Closed Bug 222849 Opened 21 years ago Closed 21 years ago

crash [@SECUR32.DLL] Login (entering username and password and pressing the enter key) causes Firebird to crash. Happens on Mozilla also.

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Platform:
x86
Windows 98
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.6beta

People

(Reporter: pphrdza, Assigned: darin.moz)

References

(
URL
)

Details

(Keywords: crash, topcrash, Whiteboard: [ntlm-auth] TB24559112Y)

Crash Data

Attachments

(1 file)

http log for event crash
40.13 KB, text/plain
Details
User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.5) Gecko/20031007 Firebird/0.7 Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.5) Gecko/20031007 Firebird/0.7 Dialog box appears as expected, but logging in causes both mozilla and firebird to crash. Both worked fine with the mail exhange (MS 2000 exhange server) before installing the latest versions. Prior versions were removed from my computer before installing, and a new profile was created for each. Reproducible: Always Steps to Reproduce: 1.go to webmail.pbclibrary.org/exchange/ 2.login dialog box pops up 3.press enter key Actual Results: "This program has performed an illegal operation and will be shut down." See Additional information for "Details:" Expected Results: connect to the exchange server and display folders and email. MOZILLA caused an invalid page fault in module SECUR32.DLL at 017f:7f8737da. Registers: EAX=d4fe5560 CS=017f EIP=7f8737da EFLGS=00010202 EBX=00000000 SS=0187 ESP=0065f64c EBP=0065f6d0 ECX=00000000 DS=0187 ESI=00090312 FS=6017 EDX=01c39625 ES=0187 EDI=01fe1150 GS=6006 Bytes at CS:EIP: 89 01 8b 45 fc 89 51 04 c7 40 20 01 00 00 00 83 Stack dump: 01fe2970 01fe2968 00000000 00000000 00000000 00000000 00000000 01fe1160 00000030 00000009 00438c8c 00000009 81ba4638 0065f6e8 bff77e6c 00438c8c
If it happens in Mozilla, then please don't file it as a Firebird bug. ->Browser
Assignee: blake → general
Component: General → Browser-General
Keywords: crash
Product: Firebird → Browser
QA Contact: general
Version: unspecified → Trunk
Looks like bug 212336. Can you mention via attachment 131139 [details] (dumpver.exe) the version of secur32.dll you have on your machine ?
Assignee: general → darin
Status: UNCONFIRMED → NEW
Component: Browser-General → Networking: HTTP
Ever confirmed: true
Keywords: stackwanted
QA Contact: general → httpqa
Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.6a) Gecko/20031018 TB24559112Y on Win98 SP1 secure32.dll: your attachment gives me 4.10.0.1999, but right-clicking on the secure32.dll in Windows\system\ and shows me Version 4.10.1999
I actually found 2 of these. First one, in Windows/System: Secur32.dll version 4.10.2222 second one in Windows/System/cdom95/oldole: secur32.dll version 4.10.2177
I also found 2 of these, as seen from the date they seem to be from 1st install. Windows/System: secur32.dll version 4.10.1999 size: 29kb Windows/System/dcom98/oldole: secur32.dll version 4.10.1998 size: 40kb original Win98, SP1 and a few patches added later on.
can anyone attach a HTTP log of a minimal session via "create a new attachment" ? See instructions here: http://www.mozilla.org/projects/netlib/http/http-debugging.html
Whiteboard: [ntlm-auth] TB24559112Y
request from wolruf@free.fr 2003-10-19 14:25 for log of minimal session
hmm... looks like the patch for bug 212336 isn't enough. perhaps the older versions of SECUR32.DLL are buggy in other ways... *sigh* :-/ bugs like this make me want to throw away the whole SSPI thing and go with a custom NTLM implementation for all platforms.
Status: NEW → ASSIGNED
Depends on: 212336
Summary: Login (entering username and password and pressing the enter key) causes Firebird to crash. Happens on Mozilla also. → crash [@SECUR32.DLL] Login (entering username and password and pressing the enter key) causes Firebird to crash. Happens on Mozilla also.
Target Milestone: --- → mozilla1.6alpha
TB24574158H Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.6a) Gecko/20031019 Win98SE secur32.dll 4.10.2222
Keywords: topcrash
