XADM: Access Violation in Store.exe Because of Malformed TNEF Stream (304223)
The information in this article applies to:
- Microsoft Exchange 2000 Server
This article was previously published under Q304223 SYMPTOMS
When the information store attempts to process an inbound Simple Mail Transfer Protocol (SMTP) message, an access violation may occur. If you review the User.dmp file or if the proper Exchange 2000 symbols are installed at the time of the access violation, the Dr.Watson log file may contain a call stack that is similar to the following:
store!HrDecodeRTF+0x28a
store!HrDecodeMAPIProp+0xad
store!HrDecodePropVal+0x150
store!HrDecodeEncapsulation+0xd8
store!HrExtractProperties+0x79d
store!TNEF_ExtractProps+0x208
store!CConvertTnefAttach__HrConvertToMAPI+0x36d
store!CConvertMessage__HrConvertAttach+0x1f2
store!CConvertTnefMessage__HrConvertAttachments+0x137
store!CConvertMessage__HrConvertAttachmentsToMAPI+0xac
store!CConvertTnefMessage__HrConvertToMAPI+0x67
store!CInternetConverter__HrConvert+0xf2
store!CIMailConvert__HrTransitionState+0x115
store!OMSG__EcTransition+0xcc7
store!OMSG__EcDoImailProcessing+0x143
store!OURL__EcSaveChanges+0x1c6
store!EcSaveChangesUrlOp2+0xae
The following may appear in the Dr. Watson Log:
FAULT ->007a6fe7 8b5108 mov edx,[ecx+0x8] ds:0081d5d2=00000000
007a6fea 8d442410 lea eax,[esp+0x10] ss:2738cbf7=????????
007a6fee 50 push eax
007a6fef 8b442424 mov eax,[esp+0x24] ss:2738cbf7=????????
007a6ff3 81e200800000 and edx,0x8000
007a6ff9 83ca01 or edx,0x1
007a6ffc 52 push edx
007a6ffd 50 push eax
007a6ffe e8d68bd0ff call 004afbd9
007a7003 8bf0 mov esi,eax
007a7005 3bf5 cmp esi,ebp
007a7007 0f8cb8000000 jl 007a70c5
CAUSE
When the information store attempts to process an inbound SMTP message that contains a Transport-Neutral Encapsulation Format (TNEF) data attachment, the information store attempts to fully convert the message to Message Database Encapsulated Format (MDBEF) format in the information store, and then promote the message to the .edb file instead of leaving the message in native Multipurpose Internet Mail Extensions (MIME) format in the .stm file. This problem can occur if a PR_RTF_COMPRESSED property is present in the stream, but does not contain any Rich Text Format (RTF) data.
RESOLUTIONA supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem. This fix may receive additional testing. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Microsoft Exchange 2000 Server service pack that contains this hotfix. To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site: NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The typical support costs will apply to additional support questions and issues that do not qualify for the specific update in question.
The English version of this fix should have the following file attributes or later:
Component: Information store
|
| Store.exe | 6.0.4720.32 | | Jcb.dll | 6.0.4720.32 | | Exoledb.dll | 6.0.4720.32 | | Excdo.dll | 6.0.4720.32 | | Mdbsz.dll | 6.0.4720.32 |
NOTE: Because of file dependencies, this update requires Microsoft Exchange Server 2000 Service Pack 1.
STATUSMicrosoft has confirmed that this is a problem in Microsoft Exchange 2000 Server.
| Modification Type: | Minor | Last Reviewed: | 10/6/2005 |
|---|
| Keywords: | kbbug kbExchange2000preSP2fix kbfix kbQFE KB304223 |
|---|
|