Re: [Kdiff3-user] kdiff3 Ver 0.9.95 stack buffer overrun

[Joachim E. <joa...@gm...>]

Hi,

Thank you for the backtrace.
Now I can see the lower KDiff3-part of the stack. But the upper kernel32-part 
is probably not correct yet.

If you also want to fix that, use Windbg again and set this as a symbolpath: 
SRV*c:\symbols*http://msdl.microsoft.com/download/symbols

Windbg will load Microsoft pdb-files from the net into your local directory 
c:\symbols which should be created first. The kdiff3-part will be unclear to 
Windbg again though.

Nevertheless I think, that the only way to avoid the problem would be not to 
query the time unless really needed. The bug seems to be in the Windows-XP-
dlls or in your specific environment.

Because the times are not really needed at that point, I made a change that 
might fix the problem for you. Please test:
http://kdiff3.sourceforge.net/kdiff3_2.zip

Joachim

> Hi,
> 
> 2011/5/1 Joachim Eibl wrote:
> > http://kdiff3.sourceforge.net/kdiff3.zip
> > 
> > contains the most recent version from svn trunk (which is about to be
> > released soon), statically linked against Qt4.7.2.
> 
> Program requires libgcc_s_dw2-1.dll, I managed to provide a copy locally.
> 
> > For the start you can test if the problem is reproducable.
> 
> Yes, the problem is still here, when comparing directories F:/ and G:/
> 
> > If yes, then it is probably best just to let it crash while running from
> > gdb and send me the stack.
> 
> gdb session and crash backtrace follows...
> 
> --------8<--------8<--------8<--------8<--------8<--------8<--------8<-----
> ---
> 
> C:\kdiff3>gdb kdiff3.exe
> GNU gdb (GDB) 7.2
> Copyright (C) 2010 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html> This is free software: you are free to
> change and redistribute it. There is NO WARRANTY, to the extent permitted
> by law.  Type "show copying" and "show warranty" for details.
> This GDB was configured as "i686-pc-mingw32".
> For bug reporting instructions, please see:
> <http://www.gnu.org/software/gdb/bugs/>.
> Reading symbols from C:\kdiff3/kdiff3.exe...done.
> (gdb) run
> Starting program: C:\kdiff3/kdiff3.exe
> [New Thread 156.0xf5c]
> warning: BTMMHOOK 02.05.2011 03:35:46 Thread<0F5C> Hook DLL loaded
> 
> [New Thread 156.0xc60]
> [New Thread 156.0xe8c]
> [New Thread 156.0x7e8]
> [New Thread 156.0x968]
> [New Thread 156.0x164]
> [New Thread 156.0xfd8]
> [New Thread 156.0x534]
> BFD: C:\WINDOWS\system32\WMVCore.dll: Warning: Ignoring section flag
> IMAGE_SCN_M EM_NOT_PAGED in section .reloc
> [New Thread 156.0xe6c]
> BFD: C:\WINDOWS\system32\WMVCore.dll: Warning: Ignoring section flag
> IMAGE_SCN_M EM_NOT_PAGED in section .reloc
> warning:
> 
>  *** A stack buffer overrun occurred in C:\kdiff3/kdiff3.exe :
> 
> 
> warning: This is usually the result of a memory copy to a local buffer or
> struct ure where the size is not properly calculated/checked.
> 
> warning: If this bug ends up in the shipping product, it could be a severe
> secur ity hole.
> 
> warning: The stack trace should show the guilty function (the function
> directly above __report_gsfailure).
> 
> warning:  *** enter .exr 0022E9D0 for the exception record
> 
> warning:  *** then kb to get the faulting stack
> 
> 
> 
> Program received signal SIGTRAP, Trace/breakpoint trap.
> 0x7c91120f in ntdll!DbgUiConnectToDbg () from C:\WINDOWS\system32\ntdll.dll
> (gdb) bt
> #0  0x7c91120f in ntdll!DbgUiConnectToDbg ()
>    from C:\WINDOWS\system32\ntdll.dll
> #1  0x7c977ede in ntdll!RtlUnhandledExceptionFilter2 ()
>    from C:\WINDOWS\system32\ntdll.dll
> #2  0x0022ea20 in ?? ()
> #3  0x7c9785f1 in ntdll!RtlUnicodeStringToAnsiSize ()
>    from C:\WINDOWS\system32\ntdll.dll
> #4  0x7c870ef6 in KERNEL32!BeginUpdateResourceA ()
>    from C:\WINDOWS\system32\kernel32.dll
> #5  0x7c85a6f2 in SetClientTimeZoneInformation ()
>    from C:\WINDOWS\system32\kernel32.dll
> #6  0x7c85a788 in SetClientTimeZoneInformation ()
>    from C:\WINDOWS\system32\kernel32.dll
> #7  0x7c85a7bd in SetClientTimeZoneInformation ()
>    from C:\WINDOWS\system32\kernel32.dll
> #8  0x7c85a834 in SetClientTimeZoneInformation ()
>    from C:\WINDOWS\system32\kernel32.dll
> #9  0x7c83b11c in ValidateLocale () from C:\WINDOWS\system32\kernel32.dll
> #10 0x00b340ca in fileTimeToQDateTime(_FILETIME const*) ()
> #11 0x00b3651d in QFSFileEngine::fileTime(QAbstractFileEngine::FileTime)
> const ()
> #12 0x00af6639 in
> QFileInfoPrivate::getFileTime(QAbstractFileEngine::FileTime) c onst ()
> #13 0x00af6799 in QFileInfo::created() const ()
> #14 0x00461d44 in FileAccess::setFile (this=0x22f8f8, name=...,
>     bWantToWrite=false) at fileaccess.cpp:138
> #15 0x00460e0d in FileAccess::FileAccess (this=0x22f8f8, name=...,
>     bWantToWrite=false) at fileaccess.cpp:55
> #16 0x00405108 in SourceData::setFilename (this=0x2343b80, filename=...)
>     at diff.cpp:187
> #17 0x0044608d in KDiff3App::slotFileOpen (this=0x2343a08) at
> pdiff.cpp:1101 #18 0x00418525 in KDiff3App::completeInit (this=0x2343a08,
> fn1=..., fn2=..., fn3=...) at kdiff3.cpp:454
> #19 0x0047429b in KDiff3Shell::KDiff3Shell (this=0x2324f90,
>     bCompleteInit=true) at kdiff3_shell.cpp:69
> #20 0x00404803 in qMain (argc=1, argv=0x21a2430) at main.cpp:249
> #21 0x0048a4cf in WinMain@16 ()
> #22 0x0048a198 in main ()
> (gdb)
> 
> --------8<--------8<--------8<--------8<--------8<--------8<--------8<-----
> ---
> 
> HTH