Miranda Version : 0.9.15 Unicode Build : Yes Test Build # (if applicable) : Plugin Version # (if applicable) : 0.9.15.0

What steps will reproduce the problem? 1. Simply start Miranda on Windows7 (Ultimate, 32-bit)

What is the expected result? No crash w/ MSN :)

What happens instead? 8 out of 10 times Miranda crashes on startup Disabling MSN resolves the crash.

I believe that MSN.dll causes heap corruption, which in turn makes the process crash.

I've used WinDbg (with application verifier and page heap) to debug it a bit, I can provide crash dump:

0:000> .restart /f CommandLine: "C:\Program Files\Miranda IM\miranda32.exe" Symbol search path is: c:\symbols;srv*C:\Symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Page heap: pid 0x1504: page heap enabled with flags 0x3. AVRF: miranda32.exe: pid 0x1504: flags 0x48004: application verifier enabled (1504.8b4): Break instruction exception - code 80000003 (first chance) eax=00000000 ebx=00000000 ecx=0012fb0c edx=777864f4 esi=fffffffe edi=00000000 eip=777de6e6 esp=0012fb28 ebp=0012fb54 iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 ntdll!LdrpDoDebuggerBreak+0x2c: 777de6e6 cc int 3 0:000> g ERROR !!! HeapSetInformation failed to set g_Heap to LFH ERROR !!! HeapSetInformation failed to set g_SpyHeap to LFH

=========================================================== VERIFIER STOP 0000000F: pid 0x1504: corrupted suffix pattern

01AC1000 : Heap handle
01D13248 : Heap block
0000013C : Block size

01D13384 : corruption address

This verifier stop is not continuable. Process will be terminated

when you use the `go' debugger command.

(1504.fa4): Break instruction exception - code 80000003 (first chance) eax=003d7888 ebx=00000000 ecx=00000002 edx=003d7888 esi=01ac0000 edi=01ac0000 eip=10d9ba58 esp=060fd6d4 ebp=060fd6f0 iopl=0 nv up ei pl nz na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202 verifier!VerifierStopMessage+0x1f8: 10d9ba58 cc int 3

0:008> kp ChildEBP RetAddr
060fd6f0 10d99df2 verifier!VerifierStopMessage+0x1f8 060fd754 10d9a22a verifier!AVrfpDphReportCorruptedBlock+0x1c2 060fd7b0 10d9a742 verifier!AVrfpDphCheckNormalHeapBlock+0x11a 060fd7d0 10d990d3 verifier!AVrfpDphNormalHeapFree+0x22 060fd7f4 7780574c verifier!AVrfDebugPageHeapFree+0xe3 060fd83c 777c7b52 ntdll!RtlDebugFreeHeap+0x2f 060fd930 77792dd8 ntdll!RtlpFreeHeap+0x5d 060fd950 10dacc4f ntdll!RtlFreeHeap+0x142 060fd998 75f32f70 verifier!AVrfpRtlFreeHeap+0x86 060fd9ac 75f395c4 WS2_32!operator delete+0x16 060fd9f0 75f394c7 WS2_32!WSALookupServiceNextA+0x141 060fda1c 75f4721a WS2_32!getxyDataEnt+0xbd 060fdc58 004176fe WS2_32!gethostbyname+0xe7 060fdc90 004186f7 miranda32!DnsLookup(struct NetlibUser * nlu = 0x03081418, char * szHost = 0x031201e0 "messenger.hotmail.com")+0x3f [C:\Projects\Miranda IM\miranda-stable\miranda\src\modules\netlib\netlibopenconn.cpp @ 44] 060fdcac 00417b0e miranda32!NetlibHttpFallbackToDirect(struct NetlibConnection * nlc = 0x031200e0, struct NetlibUser * nlu = 0x03081418, struct NETLIBOPENCONNECTION_tag * nloc = 0x03120184)+0x97 [C:\Projects\Miranda IM\miranda-stable\miranda\src\modules\netlib\netlibopenconn.cpp @ 497] 060fdccc 00418948 miranda32!NetlibDoConnect(struct NetlibConnection * nlc = 0x011200e0)+0x252 [C:\Projects\Miranda IM\miranda-stable\miranda\src\modules\netlib\netlibopenconn.cpp @ 609] 060fdcec 00403790 miranda32!NetlibOpenConnection(unsigned int wParam = 0x311d320, long lParam = 0n1863)+0x12b [C:\Projects\Miranda IM\miranda-stable\miranda\src\modules\netlib\netlibopenconn.cpp @ 726] 060fdd0c 127c17f8 miranda32!CallService(char * name = 0x00000000 "", unsigned int wParam = 0x3081418, long lParam = 0n101711476)+0x60 [C:\Projects\Miranda IM\miranda-stable\miranda\src\core\modules.cpp @ 711] 060fdd1c 127c2de5 msn!MSN_CallService(char * szSvcName = 0x127c3c92 "???", unsigned int wParam = 0x30bbfb8, long lParam = 0n0)+0x14 [C:\Projects\Miranda IM\miranda-stable\miranda\protocols\MSN\msn_std.cpp @ 190] 060ffe8c 127c3c92 msn!CMsnProto::MSNServerThread(void * arg = 0x00000000)+0x160 [C:\Projects\Miranda IM\miranda-stable\miranda\protocols\MSN\msn_threads.cpp @ 132] 060ffec0 00401522 msn!CMsnProto::ThreadStub(void * arg = 0x0012f5b0)+0x36 [C:\Projects\Miranda IM\miranda-stable\miranda\protocols\MSN\msn_threads.cpp @ 737] 060fff10 75df1287 miranda32!forkthreadex_r(void * arg = 0x0012f5b0)+0x64 [C:\Projects\Miranda IM\miranda-stable\miranda\src\core\miranda.cpp @ 203] 060fff48 75df1328 msvcrt!_endthreadex+0x44 060fff50 10db11d3 msvcrt!_endthreadex+0xce 060fff88 76601194 verifier!AVrfpStandardThreadFunction+0x2f 060fff94 7779b495 kernel32!BaseThreadInitThunk+0xe 060fffd4 7779b468 ntdll!__RtlUserThreadStart+0x70 060fffec 00000000 ntdll!_RtlUserThreadStart+0x1b

