Crash in [@ npwzwmc64.dll | GetModuleHandleW] (WinZip Courier)
Categories
(External Software Affecting Firefox :: Other, defect, P3)
Tracking
(Not tracked)
People
(Reporter: gsvelto, Unassigned)
Details
(Keywords: crash)
Crash Data
Crash report: https://crash-stats.mozilla.org/report/index/c7ba8ef5-a7dd-4ccf-84b9-522c90210417
Reason: EXCEPTION_ACCESS_VIOLATION_READ
Top 6 frames of crashing thread:
0 npwzwmc64.dll npwzwmc64.dll@0x7d7f
1 kernelbase.dll GetModuleHandleW
2 npwzwmc64.dll npwzwmc64.dll@0x47ff
3 kernel32.dll BaseThreadInitThunk
4 ntdll.dll RtlUserThreadStart
5 kernelbase.dll TerminateProcessOnMemoryExhaustion
This is WinZip Courrier doing something that crashes Firefox. Maybe it's injecting itself in the file picker? It's hard to tell from the stacks.
|
||
Comment 1•3 years ago
|
||
I downloaded the product from https://www.winzip.com/win/en/downec.html and debugged the behavior. I didn't have a luck to reproduce the crash, though.
WinZip Courier has a Firefox extension. Once I install and enable it, it launches its own process wzwmcffnm.exe and npwzwmc64.exe. The latter one wzwmcffnm64.exe injects npwzwmc64.dll into our browser process via CreateRemoteThread technique to customize the common file dialog.
For the "[ @ npwzwmc64.dll | GetModuleHandleW ]" crash, I think it happens during shutdown. Their code tried to use a pointer in a global variable in npwzwmc64.dll, but it was already set to null. This may be a timing issue that not every WinZip user hits.
According to https://www.winzip.com/win/en/contact.html, I sent an email to WinZip.
|
|
||
Updated•2 years ago
|
|
||
Comment 2•2 months ago
|
||
Since the crash volume is low (less than 15 per week), the severity is downgraded to S3. Feel free to change it back if you think the bug is still critical.
For more information, please visit BugBot documentation.
Description
•