https://bugs.openldap.org/show_bug.cgi?id=10198
Issue ID: 10198
Summary: Crash in mdb_strerr on Windows
Product: LMDB
Version: unspecified
Hardware: All
OS: Windows
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: liblmdb
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
The call to FormatMessageA in mdb_strerr crashes on Windows 10 for error code
112 (disk full).
Its "Arguments" parameter is an invalid pointer. The documentation says that
the parameter should be ignored because of FORMAT_MESSAGE_IGNORE_INSERTS but my
copy of Windows disagrees. Documentation for FormatMessageA:
https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-formatmessage
The error is (with addresses replaced by <...>):
Exception thrown at <RtlFormatMessageEx> (ntdll.dll) in
ConsoleApplication1.exe: 0xC0000005: Access violation reading location
<buf+8*1024>.
Trivial fix: Change the last parameter to NULL (in this call:
https://github.com/LMDB/lmdb/blob/8645e92b937794c06f0c66dfae64e425a085b6cd/libraries/liblmdb/mdb.c#L1793)
Bug 8361 is raising some additional issues in this code and it implies that the
va_list is somehow related to the padding hack (but I don't understand how that
is, to be honest), so I'm not sure whether the trivial fix would be fine.
Here is some code to reproduce the crash outside of liblmdb (tested with Visual
Studio 2022, x86 and x64, C++ console project):
#include <iostream>
#include <windows.h>
int main()
{
std::cout << "Hello World!\n";
char buf[1024];
FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM |
FORMAT_MESSAGE_IGNORE_INSERTS,
NULL, 112, 0, buf, sizeof(buf), (va_list*)buf + 1024);
char* msg = buf;
std::cout << msg;
}
--
You are receiving this mail because:
You are on the CC list for the issue.