If I dump out the address of heap corruption:

0:008> db 01D13384 01d13384 73 00 73 00 65 00 6e 00-67 00 65 00 72 00 2e 00 s.s.e.n.g.e.r... 01d13394 6d 00 73 00 6e 00 2e 00-63 00 6f 00 6d 00 2e 00 m.s.n...c.o.m... 01d133a4 6e 00 73 00 61 00 74 00-63 00 2e 00 6e 00 65 00 n.s.a.t.c...n.e. 01d133b4 74 00 00 00 f0 f0 f0 f0-f0 f0 f0 f0 a0 a0 a0 a0 t............... 01d133c4 a0 a0 a0 a0 00 00 00 00-00 00 00 00 f6 da 7d 18 ..............}. 01d133d4 5a f9 00 10 aa aa cd ab-00 10 ac 81 80 00 00 00 Z............... 01d133e4 a8 00 00 00 a0 34 d1 01-90 30 d1 01 ec 94 55 00 .....4...0....U. 01d133f4 aa aa ba dc 02 00 00 00-00 00 2e 75 f4 b8 2e 75 ...........u...u

So it looks like that the buffer allocated is too short, or we write at the wrong address anyway.

0:008> !heap -x 01D13384 List corrupted: (Blink->Flink = 002e006d) != (Block = 01d090e0) HEAP 01cf0000 (Seg 01cf0000) At 01d090d8 Error: block list entry corrupted

ERROR: Block 01d13398 previous size f93e does not match previous block size 2f HEAP 01cf0000 (Seg 01cf0000) At 01d13398 Error: invalid block Previous

Entry User Heap Segment Size PrevSize Unused Flags

01d13220 01d13228 01cf0000 01cf0000 213f8 116d0 14 busy user_flag

Miranda Crash Report from 2011-01-25 11:06:19+0100. Crash Dumper v.0.0.4.19

Likely cause of the crash plugin: MSN Protocol

Exception: User Defined Breakpoint at address 10CAC0DE.

