* Invalid Memory Access in SignatureValidator
Problem:
* SignatureValidator::IsStoreOrigin() tries to read X.509 extensions
to determine if the origin of the signature matches the Windows Store OID.
* Extension data is converted from a raw buffer to an std::string for
comparision.
* The raw buffer is not null-terminated, and therefore, running
std::strlen() on it causes invalid memory access.
* This invalid access is caught by ASAN on macOS.
Solution:
* Null-terminate the raw buffer before trying to build an std::string
from it.
Tests:
* Ran app test suite that uses libmsix.dylib with ASAN on. No crashes
were reported.
* Invalid Memory Access in SignatureValidator
Problem:
* As @JohnMcPMS pointed out, writing "" with 1 byte size is null termination.
* A better solution would be to use bptr->length and avoid writing the null
byte altogether.
Tests:
* Ran app test suite that uses libmsix.dylib with ASAN on. No crashes
were reported.
Co-authored-by: Sayan Chaliha <sachalih@microsoft.com>
Adds new property on AppxBundleMetadata: ChildAppxPackages. This replaces the now [Obsolete] InternalAppxPackagesRelativePaths, as it has the file paths but also the metadata unique to each child package.
* Added option to AppxFactory to create package writer with file hash enabled in block map xml
* Changed PCSTR to LPCSTR as PCSTR is not defined in Linux and MacOS. Also updated test data about expected block map xml size
* Added CoCreateAppxFactoryWithOptions and CoCreateAppxFactoryWithHeapAndOptions to export list
* Test pull request
* Changed block map xml writer to add <FileHash> elements to BlockMap XML
* Update tests to reflect the change of block map xml and skip schema block map validation for Xerces parser
* Fix delete void pointer issue that some compilers do not allow
* Fixed a typo
* OpenSSL is not thread-safe even when compiled with OPENSSL_THREADS
* Library initialization needs to be called only once and
* Needs to set a thread ID callback
* Needs to set locking callback
* OPENSSL_add_all_algorithms() should be called only once in an app
Co-authored-by: Sayan Chaliha <sachalih@microsoft.com>
The pipeline tasks for packaging and for creating a VHDX for app attach call a helper PS script, which may be blocked in certain environments due to the ExecutionPolicy. To allow the scripts to run, set the execution policy when calling powershell.exe.
Also removed files regarding release signing configuration that are no longer needed with the new signing method, and added debug configuration for the pipelines tasks that was missing after the move from the private repo.
* Attempt to create bundle method
* ProcessCommonOptions method
* Pass flags
* Update
* Create appxbundlefactory and bundlewriter
* Added interfaces to implement
* edit bundle options
* Remove comments
* Create vector of packages to write to bundle manifest
* Create bundle manifest bundle element
* Write Bundle Manifest Elements
* Add AppxBundleManifest, BlockMap, contenttype.xml to zip
* Validations to store fields into manifest
* Write Resources and Dependencies to Bundle Manifest
* Fetches correct value for resources and tdfs
* Created AppxBundleWriter and BundleWriterHelper files
* Writer verion to manifest, address PR comments
* process common and input options
* Use stdstrin instead of wchar
* Address PR comments
* Removed closeinternal from AppxBundleWriter.cpp
* Use exceptions instead of hresult
* Implement AppxManifestReader->GetQualifiedResources
* Write resources to bundle manifest
* Write correct namespaces to manifest file
* Code review comments
* Resolve build on other platforms
* Add packbundle to if MSIX_PACK
* Build should pass now
* Remove ectra qualification for build to pass
* add to msix_pack
* STATFLAG_NONAME error
* Resolve compiler error
* UINT64 and std::uint64 compiler error
* Use std::time instead of systemtime
* Build break
* resolve UINT64 ios compiler error
* Comment out arm64 mac jobs- known config issue
* Mac pipeline failure
* Remove Text data structure as per PR feedback
* gitignore, move zlib file, update filename to versionhelpers
* Resolve build
* Remove thumbs.db file
* Added ability to create, mount, and unmount VHDs
* Refactoring; Accept -vhdSize on VHD creation; Retrieve drive letter on mount
* Handle vhdSize values
* Enabled creation of VHDX files
* Updated help strings
* Delete broken VHD on VHD creation failures
* Don't delete vhd on vhd creation failure if failure is ERROR_FILE_EXISTS
* Adjusted min/max vhd siez
* Expose option to mount VHD as RO or RW.
* Modify func signatures in VHDProvider
* Added updated CreateCIM and WVDUtilities binaries
* Added ability to create CIM files and add unpacked packages to them
* Enabled mounting/unmounting of CIM files
* Updated help strings
* Move error output for individual packages to a single batch at end of execution
* Handle failures creating temp directory
* Addressed code review comments
* Removed lines from resource.h
* set applyacls according to user specfication
* Removed commented code. Output on createcim.dll failure
* Added CreateCIM binaries
Changing the namespace for the Utils library from Microsoft.Packaging.Utils to Microsoft.Msix.Utils to match what will be the published NuGet package name.
All of this is to be consumed by the release pipeline.
* Added configuration for signing.
* Added build properties to control major/minor version with recommended semantic versioning. Patch version is set by the pipeline.
* Added .nuspec file to indicate package license.
* Updated AssemblyInfo with required information.
Open source Utils source code from the private Windows repo to MSIX SDK repo so that it is available for the Windows community to collaborate/contribute to. This supports our org-wide goal to open source as much of our code as we can. This will also enable us to take other services open source.
Chacón
stephenk-msft
Ruben Guerrero
Sayan Chaliha
Union Palenshus
rhuang-msft
dependabot[bot]
Mark Ingram
Ryan Fu
jyvenugo
dianmsft