search

sandboxie-plus / Sandboxie

Sandboxie Plus & Classic
https://Sandboxie-Plus.com
GNU General Public License v3.0
13.46k stars 1.5k forks source link

Kernel Mode Heap Corruption BSOD #3547

Open dotnetian opened 8 months ago

dotnetian commented 8 months ago

Describe what you noticed and did

I installed PDF Annotator on the default sandbox using its installer. Then I opened a PDF and started working on that for about half an hour. Then the BSOD was displayed to me with the error "Kernel Mode Heap Corruption". It happened to me 5 times in total, and always I was working with an app inside Sandboxie.

Also, it is worth mentioning that when I'm not working inside a sandbox, this problem never happens. I also tried a lot of possible fixes for this error, but now I'm almost sure that the problem is from Sandboxie's core. And PDF Annotator works fine outside the sandbox.

How often did you encounter it so far?

Every single time I work with PDF Annotator inside a sandbox for about 30 minutes

Affected program

PDF.Annotator.9.0.0.916.x64

Download link

https://www.pdfannotator.com/en/download

Where is the program located?

The program is installed both inside and outside the sandbox.

Expected behavior

Probably it shouldn't restart the PC

What is your Windows edition and version?

Windows 11 Enterprise Version 23H2

In which Windows account you have this problem?

A local account (Administrator).

Please mention any installed security software

Microsoft Defender (built-in)

What version of Sandboxie are you running?

v1.12.3

Is it a new installation of Sandboxie?

I recently did a new clean installation.

Is it a regression?

No response

In which sandbox type you have this problem?

In a standard isolation sandbox (yellow sandbox icon).

Can you reproduce this problem on a new empty sandbox?

I can confirm it also on a new empty sandbox.

Did you previously enable some security policy settings outside Sandboxie?

No response

Crash dump

No response

Trace log

No response

Sandboxie.ini configuration

#
# Sandboxie configuration file
#

[GlobalSettings]
Template=Edge_Fix
Template=OfficeLicensing
Template=WindowsLive
Template=WindowsRasMan

[UserSettings_0C8C021A]
SbieCtrl_AutoStartAgent=SandMan.exe -autorun
BoxGrouping=:DefaultBox

[DefaultBox]
Enabled=y
BlockNetworkFiles=y
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
Template=OpenBluetooth
Template=SkipHook
Template=FileCopy
Template=qWave
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
ConfigLevel=10
DavidXanatos commented 8 months ago

@dotnetian could you please provide some kernel crash dumps so that I can debug the issue.

dotnetian commented 8 months ago

@DavidXanatos here you are: https://file.io/orUvMYXpgT3p