[Bug]: Client crashes with access violation exception when syncing files from an exFAT volume on Windows since v3.14.0

[Kaskadee]

⚠️ Before submitting, please verify the following: ⚠️

• This is a bug, not a question or a configuration issue.
• This issue is not already reported on Github (I've searched it).
• Nextcloud Server and Desktop Client are up to date. See Server Maintenance and Release Schedule and Desktop Releases for supported versions.
• I agree to follow Nextcloud's Code of Conduct

Bug description

Since v3.14.0 the client crashes with an access violation exception when trying to set folder permissions on an exFAT volume on Windows.
Pausing the folder synchronization (by editing nextcloud.cfg) at least allows me to synchronize other folders.

The crash happens when calling GetAclInformation, which seems not to be supported on exFAT:

desktop/src/libsync/filesystem.cpp

Line 387 in 279b8e4

if (!GetAclInformation(resultDacl, &aclSize, sizeof(aclSize), AclSizeInformation)) {

Stack Trace from WinDbg:

00000000`0014bd90 00007ffd`d907827b     : 00000000`0b0c5380 00000000`0b0c5380 00000000`00000001 00000000`0aefb900 : ntdll!RtlQueryInformationAcl+0x10
00000000`0014bdc0 00007ffd`29024a25     : 00000000`00000000 00000000`00000000 00007ffd`2912d150 00000000`00000001 : KERNELBASE!GetAclInformation+0xb
00000000`0014bdf0 00007ffd`29051175     : 00000000`00000001 00000000`00000001 00000000`0aefb900 00000000`0aefb900 : nextcloudsync!OCC::FileSystem::setFolderPermissions+0x565
00000000`0014bf30 00007ffd`27619511     : 00000000`00000000 00000000`0014c1c9 00000000`00000000 00000000`0aefb900 : nextcloudsync!OCC::PropagateDirectory::slotSubJobsFinished+0x16c5
00000000`0014c0c0 00007ffd`2761c364     : 00000000`0aff5318 00000000`00000003 00000000`00000003 00000000`00000001 : Qt6Core!QObject::qt_static_metacall+0x1761
00000000`0014c1f0 00007ffd`28fc29f0     : 00000000`13fdf960 00000000`0014c319 00000000`0aff5318 00000000`00560510 : Qt6Core!QMetaObject::activate+0x84
00000000`0014c220 00007ffd`27625659     : 00000000`0b0c5180 00007ffd`0000000d 00000000`13fdf960 00000000`0014c319 : nextcloudsync!OCC::PropagatorJob::finished+0x30
00000000`0014c260 00007ffd`27623553     : 00000000`13fdf960 00000000`005322e0 00000000`0b0c5180 00000000`0fe0b5e0 : Qt6Core!QMetaCallEvent::placeMetaCall+0x89
00000000`0014c2a0 00007ffd`283527fe     : 00000000`005322e0 00000000`004ce0e0 00000000`13fdf960 00000000`0aff5318 : Qt6Core!QObject::event+0x183
00000000`0014c380 00007ffd`2835198d     : 00000000`00000000 00000000`0014c4b0 00000000`004ce0e0 00000000`00000000 : Qt6Widgets!QApplicationPrivate::notify_helper+0x10e
00000000`0014c3b0 00007ffd`275d936c     : 00000000`0014fcc0 00000000`0aff5318 00000000`13fdf960 00000000`00000000 : Qt6Widgets!QApplication::notify+0x161d
00000000`0014c5e0 00007ffd`275dc12e     : 00000000`00000000 00007ffd`da251cff 00000000`004ab360 00000000`004ab360 : Qt6Core!QCoreApplication::notifyInternal2+0x11c
00000000`0014c650 00007ffd`27fe706f     : 00000000`13fdf960 00000000`00560510 00000000`0fe4b3d0 00000000`00560500 : Qt6Core!QCoreApplicationPrivate::sendPostedEvents+0x1fe
00000000`0014c710 00007ffd`27762e29     : 00000000`000000a4 00000000`0014c840 00000000`0fe4b3d0 00000000`0014c840 : Qt6Gui!QWindowsGuiEventDispatcher::sendPostedEvents+0xf
00000000`0014c740 00007ffd`27fe6fe9     : 00000000`00000000 00000000`00000000 00000000`0fe4b3d0 00000000`00560510 : Qt6Core!QEventDispatcherWin32::processEvents+0x99
00000000`0014f890 00007ffd`275e0a64     : 00000000`000000a4 00000000`0fe4b3d0 00000000`005322e0 00000000`0014f960 : Qt6Gui!QWindowsGuiEventDispatcher::processEvents+0x19
00000000`0014f8c0 00007ffd`275d6cdd     : 00000000`0014f960 00000000`004ab360 00000000`0014faa0 00007ffd`2787a608 : Qt6Core!QEventLoop::exec+0x1c4
00000000`0014f940 00007ff7`7e3ef32b     : 00000000`00000001 00000000`00000000 00000000`00000000 00000000`004fb794 : Qt6Core!QCoreApplication::exec+0x15d
00000000`0014f9a0 00007ff7`7e584450     : 00000000`00000001 00000000`00000001 00000000`00000068 00000000`0000003c : nextcloud+0x4f32b
00000000`0014fe60 00007ff7`7e5834c2     : 00000000`00000001 00007ff7`7e583539 00000000`00000000 00000000`00000000 : nextcloud+0x1e4450
00000000`0014fef0 00007ffd`daec257d     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nextcloud+0x1e34c2
00000000`0014ff30 00007ffd`dbd4af08     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0x1d
00000000`0014ff60 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x28

