LDR_DATA_TABLE_ENTRY ** LdrEntry = 0x0012ea28)+0x1b9 [r:\src\dev\dll\ntdll\ldr\ldrutils.c @ 2059]
      		 
      0012ec90 7c924237 ntdll!LdrpLoadDll(unsigned char Redirected = 0x00 '', wchar_t * DllPath = 0x00147498 "F:\VCExpress;.;C:\ReactOS\System32;C:\ReactOS\system;C:\ReactOS;.;C:\ReactOS\bin;C:\ReactOS\System32;C:\ReactOS;C:\ReactOS\System32\Wbem", unsigned long * DllCharacteristics = 0x0012ef90, struct _UNICODE_STRING * DllName = 0x0012efb8 "System32\nfs41_np.dll", void ** BaseAddress = 0x0012efac, unsigned char CallInit = 0x01 '')+0x25e [r:\src\dev\dll\ntdll\ldr\ldrutils.c @ 2503]
      		 
      0012ef50 7c631b71 ntdll!LdrLoadDll(wchar_t * SearchPathA = 0x00147498 "F:\VCExpress;.;C:\ReactOS\System32;C:\ReactOS\system;C:\ReactOS;.;C:\ReactOS\bin;C:\ReactOS\System32;C:\ReactOS;C:\ReactOS\System32\Wbem", unsigned long * DllCharacteristics = 0x0012ef90, struct _UNICODE_STRING * DllName = 0x0012efb8 "System32\nfs41_np.dll", void ** BaseAddress = 0x0012efac)+0x517 [r:\src\dev\dll\ntdll\ldr\ldrapi.c @ 398]
      		 
      0012efdc 7c631d42 kernel32!LoadLibraryExW(wchar_t * lpLibFileName = 0x0012f28c "System32\nfs41_np.dll", void * hFile = 0x00000000, unsigned long dwFlags = 0)+0x211 [r:\src\dev\dll\win32\kernel32\client\loader.c @ 363]
      		 
      0012eff0 7b3091b2 kernel32!LoadLibraryW(wchar_t * lpLibFileName = 0x0012f28c "System32\nfs41_np.dll")+0x12 [r:\src\dev\dll\win32\kernel32\client\loader.c @ 181]
      		 
      0012f6b4 7b30a70d mpr!_tryLoadProvider(wchar_t * provider = 0x00142238 "nfs41_driver")+0x252 [r:\src\dev\dll\win32\mpr\wnet.c @ 178]
      		 
      0012f710 7b301493 mpr!wnetInit(struct HINSTANCE__ * hInstDll = 0x7b300000)+0x25d [r:\src\dev\dll\win32\mpr\wnet.c @ 340]
      		 
      0012f720 7b30e587 mpr!DllMain(struct HINSTANCE__ * hinstDLL = 0x7b300000, unsigned int fdwReason = 1, void * lpvReserved = 0x0012fd28)+0x33 [r:\src\dev\dll\win32\mpr\mpr_main.c @ 84]
      		 
      0012f738 7b30e20b mpr!__DllMainCRTStartup(void * hDllHandle = 0x7b300000, unsigned long dwReason = 1, void * lpreserved = 0x0012fd28)+0xb7 [r:\src\dev\sdk\lib\crt\startup\crtdll.c @ 202]
      		 
      0012f74c 7c92da27 mpr!DllMainCRTStartup(void * hDllHandle = 0x7b300000, unsigned long dwReason = 1, void * lpreserved = 0x0012fd28)+0x2b [r:\src\dev\sdk\lib\crt\startup\crtdll.c @ 172]
      		 
      0012f764 7c92b37f ntdll!LdrpCallInitRoutine(<function> * EntryPoint = 0x7b30e1e0, void * BaseAddress = 0x7b300000, unsigned long Reason = 1, void * Context = 0x0012fd28)+0x17 [r:\src\dev\dll\ntdll\ldr\ldrutils.c @ 106]
      		 
      0012f8a4 7c929c1e ntdll!LdrpRunInitializeRoutines(struct _CONTEXT * Context = 0x0012fd28)+0x78f [r:\src\dev\dll\ntdll\ldr\ldrinit.c @ 842]
      		 
      0012fc88 7c927131 ntdll!LdrpInitializeProcess(struct _CONTEXT * Context = 0x0012fd28, void * SystemArgument1 = 0x7c920000)+0x1e9e [r:\src\dev\dll\ntdll\ldr\ldrinit.c @ 2414]
      		 
      0012fd14 7c9369ce ntdll!LdrpInit(struct _CONTEXT * Context = 0x0012fd28, void * SystemArgument1 = 0x7c920000, void * SystemArgument2 = 0x00000000)+0x111 [r:\src\dev\dll\ntdll\ldr\ldrinit.c @ 2534]
      		 
      00000000 00000000 ntdll!KiUserApcDispatcher+0x25

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. CORE-16623 UDFCommonCreate returns uninitialized or wrong data

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              extravert34 extravert34
              learn_more Mark Jansen
              Votes:
              3 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: