Microsoft KB Archive/197085

= Heap Corruptions Cause Access Violations in SNA Server and SnaBa =

Article ID: 197085

Article Last Modified on 9/8/2006

-

APPLIES TO


 * Microsoft SNA Server 3.0 Service Pack 4
 * Microsoft SNA Server 4.0
 * Microsoft SNA Server 3.0 Service Pack 2
 * Microsoft SNA Server 3.0 Service Pack 3
 * Microsoft SNA Server 4.0 Service Pack 1
 * Microsoft SNA Server 4.0

-



This article was previously published under Q197085





SYMPTOMS
SNA Server and SnaBase services encounter access violations because of a problem with application heap corruption.



CAUSE
The application heap corruption occurs when a client application sends an invalid message to the server. The memory block the heap code is processing has been overwritten with some invalid data. The Windows NT heap code uses these size fields to traverse up and down the heap lists, if the fields contain garbage, the result is a trap. SNA Server does not check for any invalid messages from the TCP/IP transport DLLs receive buffers.



SNA Server 4.0
This problem was corrected in the latest SNA Server version 4.0 U.S. Service Pack. For information on obtaining this Service Pack, query the following word in the Microsoft Knowledge Base: servepack The original hotfix has the following file attributes:

File Name Date Time
Snaip.dll 8/26/98 8:32AM



STATUS
Microsoft has confirmed this to be a problem in Microsoft SNA Server versions 3.0 and SNA Server version 4.0. This problem was first corrected in SNAServer 3.0 Service Pack 4.



MORE INFORMATION
SNA Server now checks the size of all incoming TCP/IP messages. If it's larger than allowed, SNA Server will disregard the message and close the client connection. Event ID 631 will be logged in the Windows NT Application event viewer with the IP Address of the client.

Keywords: kbbug kbfix KB197085

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.