Microsoft KB Archive/260172

From BetaArchive Wiki

Article ID: 260172

Article Last Modified on 8/7/2007



APPLIES TO

  • Microsoft Visual C++ 5.0 Enterprise Edition
  • Microsoft Visual C++ 6.0 Enterprise Edition
  • Microsoft Visual C++ 5.0 Professional Edition
  • Microsoft Visual C++ 6.0 Professional Edition
  • Microsoft Visual C++ 6.0 Standard Edition
  • Microsoft Foundation Class Library 4.2



This article was previously published under Q260172

SYMPTOMS

Parameters passed to an MFC Internet Server Application Programming Interface (ISAPI) .dll file can be corrupted in some cases where the .dll is called simultaneously by a large number of clients on a multiple-processor computer.

CAUSE

This was caused by code that was storing temporary data in the parse map entry itself while parsing for parameters in CHttpServer::PushDefaultStackArgs.

RESOLUTION

The code was changed to allocate a temporary buffer instead of storing the parse map entries in the parse map.

STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed in the "Applies to" section. This bug was corrected in the latest service pack for Visual Studio 6.0.

For more information about Visual Studio service packs, click the following article numbers to view the articles in the Microsoft Knowledge Base:

194022 INFO: Visual Studio 6.0 Service packs, What, Where, Why

194295 HOWTO: Tell That a Visual Studio service Pack Is Installed


To download the latest Visual Studio service pack, visit the following Microsoft Web site:

MORE INFORMATION

Steps to reproduce the behavior

  1. Use the following ISAPI code on a dual-CPU computer (the problem may also occur on a single-CPU computer but is less noticeable):

    BEGIN_PARSE_MAP(CBugTestExtension, CHttpServer)
        // TODO: insert your ON_PARSE_COMMAND() and 
        // ON_PARSE_COMMAND_PARAMS() here to hook up your commands.
        // For example:
    
        DEFAULT_PARSE_COMMAND(Default, CBugTestExtension)
    
        ON_PARSE_COMMAND(Default, CBugTestExtension, ITS_PSTR)
        ON_PARSE_COMMAND_PARAMS ("param")
        
    END_PARSE_MAP(CBugTestExtension)
    
    void CBugTestExtension::Default(CHttpServerContext* pCtxt, LPTSTR lpStr)
    {
        StartContent(pCtxt);
        WriteTitle(pCtxt);
    
        if ((DWORD) lpStr == 0xcdcdcdcd)
        {
            ISAPITRACE ("Error!!!");
            DebugBreak();
        }
    
        *pCtxt << _T("This default message was produced by the Internet");
        *pCtxt << _T(" Server DLL Wizard. Edit your CBugTestExtension::Default()");
        *pCtxt << _T(" implementation to change it.\r\n");
    
    
    
        EndContent(pCtxt);
    }
                        
  2. Install the Microsoft Web Application Stress Tool on at least two clients. You can get it from the following Microsoft Web site:
  3. Configure and perform the following stress test:

    GET /scripts/bugtest/debug/bugtest.dll?DEFAULT?param=Hello
    Number of Thread: 10
    Number of sockets: 10
                            

    Use at least two client computers.

  4. Start Visual C++ and attach it to Inetinfo.exe. (Make sure that you have a debug build of the ISAPI .dll file.)
  5. Set the break point on this line:

    ISAPITRACE ("Error!!!");
                            

    Observe how occasionally lpStr points to an invalid memory location.

Here is the stack trace, which clearly indicates corrupted parameters in the Default function:

CBugTestExtension::Default(CHttpServerContext * 0x01d1fb9c, char * 0xcdcdcdcd) line 77
_AfxParseCall(void (CHttpServerContext *)* 0x01d1fb9c, void (CHttpServerContext *)* 0x01d1fb9c, void (CHttpServerContext *)* 0x01d1fb9c) line 46
CHttpServer::CallFunction(CHttpServerContext * 0x01d1fb9c, char * 0x000ff485, char * 0x00000000) line 921 + 24 bytes
CHttpServer::HttpExtensionProc(_EXTENSION_CONTROL_BLOCK * 0x000ff2f0) line 462 + 35 bytes
HttpExtensionProc(_EXTENSION_CONTROL_BLOCK * 0x000ff2f0) line 159 + 20 bytes
WAM! 68891807()
WAM! 6889128d()
W3SVC! 68c053de()
W3SVC! 68c052c1()
W3SVC! 68c0523d()
W3SVC! 68c051a7()
W3SVC! 68c01d3c()
W3SVC! 68c01769()
W3SVC! 68c046ea()
W3SVC! 68c04689()
ISATQ! 6862132b()
ISATQ! 68622676()
KERNEL32! 77f04ee8()
                

REFERENCES

See the following topics in the MSDN library:

CHttpServer
ON_PARSE_COMMAND_PARAMS()



Additional query words: sp4

Keywords: kbqfe kbbug kbfix kbvs600sp4fix kbvs600sp5fix KB260172