CString::GetLength error

Howdy,

I'm having a problem with CString.  Rarely but too often, GetLength returns 
the wrong length.  A recent example is a CString "OR" returned a length of 
0xDD000002.  As you could guess, this caused Serialize to have a heartattack.

Has anyone seen this kind of problem before and have an idea of the cause 
and of a solution?

-- 
Frank Perry
LavaLeaf Software
-2
Utf
1/6/2010 5:13:02 PM
vc.mfc 33608 articles. 0 followers. Follow

18 Replies
2813 Views

Similar Articles

[PageSpeed] 1

Frank Perry wrote:
> Howdy,
> 
> I'm having a problem with CString.  Rarely but too often, GetLength returns 
> the wrong length.  A recent example is a CString "OR" returned a length of 
> 0xDD000002.  As you could guess, this caused Serialize to have a heartattack.
> 
> Has anyone seen this kind of problem before and have an idea of the cause 
> and of a solution?

If your app is Unicode, I hope you used L"OR" or _T("OR").

-- 
David Wilkinson
Visual C++ MVP
1
David
1/6/2010 5:35:25 PM
I've never seen this, but you could try tracing down into the GetLength() 
function to see what it is looking at.  That string looks innocent enough. 
Even if you were using Unicode it would have just stored it as ASCII so it 
might not have been what you wanted, but it still should have worked.

Tom

"Frank Perry" <FrankPerry@discussions.microsoft.com> wrote in message 
news:D96766AC-B5BE-40D4-AA6C-BB489965C511@microsoft.com...
> Howdy,
>
> I'm having a problem with CString.  Rarely but too often, GetLength 
> returns
> the wrong length.  A recent example is a CString "OR" returned a length of
> 0xDD000002.  As you could guess, this caused Serialize to have a 
> heartattack.
>
> Has anyone seen this kind of problem before and have an idea of the cause
> and of a solution?
>
> -- 
> Frank Perry
> LavaLeaf Software 

2
Tom
1/6/2010 6:15:15 PM
Under normal conditions this is not possible.

You would need to show the code, as a start.

It could also be a memory clobber by the block of memory preceding the CString overwriting
its space and clobbering the data, or a data underrun if you ever unwrap the string
representation.  There are a huge number of explanations, but there is insufficient
context to determine which one might apply.

Consider the following questions:
	Have you ever done a GetBuffer/ReleaseBuffer on this string?
	Have you ever done a GetBuffer/ReleaseBuffer on any string?
	Do you have any data structure with a fixed-size array of anything in it?

That's just a start.
				joe

On Wed, 6 Jan 2010 09:13:02 -0800, Frank Perry <FrankPerry@discussions.microsoft.com>
wrote:

>Howdy,
>
>I'm having a problem with CString.  Rarely but too often, GetLength returns 
>the wrong length.  A recent example is a CString "OR" returned a length of 
>0xDD000002.  As you could guess, this caused Serialize to have a heartattack.
>
>Has anyone seen this kind of problem before and have an idea of the cause 
>and of a solution?
Joseph M. Newcomer [MVP]
email: newcomer@flounder.com
Web: http://www.flounder.com
MVP Tips: http://www.flounder.com/mvp_tips.htm
0
Joseph
1/6/2010 7:37:13 PM
Howdy,

I'll try and cover several questions.

The program is not Unicode.

The CString in the case here could be generated one of serveral ways.  The 
most likey is:
const char *DefOperators[] =
{
	"OR",
	"AND",
	"ADJ",
	"NEAR",
	"WITH",
	"SAME"
};

CString ValidateDefOperator(CString Value)
{
	Value.MakeUpper();
	int Size = sizeof(DefOperators)/sizeof(DefOperators[0]);
	for(int i=0; i<Size; i++)
		if(DefOperators[i] == Value)
			return Value;
	return "OR";
}
When it comes from some other source, it will be processed here so the end 
result would be the same.

I can't trace it because it is a rare occurrence.  I'm afraid that logic is 
about all I can apply to the problem.

I don't see instances of GetBuffer applied to the string in question.  The 
data is a class variable.  If something is clobbering the string, it will be 
almost impossible to sort out of the hundreds of C++ files that make up the 
code.

One reason for asking about this is I had a similar problem show up when a 
CString was being returned from or Oracle ODBC driver.  That would sometimes 
return a bad length for the string in a field of the rowset.  It was returned 
from the driver with a problem before anything in the program itself touched 
it.  I was wondering if this was similar.

The string itself is corrupted because the serialized data for it is FF FF 
FF 02 00 00 DD, which indicates it was returned to the serialize string 
function as 0xDD000002 bytes long.

-- 
Frank Perry
LavaLeaf Software


"Frank Perry" wrote:

> Howdy,
> 
> I'm having a problem with CString.  Rarely but too often, GetLength returns 
> the wrong length.  A recent example is a CString "OR" returned a length of 
> 0xDD000002.  As you could guess, this caused Serialize to have a heartattack.
> 
> Has anyone seen this kind of problem before and have an idea of the cause 
> and of a solution?
> 
> -- 
> Frank Perry
> LavaLeaf Software
0
Utf
1/6/2010 10:27:01 PM
I wonder if your getting a referencing problem.  CString attempts to not 
create new values if it thinks it can use the same one for multiple 
occurrences.  I've been caught by this before.  I usually force the issue by 
using the LPCTSTR operator like:

CString cs = (LPCTSTR) csValue;

Might be worth a try anyway.