Stack Trace:

10CAC0DE (verifier 10CA0000): (filename not available) (0): VerifierStopMessage 10CB43F5 (verifier 10CA0000): (filename not available) (0): VerifierGetProviderHelper 77753079 (ntdll 77740000): (filename not available) (0): RtlCompactHeap 77768ECF (ntdll 77740000): (filename not available) (0): TpSetTimer 77768CA3 (ntdll 77740000): (filename not available) (0): TpSetTimer 77786457 (ntdll 77740000): (filename not available) (0): KiUserExceptionDispatcher 7778559C (ntdll 77740000): (filename not available) (0): NtQueryObject 765EA56F (kernel32 765B0000): (filename not available) (0): GetHandleInformation 75F45A91 (WS2_32 75F30000): (filename not available) (0): WSAUnhookBlockingHook 75F33C20 (WS2_32 75F30000): (filename not available) (0): closesocket 00418349 (miranda32 00400000): (filename not available) (0): (function-name not available) 127C3C92 (msn 127A0000): (filename not available) (0): MirandaPluginInterfaces 00401522 (miranda32 00400000): (filename not available) (0): (function-name not available) 75DF1287 (msvcrt 75DE0000): (filename not available) (0): itow_s 75DF1328 (msvcrt 75DE0000): (filename not available) (0): endthreadex 10CC11D3 (verifier 10CA0000): (filename not available) (0): VerifierGetProviderHelper 76601194 (kernel32 765B0000): (filename not available) (0): BaseThreadInitThunk 7779B495 (ntdll 77740000): (filename not available) (0): RtlInitializeExceptionChain 7779B468 (ntdll 77740000): (filename not available) (0): RtlInitializeExceptionChain

CPU: Intel(R) Pentium(R) 4 CPU 3.60GHz [x86 Family 15 Model 4 Stepping 3] [DEP Enabled] [2 CPUs] Installed RAM: 3583 MBytes Operating System: Microsoft Windows 7 Ultimate Edition, 32-bit (build 7600) Internet Explorer: 9.0.7930.16406 (build 97930) Administrator privileges: No OS Languages: (UI | Locale (User/System)) : English/English | Hungarian/English

Miranda IM Version: 0.9.15 Unicode Build time: 2011-01-21 17:46:36+0100 Profile: C:\Users\aszego\AppData\Roaming\Miranda\Office\Office.dat Language pack: No language pack installed Nightly: No Unicode: Yes Service Mode: No

Active Plugins (13): ¤ advaimg.dll v.0.9.15.0 [2011-01-21 17:44:16+0100] - Miranda Image services ¤ Aim.dll v.0.9.15.0 [2011-01-21 17:45:00+0100] - AIM Protocol |Unicode aware| ¤ avs.dll v.0.9.15.0 [2011-01-21 17:45:08+0100] - Avatar service (Unicode) |Unicode aware| ¤ chat.dll v.0.9.15.0 [2011-01-21 17:45:14+0100] - Chat |Unicode aware| ¤ clist_classic.dll v.0.9.15.0 [2011-01-21 17:45:16+0100] - Classic contact list |Unicode aware| ¤ dbx_mmap.dll v.0.9.15.0 [2011-01-21 17:45:30+0100] - Miranda mmap database driver |Unicode aware| ¤ GG.dll v.0.9.15.0 [2011-01-21 17:44:28+0100] - Gadu-Gadu Protocol ¤ IRC.dll v.0.9.15.0 [2011-01-21 17:44:40+0100] - IRC protocol |Unicode aware| ¤ jabber.dll v.0.9.15.0 [2011-01-21 17:46:12+0100] - Jabber Protocol |Unicode aware| ¤ msn.dll v.0.9.15.0 [2011-01-21 17:47:34+0100] - MSN Protocol |Unicode aware| ¤ srmm.dll v.0.9.15.0 [2011-01-21 17:48:08+0100] - Send/Receive Messages |Unicode aware| ¤ svc_crshdmp.dll v.0.0.4.19 [2011-01-25 11:06:05+0100] - Crash Dumper Unicode |Unicode aware| ¤ Yahoo.dll v.0.9.15.0 [2011-01-21 17:44:50+0100] - Yahoo Protocol Beta/Nightly |Unicode aware|

Loaded Modules:

