Loading...

XML

Word

Printable

user32_winetest performs calls such as:
507 ret = GetUserObjectInformationA(old_input_desk, UOI_NAME, name, 1024, NULL);

This crashes:

Running Wine Test, Module: user32, Test: winstation

[7h

Entered debugger on last-chance exception (Exception Code: 0xc0000005) (Page Fault)

Memory at 0x00000000 could not be written: Page not present.

kdb:> bt

Eip:

<win32k.sys:7b48e (win32ss/user/ntuser/winsta.c:730 (NtUserGetObjectInformation))>

Frames:

<NTOSKRNL.EXE:140230 (ntoskrnl/include/internal/arch/../i386/ke.h:688 (KiFastCallEntryHandler))>

<NTOSKRNL.EXE:3ced (:0 (KiFastCallEntry))>

<ntdll.dll:1b500>

<user32_winetest.exe:cf371>

<user32_winetest.exe:d1a28>

<user32_winetest.exe:d5359>

<user32_winetest.exe:d6356>

<user32_winetest.exe:d63b8>

<kernel32.dll:fb63>

<00000000>

kdb:>

[SYSREG] Rebooting VM (retry 2)

... because NtUserGetObjectInformation doesn't use SEH and ProbeForWrite to write to nLengthNeeded:

   /* try to copy data to caller */

   if (Status == STATUS_SUCCESS)

      TRACE("Trying to copy data to caller (len = %lu, len needed = %lu)\n", nLength, nDataSize);

      *nLengthNeeded = nDataSize;

      if (nLength >= nDataSize)

         Status = MmCopyToCaller(pvInformation, pvData, nDataSize);

      else

         Status = STATUS_BUFFER_TOO_SMALL;

Also, this parameter is optional and should not be written to if NULL.