Tom

"Frank Perry" <FrankPerry@discussions.microsoft.com> wrote in message 
news:4B4C1346-2741-4FB2-B12A-0CBF0961302D@microsoft.com...
> Howdy,
>
> I'll try and cover several questions.
>
> The program is not Unicode.
>
> The CString in the case here could be generated one of serveral ways.  The
> most likey is:
> const char *DefOperators[] =
> {
> "OR",
> "AND",
> "ADJ",
> "NEAR",
> "WITH",
> "SAME"
> };
>
> CString ValidateDefOperator(CString Value)
> {
> Value.MakeUpper();
> int Size = sizeof(DefOperators)/sizeof(DefOperators[0]);
> for(int i=0; i<Size; i++)
> if(DefOperators[i] == Value)
> return Value;
> return "OR";
> }
> When it comes from some other source, it will be processed here so the end
> result would be the same.
>
> I can't trace it because it is a rare occurrence.  I'm afraid that logic 
> is
> about all I can apply to the problem.
>
> I don't see instances of GetBuffer applied to the string in question.  The
> data is a class variable.  If something is clobbering the string, it will 
> be
> almost impossible to sort out of the hundreds of C++ files that make up 
> the
> code.
>
> One reason for asking about this is I had a similar problem show up when a
> CString was being returned from or Oracle ODBC driver.  That would 
> sometimes
> return a bad length for the string in a field of the rowset.  It was 
> returned
> from the driver with a problem before anything in the program itself 
> touched
> it.  I was wondering if this was similar.
>
> The string itself is corrupted because the serialized data for it is FF FF
> FF 02 00 00 DD, which indicates it was returned to the serialize string
> function as 0xDD000002 bytes long.
>
> -- 
> Frank Perry
> LavaLeaf Software
>
>
> "Frank Perry" wrote:
>
>> Howdy,
>>
>> I'm having a problem with CString.  Rarely but too often, GetLength 
>> returns
>> the wrong length.  A recent example is a CString "OR" returned a length 
>> of
>> 0xDD000002.  As you could guess, this caused Serialize to have a 
>> heartattack.
>>
>> Has anyone seen this kind of problem before and have an idea of the cause
>> and of a solution?
>>
>> -- 
>> Frank Perry
>> LavaLeaf Software 

0
Tom
1/6/2010 11:36:09 PM
"Tom Serface" <tom@camaswood.com> ha scritto nel messaggio 
news:OWdPGkyjKHA.1864@TK2MSFTNGP05.phx.gbl...

> I wonder if your getting a referencing problem.  CString attempts to not 
> create new values if it thinks it can use the same one for multiple 
> occurrences.

I think CString is a very robust class.

I would think that string corruption originated in some other places in OP's 
code (maybe some buffer overrun).

Giovanni
 

0
Giovanni
1/7/2010 9:19:12 AM
On Jan 6, 11:27=A0pm, Frank Perry <FrankPe...@discussions.microsoft.com>
wrote:
> The string itself is corrupted because the serialized data for it is FF F=
F
> FF 02 00 00 DD, which indicates it was returned to the serialize string
> function as 0xDD000002 bytes long.

So it's not a GetLength error, but serialization error. OK, I'll put
my serialization master hat on now...

What I can say is: your file is borked and there's nothing you can do
about that. Best approach by far is to find the source of the problem,
and that will be inspection of the "save" path for said files.

At load time, when you get bad data, you are already dead.
Serialization is, in principle, an all-or-nothing proposition, so
attempts to salvage stuff at load time are __very difficult__, and, in
general case, doomed to fail.

Goran.
0
Goran
1/7/2010 9:37:09 AM
It may of course be the deserialization code of some object somewhere before 
it in the stream that's at fault instead.

Anthony Wieser
Wieser Software Ltd


"Goran" <goran.pusic@gmail.com> wrote in message 
news:a9de3f6a-20f5-49bf-ba59-e5b16c78e756@m26g2000yqb.googlegroups.com...
On Jan 6, 11:27 pm, Frank Perry <FrankPe...@discussions.microsoft.com>
wrote:
> The string itself is corrupted because the serialized data for it is FF FF
> FF 02 00 00 DD, which indicates it was returned to the serialize string
> function as 0xDD000002 bytes long.

So it's not a GetLength error, but serialization error. OK, I'll put
my serialization master hat on now...

What I can say is: your file is borked and there's nothing you can do
about that. Best approach by far is to find the source of the problem,
and that will be inspection of the "save" path for said files.

At load time, when you get bad data, you are already dead.
Serialization is, in principle, an all-or-nothing proposition, so
attempts to salvage stuff at load time are __very difficult__, and, in
general case, doomed to fail.

Goran. 

0
Anthony
1/7/2010 11:35:27 AM
Howdy,

I looked at the serialization code for serializing a CString.  It gets the 
length from CString and based on that length writes out the length of the 
length (if that makes sense) in the form of a mask before adding the string.  
From that, I think the GetLength is the problem.  Based on the length, it 
prefaces the length with either no bytes if the length is 0 - 0xfe, or FF if 
it's 0xff to 0xfffe, etc.  It prefaces the string length with 0xff 0xff 0xff 
so it clearly believes the length is 0xDD000002 (e.i. requiring 4 bytes to 
express).

I am not sure what I think about the buffer overrun.  On the one hand, it is 
an obvious possibility that something else is clobbering the data.  But on 
the other hand, almost everything we write is a string and 0xDD isn't in the 
normal character set.  If it was something like 0x41 or 0x20 it would make 
much more sense.  