The log file does not contain any errors.

Debug archive:
crash.zip

Steps to reproduce

1. Add folder synchronisation on an exFAT volume
2. Client crashes after a few seconds

Expected behavior

The client does not crash like on previous versions

Which files are affected by this bug

All

Operating system

Windows

Which version of the operating system you are running.

Windows 11 23H2

Package

Official Windows MSI

Nextcloud Server version

30.0.2

Nextcloud Desktop Client version

3.14.3

Is this bug present after an update or on a fresh install?

Updated to a major version (ex. 3.3.6 to 3.4.0)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

Are you using an external user-backend?

• Default internal user-backend
• LDAP/ Active Directory
• SSO - SAML
• Other

Nextcloud Server logs

Additional info

Full WinDbg Exception Analysis

0:000> !analyze -v
*******************************************************************************
*                                                                             *
*                        Exception Analysis                                   *
*                                                                             *
*******************************************************************************

*** WARNING: Check Image - Checksum mismatch - Dump: 0x2234f0, File: 0x21d152 - C:\ProgramData\Dbg\sym\ntdll.dll\F9F266E7217000\ntdll.dll

KEY_VALUES_STRING: 1

    Key  : AV.Dereference
    Value: NullPtr

    Key  : AV.Fault
    Value: Read

    Key  : Analysis.CPU.mSec
    Value: 921

    Key  : Analysis.Elapsed.mSec
    Value: 10428

    Key  : Analysis.IO.Other.Mb
    Value: 33

    Key  : Analysis.IO.Read.Mb
    Value: 0

    Key  : Analysis.IO.Write.Mb
    Value: 47

    Key  : Analysis.Init.CPU.mSec
    Value: 718

    Key  : Analysis.Init.Elapsed.mSec
    Value: 30514

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 113

    Key  : Analysis.Version.DbgEng
    Value: 10.0.27704.1001

    Key  : Analysis.Version.Description
    Value: 10.2408.27.01 amd64fre

    Key  : Analysis.Version.Ext
    Value: 1.2408.27.1

    Key  : Failure.Bucket
    Value: NULL_POINTER_READ_c0000005_nextcloudsync.dll!Unknown

    Key  : Failure.Hash
    Value: {7d47ec9a-ea5e-9fbb-75b1-913016c37546}

    Key  : Timeline.OS.Boot.DeltaSec
    Value: 5701

    Key  : Timeline.Process.Start.DeltaSec
    Value: 19

    Key  : WER.OS.Branch
    Value: ni_release

    Key  : WER.OS.Version
    Value: 10.0.22621.1

    Key  : WER.Process.Version
    Value: 3.14.3.55943


FILE_IN_CAB:  nextcloud.exe.23304.dmp

NTGLOBALFLAG:  0

APPLICATION_VERIFIER_FLAGS:  0

CONTEXT:  (.ecxr)
rax=0000000000000001 rbx=000000000014bee8 rcx=0000000000000000
rdx=000000000014bee8 rsi=000000000aefb900 rdi=0000000000000000
rip=00007ffddbd68380 rsp=000000000014bd90 rbp=000000000014c189
 r8=000000000000000c  r9=0000000000000002 r10=0000000000000003
r11=000000000014ba40 r12=0000000000000001 r13=000000000aff52e0
r14=000000000014bf78 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
cs=0033  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
ntdll!RtlQueryInformationAcl+0x10:
00007ffd`dbd68380 0fb609          movzx   ecx,byte ptr [rcx] ds:00000000`00000000=??
Resetting default scope

EXCEPTION_RECORD:  (.exr -1)
ExceptionAddress: 00007ffddbd68380 (ntdll!RtlQueryInformationAcl+0x0000000000000010)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: 0000000000000000
Attempt to read from address 0000000000000000

PROCESS_NAME:  nextcloud.exe

READ_ADDRESS:  0000000000000000 

ERROR_CODE: (NTSTATUS) 0xc0000005 - Die Anweisung in 0x%p verwies auf Arbeitsspeicher bei 0x%p. Der Vorgang %s konnte im Arbeitsspeicher nicht durchgef hrt werden.

