Description of problem: chntpw crashes everytime I tried to cat or ed a certain key (HKLM/System/ControlSet001/services/msahci) I haven't tried with other keys Version-Release number of selected component: chntpw-0.99.6-19.110511.fc18 Additional info: backtrace_rating: 4 cmdline: chntpw -l /mnt/Windows/System32/config/SYSTEM crash_function: get_val2buf executable: /usr/bin/chntpw kernel: 3.7.2-204.fc18.x86_64 remote_result: NOTFOUND uid: 1000 Truncated backtrace: Thread no. 1 (4 frames) #0 get_val2buf at ntreg.c:1866 #1 cat_vk at edlib.c:215 #2 regedit_interactive at edlib.c:633 #3 mainloop at chntpw.c:837
Created attachment 687940 [details] File: backtrace
Created attachment 687941 [details] File: build_ids
Created attachment 687942 [details] File: cgroup
Created attachment 687943 [details] File: core_backtrace
Created attachment 687944 [details] File: dso_list
Created attachment 687945 [details] File: environ
Created attachment 687946 [details] File: limits
Created attachment 687947 [details] File: maps
Created attachment 687948 [details] File: open_fds
Created attachment 687949 [details] File: proc_pid_status
Created attachment 687950 [details] File: var_log_messages
Any chance you are willing to either get me a core file or a copy of the hive (.../config/SYSTEM)? I promise not to do anything evil with it... Meanwhile I'll look at the code and see if I spot anything. Thanks for filing the report.
How do I upload (where can I find) the core file? I'm trying to upload the part of the registry, if my laptop ever succeeds in it... Also I tried to 'cat ...' another key, which crashed in SIGABRT, if I remember correctly. My machine is trying parse together a bug report for that too. (I wish it isn't a straight up duplicate of this one)
Created attachment 688164 [details] copy of the register hive I tried to use
I tried to 'cat ...' a registry key, and the program froze for a moment, then crashed backtrace_rating: 4 Package: chntpw-0.99.6-19.110511.fc18 OS Release: Fedora release 18 (Spherical Cow)
Thanks for the quick response, I'll look into it!
So: What it looks like is chntpw interprets something as an offset 30 MB into the hive; since the hive is only 25 MB this is off the end and we get the segfault. Could be buggy chntpw behavior or a corrupted hive. I'll investigate further...
Yeah, hivex also thinks this is a corrupted registry file: hivex: SYSTEM: block size 1 at 0x138d420, bad registry Anything special about it? (Win8 or something?) Any chance it's just a corrupted file?
I'm going to mark this as closed, assuming registry is corrupted. Just re-open it if that's not true. (Yeah, chntpw probably shouldn't segfault on this error, but chntpw does lots of dumb things. I really need to port it to hivex...)
The registry *should* not be corrupted, but I'll have to verify it. It is from a working windows 7 install dd'd to a new disk (not bootable as the new disk is gpt and old one was mbr). The windows worked just fine when I used it this week...
Are you sure the registry is broken, as I tried opening another registry hive (SOFTWARE). It also crashes: \Microsoft\Windows NT> cat CurrentVersion malloc failure: Cannot allocate memory Aborted (core dumped) It is hard to believe that multiple files would be corrupt, but I am not ruling that chance out.
It's hard to tell. chntpw is some really broken and badly written software. About the only thing it does reliably is change user passwords -- the registry viewing / editing is terrible. I'd recommend trying to read from the same hives with hivexsh (package name: hivex), a much better written registry hive navigator / editor. For what it's worth, I tried to open your SYSTEM hive with hivex and got: "hivex: SYSTEM: block size 1 at 0x138d420, bad registry" Which implies that your SYSTEM hive is corrupt, or hivex is incomplete (while this is possible, I don't think Windows 7 changed anything substancially in the registry...). So, it seems possible that your SOFTWARE hive is also corrupted... But try hivexsh on SOFTWARE and let me know what you see.
Ping?
This message is a reminder that Fedora 18 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 18. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '18'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 18's end of life. Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 18 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior to Fedora 18's end of life. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 18 changed to end-of-life (EOL) status on 2014-01-14. Fedora 18 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.