BBID range: 24430206 - 24576492 Min/Max Seconds since last crash: 32 - 49591 Min/Max Runtime: 90 - 49591 Crash data range: 2003-10-15 to 2003-10-20 Build ID range: 2003101304 to 2003101904 Stack Trace: SECUR32.DLL + 0x37da (0x7f8737da) SECUR32.DLL + 0x2416 (0x7f872416) SECUR32.DLL + 0x179a (0x7f87179a) nsHttpNTLMAuth::GenerateCredentials [c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpNTLMAuth.cpp line 428] nsHttpChannel::GetCredentials [c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp line 2084] nsHttpChannel::ProcessAuthentication [c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp line 1915] nsHttpChannel::ProcessResponse [c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp line 709] nsHttpChannel::OnStartRequest [c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp line 3277] nsInputStreamPump::OnStateStart [c:/builds/seamonkey/mozilla/netwerk/base/src/nsInputStreamPump.cpp line 381] nsInputStreamPump::OnInputStreamReady [c:/builds/seamonkey/mozilla/netwerk/base/src/nsInputStreamPump.cpp line 343] 0x023ef3f0 NECKO.DLL + 0x60528 (0x01350528) nsDiskCacheBinding::AddRef [c:/builds/seamonkey/mozilla/netwerk/cache/src/nsDiskCacheBinding.cpp line 109] 0x85107d8b
Keywords: stackwanted
i think the correct solution to this bug is to not use SECUR32.DLL for NTLM when we detect that its version is too old. when we get a cross-platform NTLM implementation, we can just use that instead. hmm.. maybe we'd want to always use that! ;) ... who likes having to chase down crashes in MS's code? -- not me!
Target Milestone: mozilla1.6alpha → mozilla1.6beta
*** Bug 224589 has been marked as a duplicate of this bug. ***
Bug 224589: submitting empty login box on https://infotropolis.saic.com/ crashes. Talkback IDs using 1.5 Release: TB25093131Y, TB25092915Q crashed also using Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.6a) Gecko/20031030 Build ID 2003110115 (no Talkback packaged)
hmm... perhaps SECUR32.DLL doesn't like an empty username. we can easily protect against that.
*** Bug 224589 has been marked as a duplicate of this bug. ***
TB25096159W Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.5) Gecko/20031007 https://infotropolis.saic.com/ Enter username and password for "" at infotropolis.saic.com User Name: mozilla Password: test crashed at submit, DocWatson was showing crash in secur32.dll C:\Windows\System\secur32.dll Version 4.10.1999
can anyone reproduce this crash using a variant of WinNT?
I ran the dumpver.exe program provide in the attachment. The program output the following version information: 4.10.0.1998. I then looked for the file (SECUR32.DLL) and found it in C:\WINDOWS\SYSTEM (the only copy/version). I right-clicked on the icon and selected "Properties." I clicked the "Version" tab, and it states the version is 4.10.1998. I presume, for some reason, the Windows Properties dialog omits the "0". FYI, I right-clicked on "My Computer" and under "System:" it says is: Microsoft Windows 98 4.10.1998 BTW, I have installed most of the latest patches from Microsoft (Windows 98 Update site). The only ones I have not applied are those for Internet Explorer 6 since I have IE 5.5. Also, I can successfully log-in to https://infotropolis.saic.com using IE 5.5, which, I presume, uses SECUR32.DLL, also. Hope this helps.
this bug is fixed now that the patch for bug 224653 has been checked in. in fact, we no longer load SECUR32.DLL :-)
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Depends on: 224653
Resolution: --- → FIXED
*** Bug 225794 has been marked as a duplicate of this bug. ***
*** Bug 228310 has been marked as a duplicate of this bug. ***
I have been using Mozilla 1.6b for a few weeks now, and it doesn't crash anymore! However, I have noticed one thing that might be deemed worthy of investigating/fixing. When the Infotropolis log-in dialog appears, the null string ("") is still displayed in the message: "Enter username and password for "" at infotropolic.saic.com" If I click the cancel button, the log-in dialog reappears, but this time, the string has a value: "Enter username and password for "infotropolis" at infotropolis.saic.com"
Crash Signature: [@SECUR32.DLL]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: