Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

vncViewer 1.2.4.0 ABORT on CHAT

Developers may discuss here
Post Reply
splintercode
8
8
Posts: 14
Joined: 2010-09-10 14:46

vncViewer 1.2.4.0 ABORT on CHAT

Post by splintercode »

The CHAT function on release 1.2.4.0 cause the vncviewer to abort!

I have started from the latest source dated 10 february 21:09:16 from cyberfox123 - internal update projectfiles for new signing.

Compiled with vstudio 2017.

When I try to use CHAT, VncViewer go in abort.

Debugging, the code stop on the end of the TextChar:DoDialog

int TextChat::DoDialog()
{
return DialogBoxParam(pApp->m_instance, DIALOG_MAKEINTRESOURCE(IDD_TEXTCHAT_DLG),
NULL, (DLGPROC) TextChatDlgProc, (LONG_PTR) this);
}

The exception say:

Exception thrown at 0x77C2815A (ntdll.dll) in vncviewer.exe: 0xC0000005: access violation while reading the path 0xFEFEFEAE.

I have no problem during the compilation, so I think that my development environment is ok.

Thank you.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6831
Joined: 2004-04-23 10:21
Contact:

Re: vncViewer 1.2.4.0 ABORT on CHAT

Post by Rudi De Vos »

Hard to tell, you should check the callstack.
Possible something goes wrong during initialization, but nit reoeatable on test pc.

Code: Select all

BOOL CALLBACK TextChat::TextChatDlgProc(  HWND hWnd,  UINT uMsg,  WPARAM wParam, LPARAM lParam )
{
    TextChat *_this = helper::SafeGetWindowUserData<TextChat>(hWnd);

	switch (uMsg)
	{

	case WM_INITDIALOG:
kalkal82
Posts: 1
Joined: 2019-11-13 10:51

Re: vncViewer 1.2.4.0 ABORT on CHAT

Post by kalkal82 »

Hi

We also face the same problem in UVNC Viewver new version.

It seems there is something wrong with simultaneous running of the following methods:

1- _this->SendTextChatRequest(CHAT_OPEN); ====> in case WM_INITDIALOG: =====> BOOL CALLBACK TextChat::TextChatDlgProc(HWND hWnd ... method
2- ReadScreenUpdate(); ====> void* ClientConnection::run_undetached(void* arg)

if we omit the _this->SendTextChatRequest method in BOOL CALLBACK TextChat::TextChatDlgProc(HWND hWnd ... method, the exception vanishes.

Maybe the mutual exclusion condition in WriteExact method is violated or something else. I don't know.

The new original source downloaded from the uvnc website also has the problem in chat section without any modification.
splintercode
8
8
Posts: 14
Joined: 2010-09-10 14:46

Re: vncViewer 1.2.4.0 ABORT on CHAT

Post by splintercode »

Hello,

I have tried to comment the call to _this->SendTextChatRequest(CHAT_OPEN); but unfortunately the CHAR cause the ABORT.

I have tried to debug in single step, but VNCViewer go in ABORT on various part of the code

sometime on this memset( &cf, 0, sizeof(CHARFORMAT) ); // Initialize structure

Code: Select all

void TextChat::SetTextFormat(bool bBold /*= false */, bool bItalic /*= false*/
	, long nSize /*= 0x75*/, const char* szFaceName /*= "MS Sans Serif"*/, DWORD dwColor /*= BLACK*/)
{
	if ( GetDlgItem( m_hDlg, IDC_CHATAREA_EDIT ) )  //  Sanity Check
	{		
		CHARFORMAT cf;
               memset( &cf, 0, sizeof(CHARFORMAT) ); //  Initialize structure
other on strlen, here for (; !last_reached<Mode>(it, last) && *it != '\0'; ++it)

Code: Select all

template <strnlen_mode Mode, typename Element>
_Check_return_
_When_(maximum_count > _String_length_(string), _Post_satisfies_(return == _String_length_(string)))
_When_(maximum_count <= _String_length_(string), _Post_satisfies_(return == maximum_count))
static __forceinline size_t __cdecl common_strnlen_c(
    Element const* const string,
    size_t         const maximum_count
    ) throw()
{
    Element const* const last = string + maximum_count;
    Element const*       it   = string;

for (; !last_reached<Mode>(it, last) && *it != '\0'; ++it)

    {
    }

    return static_cast<size_t>(it - string);
It seems that one thread that dirties the heap....
splintercode
8
8
Posts: 14
Joined: 2010-09-10 14:46

Re: vncViewer 1.2.4.0 ABORT on CHAT

Post by splintercode »

Hello,

Finally, I have corrected.

I have changed the call to _snprintf on the TextChatDlgProc(), case WM_INITDIALOG

Code: Select all

BOOL CALLBACK TextChat::TextChatDlgProc(  HWND hWnd,  UINT uMsg,  WPARAM wParam, LPARAM lParam )
{
    TextChat *_this = helper::SafeGetWindowUserData<TextChat>(hWnd);

	switch (uMsg)
	{

	case WM_INITDIALOG:
......
this is the correction:

Code: Select all

			// ORIGINAL CODE
			// if (_snprintf_s(_this->m_szRemoteName, TEXTMAXSIZE, MAXNAMESIZE-1,"%s", _this->m_pCC->m_desktopName) < 0 )

			// MY CORRECTION; on the 2nd parameter of _snprintf used MAXNAMESIZE (128) instead of TEXTMAXSIZE(16384)
			if (_snprintf_s(_this->m_szRemoteName, MAXNAMESIZE, MAXNAMESIZE - 1, "%s", _this->m_pCC->m_desktopName) < 0)
On my system the chat is OK now.

Someone can check and test this correction on his computer?

Thank you.
splintercode
8
8
Posts: 14
Joined: 2010-09-10 14:46

Re: vncViewer 1.2.4.0 ABORT on CHAT

Post by splintercode »

Hi to all,

I have verified that the code from

Code: Select all

			if (_snprintf(_this->m_szRemoteName,MAXNAMESIZE-1,"%s", _this->m_pCC->m_desktopName) < 0 )
on 20 of august of 2019 has been modified with this:

Code: Select all

			if (_snprintf_s(_this->m_szRemoteName, TEXTMAXSIZE, MAXNAMESIZE-1,"%s", _this->m_pCC->m_desktopName) < 0 )
Because TEXTMAXSIZE is equal to 16384

Code: Select all

#define TEXTMAXSIZE 16384
while MAXNAMESIZE is equal 128

Code: Select all

#define MAXNAMESIZE	128
the call to _snprintf_s generate an exception.

for me, this is the correct code:

Code: Select all

			if (_snprintf_s(_this->m_szRemoteName, MAXNAMESIZE, MAXNAMESIZE - 1, "%s", _this->m_pCC->m_desktopName) < 0)
How can I advise the maintainer of the code?

Thank you.
Neustradamus
20
20
Posts: 54
Joined: 2011-03-26 20:22

Re: vncViewer 1.2.4.0 ABORT on CHAT

Post by Neustradamus »

@Rudi De Vos: Any news?
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6831
Joined: 2004-04-23 10:21
Contact:

Re: vncViewer 1.2.4.0 ABORT on CHAT

Post by Rudi De Vos »

Is already fixed
_snprintf_s(_this->m_szRemoteName, MAXNAMESIZE-1, _TRUNCATE,
Post Reply