I am not familiar with the format of a CString but is the length someplace 
where it could be clobbered by an overrun while leaving the actual 2 inplace 
and also leave enought of the rest of the header to still function as a 
string?  Assuming it's 'little endian' I would think the 2 would have been 
clobbered before an overwrite would leave an 0xdd three bytes deeper in the 
CString header.

I find the idea of a copy function going bad hopeful.  (If only because I 
can change that quickly and see what happens.)  In my experience, copying a 
string with a bad length will result in the new string being just as bad as 
the old one.  It copies by the string's stated length and not the actual 
length.  (My ODBC Cstring problem was correctable by saving a new string with 
LockBuffer which stopped at the first 0x00 and not the GetLength value.)
 
-- 
Frank Perry
LavaLeaf Software


"Goran" wrote:

> On Jan 6, 11:27 pm, Frank Perry <FrankPe...@discussions.microsoft.com>
> wrote:
> > The string itself is corrupted because the serialized data for it is FF FF
> > FF 02 00 00 DD, which indicates it was returned to the serialize string
> > function as 0xDD000002 bytes long.
> 
> So it's not a GetLength error, but serialization error. OK, I'll put
> my serialization master hat on now...
> 
> What I can say is: your file is borked and there's nothing you can do
> about that. Best approach by far is to find the source of the problem,
> and that will be inspection of the "save" path for said files.
> 
> At load time, when you get bad data, you are already dead.
> Serialization is, in principle, an all-or-nothing proposition, so
> attempts to salvage stuff at load time are __very difficult__, and, in
> general case, doomed to fail.
> 
> Goran.
> .
> 
0
Utf
1/7/2010 3:09:01 PM
See below...
On Wed, 6 Jan 2010 14:27:01 -0800, Frank Perry <FrankPerry@discussions.microsoft.com>
wrote:

>Howdy,
>
>I'll try and cover several questions.
>
>The program is not Unicode.
>
>The CString in the case here could be generated one of serveral ways.  The 
>most likey is:
>const char *DefOperators[] =
>{
>	"OR",
>	"AND",
>	"ADJ",
>	"NEAR",
>	"WITH",
>	"SAME"
>};
****
The above declaration is erroneous.  If you are using CString, the only correct format
would have been

LPCTSTR DefOperators[] = 
{
          _T("OR"),
          _T("AND"),
....etc.
};

Otherwise, your code will not be correct if it is compiled as Unicode.  It is extremely
important to realize that in 2010, the data type 'char' should be considered obsolete
except in very rare and exotic circumstances, and not only is this not one, but you have
asserted that CString must necessarily be 8 bit characters, which is simply not true.
****
>
>CString ValidateDefOperator(CString Value)
>{
>	Value.MakeUpper();
>	int Size = sizeof(DefOperators)/sizeof(DefOperators[0]);
****
Starting in VS2008, the poorly-documented _countof could be used:
	int Size = _countof(DefOperators);
It is not clear why you have to introduce a separate variable for this, since the
expression is a compile time constant and takes no runtime cost to evaluate.
****
>	for(int i=0; i<Size; i++)
>		if(DefOperators[i] == Value)
>			return Value;
>	return "OR";
****
return _T("OR");
****
>}
>When it comes from some other source, it will be processed here so the end 
>result would be the same.
>
>I can't trace it because it is a rare occurrence.  I'm afraid that logic is 
>about all I can apply to the problem.
****
The "rare occurrence" part suggests memory damage.  See my essay on memory damage
detection on my MVP Tips site.
****
>
>I don't see instances of GetBuffer applied to the string in question.  The 
>data is a class variable.  If something is clobbering the string, it will be 
>almost impossible to sort out of the hundreds of C++ files that make up the 
>code.
****
Note that I also asked "Did you every use GetBuffer/ReleaseBuffer on *any* string?"
(emphasis added).

It looks like a data overrun problem, but it could also be an uninitialized-pointer
problem.  But an uninitialized-pointer problem should show up in debug mode as an access
fault to some weird-looking address.
****
>
>One reason for asking about this is I had a similar problem show up when a 
>CString was being returned from or Oracle ODBC driver.  That would sometimes 
>return a bad length for the string in a field of the rowset.  It was returned 
>from the driver with a problem before anything in the program itself touched 
>it.  I was wondering if this was similar.
>
>The string itself is corrupted because the serialized data for it is FF FF 
>FF 02 00 00 DD, which indicates it was returned to the serialize string 
>function as 0xDD000002 bytes long.
****
Not sure what the FF FF FF represents.  I don't use MFC serialization because I consider
it deeply unreliable in the presence of schema evolution.  But it still looks like memory
damage, unless there is perhaps a bad serialization call that has set the serialization
stream off-by-one, or something else weird.
					joe
****
Joseph M. Newcomer [MVP]
email: newcomer@flounder.com
Web: http://www.flounder.com
MVP Tips: http://www.flounder.com/mvp_tips.htm
0
Joseph
1/7/2010 3:39:01 PM
0xDD is the byte used to represent free storage in the debug heap (see crt\src\dbgheap.c
in the VC directory, for example).  So if one of these bytes were copied accidentally into
the space, for example, by using a dead pointer, who knows what is going to happen?  If a
pointer which used to point to a structure is used to obtain a byte, you might get 0xDD,
and if another pointer to what used to point to another structure is used to store it, and
that pointer now points to what is now a CString, well, that's certain death, and the data
you see could result.  Note that sometimes the data might be a 0 in which case a 0
overwrites a 0, so the bug only shows up when the overwritten data is nonzero.