EXCEPTION_CODE_STR:  c0000005

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  0000000000000000

STACK_TEXT:  
00000000`0014bd90 00007ffd`d907827b     : 00000000`0b0c5380 00000000`0b0c5380 00000000`00000001 00000000`0aefb900 : ntdll!RtlQueryInformationAcl+0x10
00000000`0014bdc0 00007ffd`29024a25     : 00000000`00000000 00000000`00000000 00007ffd`2912d150 00000000`00000001 : KERNELBASE!GetAclInformation+0xb
00000000`0014bdf0 00007ffd`29051175     : 00000000`00000001 00000000`00000001 00000000`0aefb900 00000000`0aefb900 : nextcloudsync!OCC::FileSystem::setFolderPermissions+0x565
00000000`0014bf30 00007ffd`27619511     : 00000000`00000000 00000000`0014c1c9 00000000`00000000 00000000`0aefb900 : nextcloudsync!OCC::PropagateDirectory::slotSubJobsFinished+0x16c5
00000000`0014c0c0 00007ffd`2761c364     : 00000000`0aff5318 00000000`00000003 00000000`00000003 00000000`00000001 : Qt6Core!QObject::qt_static_metacall+0x1761
00000000`0014c1f0 00007ffd`28fc29f0     : 00000000`13fdf960 00000000`0014c319 00000000`0aff5318 00000000`00560510 : Qt6Core!QMetaObject::activate+0x84
00000000`0014c220 00007ffd`27625659     : 00000000`0b0c5180 00007ffd`0000000d 00000000`13fdf960 00000000`0014c319 : nextcloudsync!OCC::PropagatorJob::finished+0x30
00000000`0014c260 00007ffd`27623553     : 00000000`13fdf960 00000000`005322e0 00000000`0b0c5180 00000000`0fe0b5e0 : Qt6Core!QMetaCallEvent::placeMetaCall+0x89
00000000`0014c2a0 00007ffd`283527fe     : 00000000`005322e0 00000000`004ce0e0 00000000`13fdf960 00000000`0aff5318 : Qt6Core!QObject::event+0x183
00000000`0014c380 00007ffd`2835198d     : 00000000`00000000 00000000`0014c4b0 00000000`004ce0e0 00000000`00000000 : Qt6Widgets!QApplicationPrivate::notify_helper+0x10e
00000000`0014c3b0 00007ffd`275d936c     : 00000000`0014fcc0 00000000`0aff5318 00000000`13fdf960 00000000`00000000 : Qt6Widgets!QApplication::notify+0x161d
00000000`0014c5e0 00007ffd`275dc12e     : 00000000`00000000 00007ffd`da251cff 00000000`004ab360 00000000`004ab360 : Qt6Core!QCoreApplication::notifyInternal2+0x11c
00000000`0014c650 00007ffd`27fe706f     : 00000000`13fdf960 00000000`00560510 00000000`0fe4b3d0 00000000`00560500 : Qt6Core!QCoreApplicationPrivate::sendPostedEvents+0x1fe
00000000`0014c710 00007ffd`27762e29     : 00000000`000000a4 00000000`0014c840 00000000`0fe4b3d0 00000000`0014c840 : Qt6Gui!QWindowsGuiEventDispatcher::sendPostedEvents+0xf
00000000`0014c740 00007ffd`27fe6fe9     : 00000000`00000000 00000000`00000000 00000000`0fe4b3d0 00000000`00560510 : Qt6Core!QEventDispatcherWin32::processEvents+0x99
00000000`0014f890 00007ffd`275e0a64     : 00000000`000000a4 00000000`0fe4b3d0 00000000`005322e0 00000000`0014f960 : Qt6Gui!QWindowsGuiEventDispatcher::processEvents+0x19
00000000`0014f8c0 00007ffd`275d6cdd     : 00000000`0014f960 00000000`004ab360 00000000`0014faa0 00007ffd`2787a608 : Qt6Core!QEventLoop::exec+0x1c4
00000000`0014f940 00007ff7`7e3ef32b     : 00000000`00000001 00000000`00000000 00000000`00000000 00000000`004fb794 : Qt6Core!QCoreApplication::exec+0x15d
00000000`0014f9a0 00007ff7`7e584450     : 00000000`00000001 00000000`00000001 00000000`00000068 00000000`0000003c : nextcloud+0x4f32b
00000000`0014fe60 00007ff7`7e5834c2     : 00000000`00000001 00007ff7`7e583539 00000000`00000000 00000000`00000000 : nextcloud+0x1e4450
00000000`0014fef0 00007ffd`daec257d     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nextcloud+0x1e34c2
00000000`0014ff30 00007ffd`dbd4af08     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0x1d
00000000`0014ff60 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x28


STACK_COMMAND:  ~0s; .ecxr ; kb

SYMBOL_NAME:  nextcloudsync+565

MODULE_NAME: nextcloudsync

IMAGE_NAME:  nextcloudsync.dll

FAILURE_BUCKET_ID:  NULL_POINTER_READ_c0000005_nextcloudsync.dll!Unknown

OS_VERSION:  10.0.22621.1

BUILDLAB_STR:  ni_release

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {7d47ec9a-ea5e-9fbb-75b1-913016c37546}

Followup:     MachineOwner
---------

[Kaskadee]

I'm not very well-versed with the Windows API but after digging some while and reading the GetSecurityDescriptorDacl documentation, the problem seems to be, that resultDacl can be null and daclPresent can be true at the same time after calling GetSecurityDescriptorDacl, which is not checked and causes a null reference to be passed to GetAclInformation.

I've added a simple null check in #7487, however I don't know if there is any other way on setting file permissions on FAT32/exFAT file systems.

[JL710]

I am having that issue on Windows 10 with an SD Card in my Microsoft Surface as well.