C:\Program Files\Miranda IM\miranda32.exe 00400000 - 004CE000 v.0.9.15.0 [2011-01-21 17:46:36+0100] C:\Windows\SYSTEM32\ntdll.dll 77740000 - 7787C000 v.6.1.7600.16559 [2010-03-24 07:37:04+0100] C:\Windows\system32\verifier.dll 10CA0000 - 10D00000 v.6.1.7600.16385 [2009-07-14 02:16:17+0100] C:\Windows\system32\kernel32.dll 765B0000 - 76684000 v.6.1.7600.16481 [2009-12-08 12:33:31+0100] C:\Windows\system32\KERNELBASE.dll 75B20000 - 75B6A000 v.6.1.7600.16385 [2009-07-14 02:15:35+0100] C:\Windows\system32\WSOCK32.dll 6AD50000 - 6AD57000 v.6.1.7600.16385 [2009-07-14 02:16:20+0100] C:\Windows\system32\WS2_32.dll 75F30000 - 75F65000 v.6.1.7600.16385 [2009-07-14 02:16:20+0100] C:\Windows\system32\msvcrt.dll 75DE0000 - 75E8C000 v.7.0.7600.16385 [2009-07-14 02:15:50+0100] C:\Windows\system32\RPCRT4.dll 76890000 - 76931000 v.6.1.7600.16385 [2009-07-14 02:16:13+0100] C:\Windows\system32\NSI.dll 77880000 - 77886000 v.6.1.7600.16385 [2009-07-14 02:16:11+0100] C:\Windows\system32\USER32.dll 778A0000 - 77969000 v.6.1.7600.16385 [2009-07-14 02:16:17+0100] C:\Windows\system32\GDI32.dll 76010000 - 7605E000 v.6.1.7600.16385 [2009-07-14 02:15:22+0100] C:\Windows\system32\LPK.dll 77890000 - 7789A000 v.6.1.7600.16385 [2009-07-14 02:15:36+0100] C:\Windows\system32\USP10.dll 75E90000 - 75F2D000 v.1.626.7600.16385 [2009-07-14 02:16:17+0100] C:\Windows\system32\SHELL32.dll 769C0000 - 77609000 v.6.1.7600.16644 [2010-07-27 15:03:24+0100] C:\Windows\system32\SHLWAPI.dll 763E0000 - 76437000 v.6.1.7600.16385 [2009-07-14 02:16:14+0100] C:\Windows\system32\comdlg32.dll 76940000 - 769BB000 v.6.1.7600.16385 [2009-07-14 02:15:07+0100] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\COMCTL32.dll 74010000 - 741AE000 v.6.10.7600.16661 [2010-08-21 06:21:32+0100] C:\Windows\system32\ADVAPI32.dll 776A0000 - 77740000 v.6.1.7600.16385 [2009-07-14 02:14:53+0100] C:\Windows\SYSTEM32\sechost.dll 76440000 - 76459000 v.6.1.7600.16385 [2009-07-14 02:16:13+0100] C:\Windows\system32\ole32.dll 76060000 - 761BC000 v.6.1.7600.16624 [2010-06-29 06:02:02+0100] C:\Windows\system32\OLEAUT32.dll 77610000 - 7769F000 v.6.1.7600.16385 [2009-07-14 02:16:12+0100] C:\Windows\system32\WINMM.dll 73910000 - 73942000 v.6.1.7600.16385 [2009-07-14 02:16:19+0100] C:\Windows\system32\VERSION.dll 74BB0000 - 74BB9000 v.6.1.7600.16385 [2009-07-14 02:16:17+0100] C:\Program Files\Miranda IM\zlib.dll 10000000 - 10011000 v.1.2.5.0 [2011-01-21 17:46:02+0100] C:\Windows\system32\IMM32.DLL 76590000 - 765AF000 v.6.1.7600.16385 [2009-07-14 02:15:32+0100] C:\Windows\system32\MSCTF.dll 764C0000 - 7658C000 v.6.1.7600.16385 [2009-07-14 02:15:43+0100] C:\Windows\system32\uxtheme.dll 73B30000 - 73B70000 v.6.1.7600.16385 [2009-07-14 02:16:17+0100] C:\Windows\system32\dwmapi.dll 73630000 - 73643000 v.6.1.7600.16385 [2009-07-14 02:15:13+0100] C:\Windows\system32\CRYPTBASE.dll 757F0000 - 757FC000 v.6.1.7600.16385 [2009-07-14 02:15:07+0100] C:\Windows\system32\CLBCatQ.DLL 75F80000 - 76003000 v.2001.12.8530.16385 [2009-07-14 02:15:03+0100] C:\Windows\system32\explorerframe.dll 63070000 - 631DF000 v.6.1.7600.16623 [2010-06-26 06:14:29+0100] C:\Windows\system32\DUser.dll 73BD0000 - 73BFF000 v.6.1.7600.16385 [2009-07-14 