Try running under the Application Verifier with all possible storage tests turned on.  It
might show up something.
				joe

On Thu, 7 Jan 2010 07:09:01 -0800, Frank Perry <FrankPerry@discussions.microsoft.com>
wrote:

>Howdy,
>
>I looked at the serialization code for serializing a CString.  It gets the 
>length from CString and based on that length writes out the length of the 
>length (if that makes sense) in the form of a mask before adding the string.  
>From that, I think the GetLength is the problem.  Based on the length, it 
>prefaces the length with either no bytes if the length is 0 - 0xfe, or FF if 
>it's 0xff to 0xfffe, etc.  It prefaces the string length with 0xff 0xff 0xff 
>so it clearly believes the length is 0xDD000002 (e.i. requiring 4 bytes to 
>express).
>
>I am not sure what I think about the buffer overrun.  On the one hand, it is 
>an obvious possibility that something else is clobbering the data.  But on 
>the other hand, almost everything we write is a string and 0xDD isn't in the 
>normal character set.  If it was something like 0x41 or 0x20 it would make 
>much more sense.  
>
>I am not familiar with the format of a CString but is the length someplace 
>where it could be clobbered by an overrun while leaving the actual 2 inplace 
>and also leave enought of the rest of the header to still function as a 
>string?  Assuming it's 'little endian' I would think the 2 would have been 
>clobbered before an overwrite would leave an 0xdd three bytes deeper in the 
>CString header.
>
>I find the idea of a copy function going bad hopeful.  (If only because I 
>can change that quickly and see what happens.)  In my experience, copying a 
>string with a bad length will result in the new string being just as bad as 
>the old one.  It copies by the string's stated length and not the actual 
>length.  (My ODBC Cstring problem was correctable by saving a new string with 
>LockBuffer which stopped at the first 0x00 and not the GetLength value.)
> 
Joseph M. Newcomer [MVP]
email: newcomer@flounder.com
Web: http://www.flounder.com
MVP Tips: http://www.flounder.com/mvp_tips.htm
0
Joseph
1/7/2010 3:57:25 PM
Howdy,

I haven't been able to use Application Verify.  It seems to block my access 
to the database.  I haven't had a chance to see why or how but when I have my 
program listed in it, the program failes to return data from the ACE dll that 
interacts with the database.

-- 
Frank Perry
LavaLeaf Software


"Joseph M. Newcomer" wrote:

> 0xDD is the byte used to represent free storage in the debug heap (see crt\src\dbgheap.c
> in the VC directory, for example).  So if one of these bytes were copied accidentally into
> the space, for example, by using a dead pointer, who knows what is going to happen?  If a
> pointer which used to point to a structure is used to obtain a byte, you might get 0xDD,
> and if another pointer to what used to point to another structure is used to store it, and
> that pointer now points to what is now a CString, well, that's certain death, and the data
> you see could result.  Note that sometimes the data might be a 0 in which case a 0
> overwrites a 0, so the bug only shows up when the overwritten data is nonzero.
> 
> Try running under the Application Verifier with all possible storage tests turned on.  It
> might show up something.
> 				joe
> 
> On Thu, 7 Jan 2010 07:09:01 -0800, Frank Perry <FrankPerry@discussions.microsoft.com>
> wrote:
> 
> >Howdy,
> >
> >I looked at the serialization code for serializing a CString.  It gets the 
> >length from CString and based on that length writes out the length of the 
> >length (if that makes sense) in the form of a mask before adding the string.  
> >From that, I think the GetLength is the problem.  Based on the length, it 
> >prefaces the length with either no bytes if the length is 0 - 0xfe, or FF if 
> >it's 0xff to 0xfffe, etc.  It prefaces the string length with 0xff 0xff 0xff 
> >so it clearly believes the length is 0xDD000002 (e.i. requiring 4 bytes to 
> >express).
> >
> >I am not sure what I think about the buffer overrun.  On the one hand, it is 
> >an obvious possibility that something else is clobbering the data.  But on 
> >the other hand, almost everything we write is a string and 0xDD isn't in the 
> >normal character set.  If it was something like 0x41 or 0x20 it would make 
> >much more sense.  
> >
> >I am not familiar with the format of a CString but is the length someplace 
> >where it could be clobbered by an overrun while leaving the actual 2 inplace 
> >and also leave enought of the rest of the header to still function as a 
> >string?  Assuming it's 'little endian' I would think the 2 would have been 
> >clobbered before an overwrite would leave an 0xdd three bytes deeper in the 
> >CString header.
> >
> >I find the idea of a copy function going bad hopeful.  (If only because I 
> >can change that quickly and see what happens.)  In my experience, copying a 
> >string with a bad length will result in the new string being just as bad as 
> >the old one.  It copies by the string's stated length and not the actual 
> >length.  (My ODBC Cstring problem was correctable by saving a new string with 
> >LockBuffer which stopped at the first 0x00 and not the GetLength value.)
> > 
> Joseph M. Newcomer [MVP]
> email: newcomer@flounder.com
> Web: http://www.flounder.com
> MVP Tips: http://www.flounder.com/mvp_tips.htm
> .
> 
0
Utf
1/11/2010 6:09:01 PM
Hmmm...that's interesting, and may already be symptomatic of a problem.  I've not used
databases, so don't know about potential problems that might exist.
					joe

On Mon, 11 Jan 2010 10:09:01 -0800, Frank Perry <FrankPerry@discussions.microsoft.com>
wrote:

>Howdy,
>
>I haven't been able to use Application Verify.  It seems to block my access 
>to the database.  I haven't had a chance to see why or how but when I have my 
>program listed in it, the program failes to return data from the ACE dll that 
>interacts with the database.
Joseph M. Newcomer [MVP]
email: newcomer@flounder.com
Web: http://www.flounder.com
MVP Tips: http://www.flounder.com/mvp_tips.htm
0
Joseph
1/11/2010 9:53:09 PM
Frank Perry wrote:

> ....
> I can't trace it because it is a rare occurrence.  I'm afraid that logic is 
> about all I can apply to the problem.


