Closed Bug 222849 Opened 21 years ago Closed 21 years ago

crash [@SECUR32.DLL] Login (entering username and password and pressing the enter key) causes Firebird to crash. Happens on Mozilla also.

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Platform:
x86
Windows 98
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.6beta

People

(Reporter: pphrdza, Assigned: darin.moz)

References

(
URL
)

Details

(Keywords: crash, topcrash, Whiteboard: [ntlm-auth] TB24559112Y)

Crash Data

Attachments

(1 file)

http log for event crash
40.13 KB, text/plain
Details 
User-Agent:       Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.5) Gecko/20031007 Firebird/0.7
Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.5) Gecko/20031007 Firebird/0.7

Dialog box appears as expected, but logging in causes both mozilla and firebird
to crash.  Both worked fine with the mail exhange (MS 2000 exhange server)
before installing the latest versions.  Prior versions were removed from my
computer before installing, and a new profile was created for each.

Reproducible: Always

Steps to Reproduce:
1.go to webmail.pbclibrary.org/exchange/
2.login dialog box pops up
3.press enter key

Actual Results:  
"This program has performed an illegal operation and will be shut down."
See Additional information for "Details:"


Expected Results:  
connect to the exchange server and display folders and email.

MOZILLA caused an invalid page fault in
module SECUR32.DLL at 017f:7f8737da.
Registers:
EAX=d4fe5560 CS=017f EIP=7f8737da EFLGS=00010202
EBX=00000000 SS=0187 ESP=0065f64c EBP=0065f6d0
ECX=00000000 DS=0187 ESI=00090312 FS=6017
EDX=01c39625 ES=0187 EDI=01fe1150 GS=6006
Bytes at CS:EIP:
89 01 8b 45 fc 89 51 04 c7 40 20 01 00 00 00 83 
Stack dump:
01fe2970 01fe2968 00000000 00000000 00000000 00000000 00000000 01fe1160 00000030
00000009 00438c8c 00000009 81ba4638 0065f6e8 bff77e6c 00438c8c
If it happens in Mozilla, then please don't file it as a Firebird bug.
->Browser
Assignee: blake → general
Component: General → Browser-General
Keywords: crash
Product: Firebird → Browser
QA Contact: general
Version: unspecified → Trunk
Looks like bug 212336.

Can you mention via attachment 131139 [details] (dumpver.exe) the version of secur32.dll
you have on your machine ?
Assignee: general → darin
Status: UNCONFIRMED → NEW
Component: Browser-General → Networking: HTTP
Ever confirmed: true
Keywords: stackwanted
QA Contact: general → httpqa
Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.6a) Gecko/20031018

TB24559112Y on Win98 SP1 
secure32.dll: your attachment gives me 4.10.0.1999, but right-clicking on the
secure32.dll in Windows\system\ and shows me Version 4.10.1999


I actually found 2 of these.  First one, in Windows/System:
Secur32.dll  version 4.10.2222
second one in Windows/System/cdom95/oldole:
secur32.dll  version 4.10.2177

I also found 2 of these, as seen from the date they seem to be from 1st install.
Windows/System:               secur32.dll  version 4.10.1999 size: 29kb 
Windows/System/dcom98/oldole: secur32.dll  version 4.10.1998 size: 40kb 
original Win98, SP1 and a few patches added later on.
can anyone attach a HTTP log of a minimal session via "create a new attachment" ?
See instructions here:
http://www.mozilla.org/projects/netlib/http/http-debugging.html
Whiteboard: [ntlm-auth] TB24559112Y
request from wolruf@free.fr  2003-10-19 14:25  for log of minimal session
hmm... looks like the patch for bug 212336 isn't enough.  perhaps the older
versions of SECUR32.DLL are buggy in other ways... *sigh* :-/

bugs like this make me want to throw away the whole SSPI thing and go with a
custom NTLM implementation for all platforms.
Status: NEW → ASSIGNED
Depends on: 212336
Summary: Login (entering username and password and pressing the enter key) causes Firebird to crash. Happens on Mozilla also. → crash [@SECUR32.DLL] Login (entering username and password and pressing the enter key) causes Firebird to crash. Happens on Mozilla also.
Target Milestone: --- → mozilla1.6alpha
TB24574158H
Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.6a) Gecko/20031019
Win98SE secur32.dll 4.10.2222
Keywords: topcrash
BBID range: 24430206 - 24576492
Min/Max Seconds since last crash: 32 - 49591
Min/Max Runtime: 90 - 49591
Crash data range: 2003-10-15 to 2003-10-20
Build ID range: 2003101304 to 2003101904