02:15:13+0100] C:\Windows\system32\DUI70.dll 73C00000 - 73CB2000 v.6.1.7600.16385 [2009-07-14 02:15:13+0100] C:\Program Files\Miranda IM\Plugins\dbx_mmap.dll 12420000 - 12429000 v.0.9.15.0 [2011-01-21 17:45:30+0100] C:\Program Files\Miranda IM\Plugins\svc_crshdmp.dll 016A0000 - 016B3000 v.0.0.4.19 [2011-01-25 11:06:05+0100] C:\Program Files\Miranda IM\Plugins\advaimg.dll 12000000 - 120AA000 v.0.9.15.0 [2011-01-21 17:44:16+0100] C:\Program Files\Miranda IM\Plugins\clist_classic.dll 12160000 - 1216F000 [2011-01-21 17:45:16+0100] C:\Program Files\Miranda IM\Plugins\aim.dll 03A90000 - 03AC3000 [2011-01-21 17:45:00+0100] C:\Program Files\Miranda IM\Plugins\avs.dll 03640000 - 03654000 v.0.9.15.0 [2011-01-21 17:45:08+0100] C:\Program Files\Miranda IM\Plugins\chat.dll 120C0000 - 12105000 [2011-01-21 17:45:14+0100] C:\Windows\system32\riched20.dll 62330000 - 623A6000 v.5.31.23.1229 [2009-07-14 02:16:13+0100] C:\Program Files\Miranda IM\Plugins\gg.dll 12580000 - 125C4000 v.0.9.15.0 [2011-01-21 17:44:28+0100] C:\Program Files\Miranda IM\Plugins\irc.dll 04EA0000 - 04F04000 v.0.9.15.0 [2011-01-21 17:44:40+0100] C:\Program Files\Miranda IM\Plugins\jabber.dll 12620000 - 126D2000 v.0.9.15.0 [2011-01-21 17:46:12+0100] C:\Program Files\Miranda IM\Plugins\msn.dll 127A0000 - 127DF000 v.0.9.15.0 [2011-01-21 17:47:34+0100] C:\Program Files\Miranda IM\Plugins\srmm.dll 12900000 - 12916000 [2011-01-21 17:48:08+0100] C:\Program Files\Miranda IM\Plugins\yahoo.dll 12AA0000 - 12ACE000 v.0.9.15.0 [2011-01-21 17:44:50+0100] C:\Windows\system32\crypt32.dll 75940000 - 75A5C000 v.6.1.7600.16385 [2009-07-14 02:15:07+0100] C:\Windows\system32\MSASN1.dll 758E0000 - 758EC000 v.6.1.7600.16415 [2009-08-29 07:57:31+0100] C:\Windows\system32\wtsapi32.dll 74910000 - 7491D000 v.6.1.7600.16385 [2009-07-14 02:16:20+0100] C:\Program Files\Forefront TMG Client\FwcWsp.dll 74BC0000 - 74DBC000 v.7.0.7734.100 [2009-10-13 23:49:00+0100] C:\Windows\system32\WINTRUST.dll 75AF0000 - 75B1D000 v.6.1.7600.16493 [2009-12-29 07:55:34+0100] C:\Windows\system32\NETAPI32.dll 74B90000 - 74BA1000 v.6.1.7600.16385 [2009-07-14 02:16:02+0100] C:\Windows\system32\netutils.dll 750B0000 - 750B9000 v.6.1.7600.16385 [2009-07-14 02:16:03+0100] C:\Windows\system32\srvcli.dll 756D0000 - 756E9000 v.6.1.7600.16385 [2009-07-14 02:16:15+0100] C:\Windows\system32\wkscli.dll 74B80000 - 74B8F000 v.6.1.7600.16385 [2009-07-14 02:16:19+0100] C:\Windows\system32\DSROLE.DLL 74B70000 - 74B79000 v.6.1.7600.16385 [2009-07-14 02:15:13+0100] C:\Windows\system32\NLAapi.dll 74300000 - 74310000 v.6.1.7600.16385 [2009-07-14 02:16:03+0100] C:\Windows\System32\mswsock.dll 752E0000 - 7531C000 v.6.1.7600.16385 [2009-07-14 02:15:51+0100] C:\Windows\system32\DNSAPI.dll 751A0000 - 751E4000 v.6.1.7600.20621 [2010-01-19 12:55:20+0100] C:\Windows\System32\winrnr.dll 71DE0000 - 71DE8000 v.6.1.7600.16385 [2009-07-14 02:16:19+0100] C:\Windows\system32\napinsp.dll 71DD0000 - 71DE0000 v.6.1.7600.16385 [2009-07-14 02:16:02+0100] C:\Windows\system32\DBGHELP.DLL 74A80000 - 74B6B000 v.6.1.7600.16385 [2009-07-14 02:15:09+0100] C:\Windows\system32\security.dll 74A70000 - 74A73000 v.6.1.7600.16385 [2009-07-14 02:09:53+0100] C:\Windows\system32\SECUR32.DLL 75740000 - 75748000 