In general when rare and intermittent things like this rear its head, 
it means its a PDE - programming design error.

It could be buffer overflow, underflow or whatever, a corruption is 
occurring somewhere.  This basically means, you need to isolate your 
code, black box it and make sure its perfect in isolated testing and 
if you still have problems when you plug it back into your 
application, then you have a PE somewhere. Its that plain and simple. :)

Divide and conquer is one way to get to this problems.  A good heap 
manager tool may help too.

Happy Hunting!

-- 
HLS
0
Hector
1/12/2010 6:08:48 AM
Hi Frank,

You could try switching out to a std:string instead and see if you get a 
similar issue.  That may not be an easy thing to do, but it would prove 
whether it's CString's fault or the fault of something in your code.  I use 
CString a LOT with absolutely not problems, but that doesn't prove that 
there are none.  As I mentioned before I do use a specific cast (LPCTSTR) on 
occasion to force CString to create  a new copy since I've found the 
reference counter to have problems on occasion, but other than that it works 
as advertised.  If you could switch out to a different kind of string and 
you still have the issue then ...

Tom

"Frank Perry" <FrankPerry@discussions.microsoft.com> wrote in message 
news:3982A5BD-AA09-4B89-BBE1-F838AC61501C@microsoft.com...
> Howdy,
>
> I haven't been able to use Application Verify.  It seems to block my 
> access
> to the database.  I haven't had a chance to see why or how but when I have 
> my
> program listed in it, the program failes to return data from the ACE dll 
> that
> interacts with the database.
>
> -- 
> Frank Perry
> LavaLeaf Software
>
>
> "Joseph M. Newcomer" wrote:
>
>> 0xDD is the byte used to represent free storage in the debug heap (see 
>> crt\src\dbgheap.c
>> in the VC directory, for example).  So if one of these bytes were copied 
>> accidentally into
>> the space, for example, by using a dead pointer, who knows what is going 
>> to happen?  If a
>> pointer which used to point to a structure is used to obtain a byte, you 
>> might get 0xDD,
>> and if another pointer to what used to point to another structure is used 
>> to store it, and
>> that pointer now points to what is now a CString, well, that's certain 
>> death, and the data
>> you see could result.  Note that sometimes the data might be a 0 in which 
>> case a 0
>> overwrites a 0, so the bug only shows up when the overwritten data is 
>> nonzero.
>>
>> Try running under the Application Verifier with all possible storage 
>> tests turned on.  It
>> might show up something.
>> joe
>>
>> On Thu, 7 Jan 2010 07:09:01 -0800, Frank Perry 
>> <FrankPerry@discussions.microsoft.com>
>> wrote:
>>
>> >Howdy,
>> >
>> >I looked at the serialization code for serializing a CString.  It gets 
>> >the
>> >length from CString and based on that length writes out the length of 
>> >the
>> >length (if that makes sense) in the form of a mask before adding the 
>> >string.
>> >From that, I think the GetLength is the problem.  Based on the length, 
>> >it
>> >prefaces the length with either no bytes if the length is 0 - 0xfe, or 
>> >FF if
>> >it's 0xff to 0xfffe, etc.  It prefaces the string length with 0xff 0xff 
>> >0xff
>> >so it clearly believes the length is 0xDD000002 (e.i. requiring 4 bytes 
>> >to
>> >express).
>> >
>> >I am not sure what I think about the buffer overrun.  On the one hand, 
>> >it is
>> >an obvious possibility that something else is clobbering the data.  But 
>> >on
>> >the other hand, almost everything we write is a string and 0xDD isn't in 
>> >the
>> >normal character set.  If it was something like 0x41 or 0x20 it would 
>> >make
>> >much more sense.
>> >
>> >I am not familiar with the format of a CString but is the length 
>> >someplace
>> >where it could be clobbered by an overrun while leaving the actual 2 
>> >inplace
>> >and also leave enought of the rest of the header to still function as a
>> >string?  Assuming it's 'little endian' I would think the 2 would have 
>> >been
>> >clobbered before an overwrite would leave an 0xdd three bytes deeper in 
>> >the
>> >CString header.
>> >
>> >I find the idea of a copy function going bad hopeful.  (If only because 
>> >I
>> >can change that quickly and see what happens.)  In my experience, 
>> >copying a
>> >string with a bad length will result in the new string being just as bad 
>> >as
>> >the old one.  It copies by the string's stated length and not the actual
>> >length.  (My ODBC Cstring problem was correctable by saving a new string 
>> >with
>> >LockBuffer which stopped at the first 0x00 and not the GetLength value.)
>> >
>> Joseph M. Newcomer [MVP]
>> email: newcomer@flounder.com
>> Web: http://www.flounder.com
>> MVP Tips: http://www.flounder.com/mvp_tips.htm
>> .
>> 
0
Tom
1/12/2010 5:12:06 PM
Howdy,

I wish I could create test versions but that isn't in the cards.  There are 
about 6000 people who use the program.  It's a government contract and we are 
not allowed by contract to install anything that isn't run through the full 
FQT process and pushed to all the workstations at once.  The problem is rare 
so ofcourse it never happens on my test machine.


-- 
Frank Perry
LavaLeaf Software


"Hector Santos" wrote:

> Frank Perry wrote:
> 
> > ....
> > I can't trace it because it is a rare occurrence.  I'm afraid that logic is 
> > about all I can apply to the problem.
> 
> 
> In general when rare and intermittent things like this rear its head, 
> it means its a PDE - programming design error.
> 
> It could be buffer overflow, underflow or whatever, a corruption is 
> occurring somewhere.  This basically means, you need to isolate your 
> code, black box it and make sure its perfect in isolated testing and 
> if you still have problems when you plug it back into your 
> application, then you have a PE somewhere. Its that plain and simple. :)
> 
> Divide and conquer is one way to get to this problems.  A good heap 
> manager tool may help too.
> 
> Happy Hunting!
> 
> -- 
> HLS
> .
> 
0
Utf
1/12/2010 10:07:01 PM
Man, I can say, been there done that... I don't know how to solve the 
problem, but I can commiserate.

Tom

"Frank Perry" <FrankPerry@discussions.microsoft.com> wrote in message 
news:B62D058D-F26A-4168-8B51-EE4816415D8A@microsoft.com...
> Howdy,
>
> I wish I could create test versions but that isn't in the cards.  There 
> are
> about 6000 people who use the program.  It's a government contract and we 
> are
> not allowed by contract to install anything that isn't run through the 
> full
> FQT process and pushed to all the workstations at once.  The problem is 
> rare
> so ofcourse it never happens on my test machine.
>
>
> -- 
> Frank Perry
> LavaLeaf Software
>
>
> "Hector Santos" wrote:
>
>> Frank Perry wrote:
>>
>> > ....
>> > I can't trace it because it is a rare occurrence.  I'm afraid that 
>> > logic is
>> > about all I can apply to the problem.
>>
>>
>> In general when rare and intermittent things like this rear its head,
>> it means its a PDE - programming design error.
>>
>> It could be buffer overflow, underflow or whatever, a corruption is
>> occurring somewhere.  This basically means, you need to isolate your
>> code, black box it and make sure its perfect in isolated testing and
>> if you still have problems when you plug it back into your
>> application, then you have a PE somewhere. Its that plain and simple. :)
>>
>> Divide and conquer is one way to get to this problems.  A good heap
>> manager tool may help too.
>>
>> Happy Hunting!
>>
>> -- 
>> HLS
>> .
>> 
0
Tom
1/12/2010 10:19:33 PM
Howdy,

I wouldn't be surprised that there is a problem with the DLL we use to 
access the database.  (That has to be taken with a grain of salt as the DLL 
isn't _our_ DLL and would be someone else's problem, so I'm biased.)

I will continue to try and get Application Verify to run.  But, the cycle of 
juggling priorities is moving away from this problem, so it may be a few days 
before I get it worked out.

-- 
Frank Perry
LavaLeaf Software


"Joseph M. Newcomer" wrote:

> Hmmm...that's interesting, and may already be symptomatic of a problem.  I've not used
> databases, so don't know about potential problems that might exist.
> 					joe
> 
> On Mon, 11 Jan 2010 10:09:01 -0800, Frank Perry <FrankPerry@discussions.microsoft.com>
> wrote:
> 
> >Howdy,
> >
> >I haven't been able to use Application Verify.  It seems to block my access 
> >to the database.  I haven't had a chance to see why or how but when I have my 
> >program listed in it, the program failes to return data from the ACE dll that 
> >interacts with the database.
> Joseph M. Newcomer [MVP]
> email: newcomer@flounder.com
> Web: http://www.flounder.com
> MVP Tips: http://www.flounder.com/mvp_tips.htm
> .
> 
0
Utf
1/12/2010 10:45:01 PM
Reply:

Similar Artilces:

DMM Configuration Error
Hi Guys, I am trying to install DMM for MSCRM 4.0. It installed properly. While Configuring this DMM with MSCRM 4.0, 1) I specified the Intranet address 2) specified SQL Server name. 3) It verified the system requirements also. But, after Step 3, It is showing an ERROR as "An Error has Occured. Restart the Data Migration Manager". For this to resolve, I tried to restart the service in Services. But it is showing an error has occured. Please help me, if anyone can resolve this....... regards, Sailaja. ...

Error Message
I'm running a Mac G4 with OS 10.4 and Media Player version 9. I've tried to open downloaded tutorials and I get a message: ".This file may not play correctly because it is compressed by using a codec that is not suported". I've seen this before on files that I haven't deemed important and ignored it. Now I need to open these tutorial files. I've received other Media Player files from other sources and opened them with no problem. Can anyone tell me what I can do to see these videos. What codec does the file use? It's entirely possible that...

Access Query
I have a query that is controlled by a form. When I choose the fields in the form and try and run the query it gives me Error 3349. What am I doing incorrectly? On Thu, 3 Dec 2009 12:54:02 -0800, Jecker <Jecker@discussions.microsoft.com> wrote: >I have a query that is controlled by a form. When I choose the fields in the >form and try and run the query it gives me Error 3349. What am I doing >incorrectly? I don't know, because I can't see the query or the form from here, and don't know just what you're doing! Please open the query in SQL ...

Outlook "an unexpected error has occured"
All of a sudden today OUTLOOK 2003 gives an error message when I try to send e-mail to a distribution list. I evern tried to delete and recreate the list. It just says "an unexpected error has occured". Help! ...