Stack Trace:
SECUR32.DLL + 0x37da (0x7f8737da)
SECUR32.DLL + 0x2416 (0x7f872416)
SECUR32.DLL + 0x179a (0x7f87179a)
nsHttpNTLMAuth::GenerateCredentials
[c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpNTLMAuth.cpp line 428]
nsHttpChannel::GetCredentials
[c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp line 2084]
nsHttpChannel::ProcessAuthentication
[c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp line 1915]
nsHttpChannel::ProcessResponse
[c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp line 709]
nsHttpChannel::OnStartRequest
[c:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp line 3277]
nsInputStreamPump::OnStateStart
[c:/builds/seamonkey/mozilla/netwerk/base/src/nsInputStreamPump.cpp line 381]
nsInputStreamPump::OnInputStreamReady
[c:/builds/seamonkey/mozilla/netwerk/base/src/nsInputStreamPump.cpp line 343]
0x023ef3f0
NECKO.DLL + 0x60528 (0x01350528)
nsDiskCacheBinding::AddRef
[c:/builds/seamonkey/mozilla/netwerk/cache/src/nsDiskCacheBinding.cpp line 109]
0x85107d8b
Keywords: stackwanted
i think the correct solution to this bug is to not use SECUR32.DLL for NTLM when
we detect that its version is too old.  when we get a cross-platform NTLM
implementation, we can just use that instead.  hmm.. maybe we'd want to always
use that! ;)  ... who likes having to chase down crashes in MS's code?  -- not me!
Target Milestone: mozilla1.6alpha → mozilla1.6beta
*** Bug 224589 has been marked as a duplicate of this bug. ***
Bug 224589: submitting empty login box on https://infotropolis.saic.com/ crashes.
Talkback IDs using 1.5 Release: TB25093131Y, TB25092915Q
crashed also using Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.6a) Gecko/20031030
Build ID 2003110115 (no Talkback packaged)
hmm... perhaps SECUR32.DLL doesn't like an empty username.  we can easily
protect against that.
*** Bug 224589 has been marked as a duplicate of this bug. ***
TB25096159W  
Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.5) Gecko/20031007

https://infotropolis.saic.com/
Enter username and password for "" at infotropolis.saic.com
User Name: mozilla
Password: test

crashed at submit, DocWatson was showing crash in secur32.dll

C:\Windows\System\secur32.dll Version 4.10.1999


can anyone reproduce this crash using a variant of WinNT?
I ran the dumpver.exe program provide in the attachment.  The program output the
following version information: 4.10.0.1998.  I then looked for the file
(SECUR32.DLL) and found it in C:\WINDOWS\SYSTEM (the only copy/version).  I
right-clicked on the icon and selected "Properties."  I clicked the "Version"
tab, and it states the version is 4.10.1998.  I presume, for some reason, the
Windows Properties dialog omits the "0".

FYI, I right-clicked on "My Computer" and under "System:" it says is:

 Microsoft Windows 98
 4.10.1998

BTW, I have installed most of the latest patches from Microsoft (Windows 98
Update site).  The only ones I have not applied are those for Internet Explorer
6 since I have IE 5.5. Also, I can successfully log-in to
https://infotropolis.saic.com using IE 5.5, which, I presume, uses SECUR32.DLL,
also. Hope this helps.
this bug is fixed now that the patch for bug 224653 has been checked in.  in
fact, we no longer load SECUR32.DLL :-)
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Depends on: 224653
Resolution: --- → FIXED
*** Bug 225794 has been marked as a duplicate of this bug. ***
*** Bug 228310 has been marked as a duplicate of this bug. ***
I have been using Mozilla 1.6b for a few weeks now, and it doesn't crash
anymore!  However, I have noticed one thing that might be deemed worthy of
investigating/fixing.

When the Infotropolis log-in dialog appears, the null string ("") is still
displayed in the message:

"Enter username and password for "" at infotropolic.saic.com"

If I click the cancel button, the log-in dialog reappears, but this time, the
string has a value:

"Enter username and password for "infotropolis" at infotropolis.saic.com"
Crash Signature: [@SECUR32.DLL]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: