XFOR: lsccmmex.exe causes AV when processing inbound mail from CCMail to Exchange (178122)
The information in this article applies to:
- Microsoft Exchange Server 5.5
- Microsoft Exchange Server 4.0
- Microsoft Exchange Server 5.0
- LinkAge Message Exchange 3.2
This article was previously published under Q178122 SYMPTOMS
The Lsccmmex.exe process causes an access violation when inbound mail from
Lotus cc:Mail to Exchange Server is being processed. This can occur when
the Lsccmmex process is processing a zero-length text item in the body of
the message.
CAUSE
The connector misuses a LinkAge codepage translation API in cases where the
transform works on a zero-length text item. The API assumes a null-
terminated input string if a zero length is passed, resulting in a buffer
overrun and an access violation.
STATUS
Microsoft has confirmed this to be a problem in Linkage Message Exchange
version 3.2.
A supported fix is now available, but has not been fully regression-tested
and should be applied only to systems experiencing this specific problem.
Unless you are severely impacted by this specific problem, Microsoft
recommends that you wait for the next Service Pack that contains this fix.
Contact Microsoft Technical Support for more information.
MORE INFORMATION
If symbols are loaded correctly on this computer, the following information
will be recorded in the Drwtsn32.log file:
State Dump for Thread Id 0x26a
eax=0062e260 ebx=00620000 ecx=00000062 edx=00000000 esi=0062e262
edi=0062afbb
eip=00281be0 esp=0012f7dc ebp=0062e262 iopl=0 nv up ei pl zr na
po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000246
function: CSTranslate
00281bc4 83780400 cmp dword ptr [eax+0x4],0x0
ds:01e2cc66=????????
00281bc8 884c2412 mov [esp+0x12],cl
ss:0192e1e3=??
00281bcc 741b jz CSTranslate+0x99 (00281be9)
00281bce 83780800 cmp dword ptr [eax+0x8],0x0
ds:01e2cc66=????????
00281bd2 7415 jz CSTranslate+0x99 (00281be9)
00281bd4 8b38 mov edi,[eax]
ds:0062e260=0062afbb
00281bd6 85ff test edi,edi
00281bd8 740f jz CSTranslate+0x99 (00281be9)
00281bda 33c9 xor ecx,ecx
00281bdc 8a4c2412 mov cl,[esp+0x12]
ss:0192e1e3=??
FAULT ->00281be0 8a0c39 mov cl,[ecx+edi]
ds:0062afbb=00
00281be3 884c2413 mov [esp+0x13],cl
ss:0192e1e3=??
00281be7 eb04 jmp CSTranslate+0x9d (00281bed)
00281be9 66bb0a04 mov bx,0x40a
00281bed 6685db test bx,bx
00281bf0 7510 jnz CSTranslate+0xb2 (00281c02)
00281bf2 8a4c2413 mov cl,[esp+0x13]
ss:0192e1e3=??
00281bf6 45 inc ebp
00281bf7 46 inc esi
00281bf8 884dff mov [ebp-0x1],cl
ss:01e2cc68=??
00281bfb 8bca mov ecx,edx
00281bfd 4a dec edx
*----> Stack Back Trace <----*
FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0012f7ec 00281b14 0062e260 0062e250 0062e250 00000000 LSCMS!CSTranslate
[omap] (FPO: [EBP 0x0062e250] [4,1,4])
0012f80c 004026e8 0062e250 0040a470 0062e250 0040a468 LSCMS!CSTranslate
[omap] (FPO: [5,1,2])
0012fbf4 004020e0 0061fc18 00629ba0 00000010 006265b0
LSCCMMEX!APPProcess (FPO: [EBP 0x00000050] [2,240,4])
0012fee0 00401c85 00629e57 00000010 006294f0 2d454d4c
LSCCMMEX!APPProcess (FPO: [1,181,3])
0012ff20 10006d12 006294f0 0012ffc0 006265b0 00b90000
LSCCMMEX!APPProcess (FPO: [1,12,2])
0012ff44 00407c68 006294f0 77f860d9 00b90002 7ffdf000
LSCPS!EventManager::process (FPO: [EBP 0x0012ffc0] [1,3,4])
0012ff60 0040713c 004085ac 00000005 00620d30 006201a0 LSCCMMEX!main
(FPO: [0,2,3])
0012ff64 004085ac 00000005 00620d30 006201a0 77f860d9 LSCCMMEX!main
(FPO: [2,0,0])
0012ffc0 77f1b304 77f860d9 00b90002 7ffdf000 c0000005
LSCCMMEX!mainCRTStartup
0012fff0 00000000 004084b0 00000000 00000000 77fa5aa0
kernel32!GetProcessPriorityBoost
00000000 00000000 00000000 00000000 00000000 00000000
LSCCMMEX!<nosymbols>
Notes is manufactured by Lotus, a vendor independent of Microsoft; we make
no warranty, implied or otherwise, regarding this product's performance or
reliability.
Modification Type: | Minor | Last Reviewed: | 4/28/2005 |
---|
Keywords: | kbbug kbfix kbQFE KB178122 |
---|
|