Outlook Express error
I have been recieving the following error when I try to send any emails from my laptop. Could anyone help me get pointed in the correct direction? The connection to the server has failed. Account: 'MDU Wiring', Server: 'smtp.mduwiring.com', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket Error: 10013, Error Number: 0x800CCC0E 0x800CCC0E = Cannot connect to server 10013 = Permission denied How is your laptop connected to the Internet? Are you able to use 'smtp.mduwiring.com' from any other PC? mduwiring.com doesn't appear to be an ISP, so I&...

Error or Not?
Could someone have a look at this for me and give me feedback please =IF(OR(V8="",X8=""),"",IF(OR(V8="R",X8="R"),"R",IF(OR(V8=49,X8=49),"NGP",SUM(V8*0.18,X8*0.82)/100))) Q8 is the destination cell so I want Q8 to produce NGP only if both V8 & X8 =NGP by entering 49 into both V8 & X8. However, if for argument sake V8 has 49 and X8 has 90 as it stands now Q8 still reads NGP but I want it to actually calculate the score based on the SUM above and not give me an NGP.... obviously the formula needs changing but I can...

sending CString to CStatic label control from worker thread
I need to send a CString from a thread to a static label on the main dialog form. I think I have the thread working okay, but I am unsure how to send the CString to the dialog control. I have seen information on using PostMessage and SendMessage, but I don't really understand how to use these functions. Obviously I can't do like I tried below and I can't get a pointer to the control from the thread function, so just how do I say send the word "hello" to the SetWindowText() function of the label control on the dialog form. I have looked on the Internet and in se...

Error on receiving 'Windows Live Hotmail Folder'
Version: 2008 Operating System: Mac OS X 10.5 (Leopard) Every time I try to use Entourage, 'error descriptions' pop up on my screen and read the following: <br><br>Error <br><br>HTTP error. Access to the resource is forbidden. <br><br>Explanation <br><br>The Windows Live Hotmail folder list could not be received. <br><br>Account name: &quot;xxx@hotmail.com&quot; <br><br>Error: - 18597 <br><br>I'm not sure how I can fix this, so my email account and Entourage can be synced. I cannot send ...

CString
How can I covert argv[0] to LPCSTR? Hi, Shouldn't CString(argv[0]) do the trick? Sander Verhagen [ Verhagen@nonono.Sander.com ] "Oliver Young" <please@no.spam.com> wrote in message news:er3JuEogDHA.616@TK2MSFTNGP11.phx.gbl... > > How can I covert argv[0] to LPCSTR? > > > Shouldn't CString(argv[0]) do the trick? OK. And how can I convert CString into LPCSTR? I need LPCSTR. I need to convert from char** ( argv[0] ) into LPCSTR. Please, forget CString, and MFC if possible. > How can I covert argv[0] to LPCSTR? LPCSTR...

CString (again)
I have a class: class TestClass{ public: TestClass(){}; virtual ~TestClass(){}; BOOL CalcArea(double * pArea); void ReversePoints(); void OrderFromLowest(); std::vector<CoordinateClass> Pts; double OrientationType; BOOL XFlip; BOOL YFlip; double LTilt; double RTilt; double Buffer; int Style; CString Name; }; Now when I go like this: TestClass * pNew = new TestClass; pNew->Name = "anything in here will cause an error"; At runtime i get an unhandled exception which is comign from CString::AssignCopy() How do i fix this? Can't seem to reproduce this ...

std::string vs Cstring
Hello, I have recently been encouraged to utilise String classes, as opposed to C type char arrays due to some difficulty debugging some buffer overflows. I have looked into std::string and CString, but what are the benefits and drawbacks? The main problem I have is that I do a lot of data formatting using sprintf, for which I see no substitute using std::string, - MR On Thu, 30 Dec 2004 23:25:21 -0000, "Mark Randall" <strike@rapiercom.freeserve.co.uk> wrote: >Hello, > >I have recently been encouraged to utilise String classes, as opposed to C >type cha...

Runtime C++ Error in Outlook
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have Outlook 2002 and can't keep it open. When it opens I get a runtime C++ error/abnormal termination error. I have tried repairing, reinstalling and a remove/install and nothing works. I am running Window 2000. HELP!! Thanks -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 - not licensed for commercial use: www.pgp.com iQA/AwUBQL5hX+koPZAZfLgsEQIlfgCfbV+d1i4VSkXQ1yhasNCQFN5MvXsAoLFZ mYFcE1ay6j0t3oulf6ZlianB =Cu9O -----END PGP SIGNATURE----- Lady Veteran ----------------------------------- "I rode a tank and held a general's...

exmerge errors #6
Greetings, I'm trying to migrate email boxes from exchange 5.5 to new SBS 2003 with Exchange 2003. Exmerge errors are LDAP related. I've been through KB articles and have changed the LDAP port on my exchange 5.5 server. It does not help. Exchange 5.5 event log indicates that LDAP server is running on port 421 and a second event log indicates that LDAP SSL server is running on 391. If I run exmerge using port 421 I get error 80005000 - LDAP://servername:421. If I run exmerge using port 391 then I get error 8007203a LDAP://servername:391/rootdse. I have followed KB article...

Calendar Export Error
When exporting calendar information, the following error keeps popping up: An error occurred while importing or exporting and the import/export was terminated. MAPI error 0X80004002 was reported. Please try to import/export again later. The user is trying to export the calendar to a comma separtated value (windows) file. So far, I have tried the following troubleshooting steps: Export just to a pst file (no error) Export to a pst file and then import to a new mailbox (error) Export a different calendar using same procedure (no error) Export to a pst file, attach...