v.6.1.7600.16385 [2009-07-14 02:16:13+0100] C:\Windows\system32\SSPICLI.DLL 75780000 - 7579A000 v.6.1.7600.16385 [2009-07-14 02:16:15+0100] C:\Windows\system32\pnrpnsp.dll 71D90000 - 71DA2000 v.6.1.7600.16385 [2009-07-14 02:16:12+0100] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 72080000 - 720A7000 v.7.250.4225.0 [2010-09-21 13:03:14+0100] C:\Windows\system32\PSAPI.DLL 75BA0000 - 75BA5000 v.6.1.7600.16385 [2009-07-14 02:16:12+0100] C:\Windows\system32\credssp.dll 74F50000 - 74F58000 v.6.1.7600.16385 [2009-07-14 02:15:07+0100] C:\Windows\system32\msv1_0.DLL 75280000 - 752C2000 v.6.1.7600.16420 [2009-09-10 06:52:05+0100] C:\Windows\system32\cryptdll.dll 75510000 - 75521000 v.6.1.7600.16385 [2009-07-14 02:15:07+0100] C:\Windows\system32\profapi.dll 75870000 - 7587B000 v.6.1.7600.16385 [2009-07-14 02:16:12+0100] C:\Windows\System32\wshtcpip.dll 74A60000 - 74A65000 v.6.1.7600.16385 [2009-07-14 02:16:20+0100] C:\Windows\system32\IPHLPAPI.DLL 738D0000 - 738EC000 v.6.1.7600.16385 [2009-07-14 02:15:33+0100] C:\Windows\system32\WINNSI.DLL 738B0000 - 738B7000 v.6.1.7600.16385 [2009-07-14 02:16:19+0100] C:\Windows\System32\fwpuclnt.dll 73670000 - 736A8000 v.6.1.7600.16385 [2009-07-14 02:15:21+0100] C:\Windows\system32\rasadhlp.dll 71F10000 - 71F16000 v.6.1.7600.16385 [2009-07-14 02:16:12+0100] C:\Windows\system32\CRYPTSP.dll 75320000 - 75336000 v.6.1.7600.16385 [2009-07-14 02:15:07+0100] C:\Windows\system32\rsaenh.dll 750C0000 - 750FB000 v.6.1.7600.16385 [2009-07-14 02:17:54+0100] C:\Windows\system32\imagehlp.dll 76210000 - 7623A000 v.6.1.7600.16385 [2009-07-14 02:15:31+0100] C:\Windows\system32\bcrypt.dll 75430000 - 75447000 v.6.1.7600.16385 [2009-07-14 02:14:59+0100] C:\Windows\system32\bcryptprimitives.dll 74FC0000 - 74FFD000 v.6.1.7600.16385 [2009-07-14 02:17:54+0100] C:\Windows\system32\schannel.dll 75130000 - 7516A000 v.6.1.7600.16661 [2010-08-21 06:36:24+0100] C:\Windows\system32\ncrypt.dll 75450000 - 75488000 v.6.1.7600.16385 [2009-07-14 02:16:02+0100]

You have a crash inside windows networking stack. It has nothing to do with msn protocol.

And if you think there is heap corruption why msn protocol causing it, and not somebody else? Miranda is multi-threaded application and has the same heap for all plugins, so not sure where msn conclusion came from. If somebody causes heap corruption I would guess Yahoo, it's known to have memory issues.

Bottom line, crash occurred in the windows kernel code, user did not debug further to which plugin or windows itself caused heap corruption. Stack dumps are completely useless when debugging memory corruption for multi-threaded applications.

Closing as not an issue.

And one more thing you dumped what was at corruption address not was before the corruption address. And that information is only the one have some value.

And one more thing please not that URL in the dumped block is encoded UTF16. MSN protocol works only in UTF8 and even more it never has UTF16 URLs. So whatever caused corruption is definitely not MSN protocol.

After looking on VI I found this:

C:\Program Files\Forefront TMG Client\FwcWsp.dll

And this is the cause of the crash. A lot of 3rd party apps are crashing with this thing.