The Samba-Bugzilla – Bug 6498
The Service Host process may stop unexpectedly in Windows Server 2003
Last modified: 2009-06-27 03:36:42 UTC
$SUMMARY is the exact title of Microsoft's KB932762:
The Service Host process (Svchost.exe) that hosts the Computer Browser service and the Server service stops unexpectedly in Microsoft Windows Server 2003. Additionally, if you try to restart the Server service that is hosted by the Service Host, you receive the following error message:
Could not start the Server service on Local Computer.
Error 5: Access is denied.
When this problem occurs, the following services also stop:
* Application Experience Lookup Service (AeLookupSvc)
* Automatic Updates (Wuauserv)
* Background Intelligent Transfer Service (BITS)
* COM+ Event System (EventSystem)
* Computer Browser (Browser)
* Cryptographic Services (CryptSvc)
* Distributed Link Tracking Client (TrkWks)
* Help and Support (Helpsvc)
* Logical Disk Manager (Dmserver)
* Network Connections (Netman)
* Network Location Awareness (Nla)
* Remote Access Connection Manager (RasMan)
* Secondary Logon (Seclogon)
* Server (Lanmanserver)
* Shell Hardware Detection (ShellHWDetection)
* System Event Notification (SENS)
* Task Scheduler (Schedule)
* Windows Audio (AudioSrv)
* Windows Firewall/Internet Connection Sharing (SharedAccess)
* Windows Management Instrumentation (Winmgmt)
* Wireless Configuration (WZCSVC)
* Workstation (Lanmanworkstation)
The problem is most likely to occur if some third-party server becomes the master browser. When a Windows-based server is the master browser, it does not let any host that is advertising its share to use a server comment that is larger than 48 bytes. When a third-party server message block (SMB) server becomes the master browser, it lets a host use a server comment that is larger than 48 bytes. In this case, when a Windows Server receives and tries to process the browser list, the Server service crashes. This behavior occurs because there is an overflow that eventually leads to a heap corruption.
"third-party server" is obviously Samba, unfortunately this was back in the days when Microsoft didn't file bugs at bugzilla.samba.org.
Attached is a workaround patch for the problem, applying to 3.2, 3.3, 3.4 and master. As we really don't want any Windows machine to crash this should go into all these branches.
Created attachment 4342 [details]
fix for that
Created attachment 4343 [details]
the workaround for 3.0.26 (and maybe later 3.0 releases)
As this patch is from me, I think our procedural rules are fulfilled to get this into the release branches. Björn as another developer tested this positively :-)
Pushed to master, v3-0-test, v3-2-test, v3-3-test and v3-4-test.
Closing out bug report.