Error 80242016 and 800F0816 and 800706BE
What are the steps for each one? Thanks -- Kristen Rios How to ask a question http://support.microsoft.com/kb/555375 MowGreen ================ *-343-* FDNY Never Forgotten ================ banthecheck.com "Security updates should *never* have *non-security content* prechecked ...

Outlook 2002 and Error message 0x800ccc0f
Hi, Outlook 2002 was working great. But now I get the message "Error 0x8000ccc0f: Connection to the Server Was Interruped". I searched the MS "Knowledge Base Article" and it said to manually add the POP sever settings to correct the problem. I deleted my old account and then manually entered the information, but this didn't fix the problem. Does anybody know of another way to fix this problem? Thanks >-----Original Message----- >Hi, > >Outlook 2002 was working great. But now I get the >message "Error 0x8000ccc0f: Connection to the Server ...

Error Help
"Message delivery to the remote domain 'mydomain.com' failed for the following reason: Unable to bind to the destination server in DNS' My DNS and Exchange Servers are is NT 4.0 Ther error is from 2000 boxes. Any help? sounds like DNS can't resolve mydomain.com. If that's a local domain, check with your DNS admin, or if you are the DNS admin, track down the resolution issue, focus on the mx records for the exchange server in the domain. If it's not a local domain, check the internet (dnsstuff.com or the like) for resolution and if it fails contact them dir...

Error
I tried to change my account password and now I can't get my mail. Can anyone help. We can't help you with changing your password. Contact your mail service provider. --=20 Gary VanderMolen, Microsoft MVP (Mail) Microsoft MVP program: http://mvp.support.microsoft.com "Leonard" <Leonard@discussions.microsoft.com> wrote in message = news:321FF1DD-0F1B-4389-B09B-8B343A10275A@microsoft.com... >I tried to change my account password and now I can't get my mail. > Can anyone help. > "Leonard" <Leonard@discussions.microsoft.com&...

Access to Microsoft forums and error 13
I wanted to get a wider audience for the error 13 problem that may have been fixed with the latest download. I signed up for the Microsoft's green button, received a confirmation but can't log on. I probably have to wait for someone to come in on Monday. Meanwhile, could someone use the green button media center forum to confirm that the problem was introduced with the previous to last fix and the latest fix solved the problem. I can't verify the fix because I switched to cable and the problem is unique to dialup (switched lines). There's no information with ...

Can't add columns error
I'm in a spreadsheet that has columns up to "AH". Everything to th right of AH is gray'd out and Excel won't let me add any columns. Ca anyone help -- johnu ----------------------------------------------------------------------- johnuw's Profile: http://www.excelforum.com/member.php?action=getinfo&userid=1661 View this thread: http://www.excelforum.com/showthread.php?threadid=31472 Hi.. Unsure about this fix�but still.. The col. may have been hidden.. 1. Press <Ctrl + A> 2. Press < Shift Ctrl + ( > & Shift + Ctrl + ) > if it doesn'...

Runtime Error
unable to open my saved word documents Runtime Error appears each time I attempt to open word documents, computer is running very slow and will not shut down not showing any virus issues. Program:C: \PROGRA~1\micros~4\Office10\winword.exe -- Thank you for your time, San Diego Beach Girl San Diego Beach Girl wrote: > unable to open my saved word documents > Runtime Error appears each time I attempt to open word documents, computer > is running very slow and will not shut down not showing any virus issues. > > Program:C: \PROGRA~1\micros~4\Office10\winword...

credit center application error
Attempted log into Credit Center produces small box "application error". Does not indicate which module. Used to work fine. Login from www.experian.com works fine. Reinstalled. Norton AN OFF, no joy. Same result using sample.mny. Ideas? I had the same problem. Tech help said to download new info as if for the first time. Looks like they will charge you for this but dont worry. Its free if your Money covers it. >-----Original Message----- >Attempted log into Credit Center produces small >box "application error". Does not indicate which module. >U...

#Error message in my report
Hello, I am doing a bank reconcillation in access I have a field call DIT my problem is if there is no DIT present I get an #Error message. If there is a number present it should show the number or if there is no DIT I want to show a zero in the text box. I don't want to get #Error message showing. Also, should I do the coding in a query level and what will the coding be in the query? How do I fix this? Thank you in advance. Cheers Try setting the Control Source of the text box to an expression like this: =IIf([Report].[HasData], Nz([DIT],0), 0) Make sure the Name prop...

How to covert CString to TCHAR and CString to LPCWSTR?
How to covert CString to TCHAR and CString to LPCWSTR? Where can I read about this? See my essay on CStrings on my MVP Tips site. joe On Mon, 30 Jun 2003 04:33:56 -0700, "julych" <julych@msn.com> wrote: >How to covert CString to TCHAR and CString to LPCWSTR? >Where can I read about this? Joseph M. Newcomer [MVP] email: newcomer@flounder.com Web: http://www.flounder.com MVP Tips: http://www.flounder.com/mvp_tips.htm ...

Error Message #13
For a while now, whenever I attempt to open any of my word or excel documents, I first get a message that Windows Installer is attempting to find the program I need, and when I press cancel, I get a message that c:\WINDOWS\SYSTEM\sbfm40.xla could not be found. When I press OK, I'm able to open the file. Check for "Small Business Financial Model" or SBFM40.xla under Tools|Addins. If it's checked, uncheck it. I'm guessing that it was once installed and enabled via tools|addins. Then someone (you???) deleted the file, but didn't uncheck that box. Cherie wrote: >...