MSIX SDK
Перейти к файлу
Sayan Chaliha 0c8a78f9b1
Invalid Memory Access in SignatureValidator (#453)
* Invalid Memory Access in SignatureValidator

Problem:
* SignatureValidator::IsStoreOrigin() tries to read X.509 extensions
to determine if the origin of the signature matches the Windows Store OID.
* Extension data is converted from a raw buffer to an std::string for
comparision.
* The raw buffer is not null-terminated, and therefore, running
std::strlen() on it causes invalid memory access.
* This invalid access is caught by ASAN on macOS.

Solution:
* Null-terminate the raw buffer before trying to build an std::string
from it.

Tests:
* Ran app test suite that uses libmsix.dylib with ASAN on. No crashes
were reported.

* Invalid Memory Access in SignatureValidator

Problem:
* As @JohnMcPMS pointed out, writing "" with 1 byte size is null termination.
* A better solution would be to use bptr->length and avoid writing the null
byte altogether.

Tests:
* Ran app test suite that uses libmsix.dylib with ASAN on. No crashes
were reported.

Co-authored-by: Sayan Chaliha <sachalih@microsoft.com>
2021-06-08 10:53:39 -07:00
.github/ISSUE_TEMPLATE Update issue templates (#64) 2019-03-13 12:22:31 -07:00
MsixCore Updated ApplyACls (#448) 2021-05-07 14:52:00 -07:00
cmake Added latest Appx manifest schemas to MSIX SDK (#433) 2021-03-10 13:32:24 -08:00
lib Parse mapping file passed to makemsix (#395) 2020-12-10 15:20:45 -08:00
pipelines Implement flat bundle creation (#389) 2020-11-06 11:20:41 -08:00
resources Added latest Appx manifest schemas to MSIX SDK (#433) 2021-03-10 13:32:24 -08:00
sample Rename GetLogTextUTF8 to MsixGetLogTextUTF8 (#359) 2020-07-24 15:21:44 -07:00
src Invalid Memory Access in SignatureValidator (#453) 2021-06-08 10:53:39 -07:00
tools Adding property on bundle object containing metadata about child packages (#449) 2021-05-13 12:06:17 -07:00
.gitattributes Packaging master (#189) 2019-08-06 12:15:41 -07:00
.gitignore Implement flat bundle creation (#389) 2020-11-06 11:20:41 -08:00
CMakeLists.txt Fix Issue 224 (#239) 2019-10-14 18:11:19 -07:00
CMakeSettings.json Add VS 2019 direct CMakeCache config (#98) 2019-04-25 10:50:02 -07:00
CODEOWNERS Add project for Azure Pipelines Tasks for MSIX (#384) 2020-09-24 16:03:32 -07:00
LICENSE update 2018-09-21 15:57:06 -07:00
Microsoft.MSIX.Packaging.targets Merged PR 2853269: Provide platform-specific nuget packages for msix 2019-02-08 20:32:35 -08:00
Package.nuspec.cmakein Prepare for 1.6 2019-02-08 20:32:45 -08:00
ProjectIcon.png Merged PR 1028022: Merge xerces to feature 2017-10-27 18:48:31 +00:00
README.md macOS universal binaries (#374) 2020-08-14 12:20:21 -07:00
SUPPORT.md Add support file (#398) 2020-12-07 12:48:06 -08:00
THIRD PARTY CODE NOTICE update tpn (#333) 2020-02-18 16:41:32 -08:00
makeaosp.sh Fix Linux and AOSP build (#347) 2020-05-28 11:49:43 -07:00
makeaosponwinx86.cmd Merged PR 2342853: [MSIX SDK] reduce binary size on android by switching to use inbox java xml parser on android instead of xerces 2018-10-09 13:44:15 -07:00
makeios.sh Fix Issue 224 (#239) 2019-10-14 18:11:19 -07:00
makelinux.sh Fix Issue 224 (#239) 2019-10-14 18:11:19 -07:00
makemac.sh Enable build for Apple Silicon Macs (#356) 2020-07-10 12:09:56 -07:00
makewin.cmd Fix Issue 224 (#239) 2019-10-14 18:11:19 -07:00
manifest.cmakein Implement Windows8+ Applicability PAL 2018-09-21 15:57:06 -07:00
release_master.cmd Fix release break due to CMakeList.txt dependency on description containing 3+ parts (which doesn't happen on first build with specified tag) 2017-10-27 15:05:33 -07:00
release_master.ps1 Fix release break due to CMakeList.txt dependency on description containing 3+ parts (which doesn't happen on first build with specified tag) 2017-10-27 15:05:33 -07:00
tdf-guidance.md Merged PR 2161980: referring to MSIX Packaging SDK as MSIX SDK 2018-09-21 15:57:06 -07:00

README.md

MSIX SDK

Copyright (c) 2019 Microsoft Corp. All rights reserved.

Description

The MSIX SDK project is an effort to enable developers on a variety of platforms to pack and unpack packages for the purposes of distribution from either the Microsoft Store, or their own content distribution networks.

The MSIX Packaging APIs that a client app would use to interact with .msix/.appx packages are a subset of those documented here.

Overview

The MSIX SDK project includes cross platform API support for packing and unpacking of .msix/.appx packages

msix A shared library (DLL on Win32, dylib on macOS, SO on Linux and Android) that exports a subset of the functionality contained within appxpackaging.dll on Windows. See here for additional details.
On all platforms instead of CoCreating IAppxFactory, a C-style export: CoCreateAppxFactory is provided. Similarly, the CoCreateAppxBundleFactory export is equivalent as CoCreating IAppxBundleFactory.

The 'UnpackPackage' and 'UnpackBundle' exports that provide a simplified unpackage implementation. Similarly, PackPackage provides a simplified package implementation. See the samples directory for usage of the SDK.
makemsix A command line wrapper over the MSIX library entrypoints. makemsix supports pack and unpack. Use the -? to get information about the options supported.
MSIX Core A client app that uses installs .msix/.appx packages on Windows 7 SP1 and later versions of Windows. Go to the MSIX Core project page, to get more details.

Guidance on how to package your app contents and construct your app manifest such that it can take advantage of the cross platform support of this SDK is here.

Release Notes

Release notes on the latest features and performance improvements made to the SDK are listed here

Setup Instructions

  1. Clone the repository: git clone [URL]

Issues

If you are using Visual Studio 2017 and you run into errors about not being able to find the v140 toolset:

  1. Install the Microsoft Build Tools (https://chocolatey.org/packages/microsoft-build-tools)
  2. Start -> visual studio installer -> Visual Studio Build Tools 2017 -> Modify the 2014 toolset -> individual components
  3. Make sure that VC++ 2015.3 v140 toolset for desktop is selected and then unselect VC++ 2017 141 toolset
  4. Close, then re-open the solution.

Dependencies

Depending on the platform for which the MSIX shared library (MSIX.DLL | libmsix.dylib | libmsix.so) is compiled, one or more of the following dependencies may be statically linked into the binary:

For convinience, Zlib, Xerces-C and OpenSSL are git-subtrees that are mapped in under the lib folder of this project. Edits on top of these subtrees for build related optimizations are tracked within this repository.

The Android NDK is only required for targeting the Android platform.

Prerequisites

The project uses git-lfs to store some large binary test files. You can find out more and install it from here:

https://git-lfs.github.com/

Make sure that you have CMAKE installed on your machine

One or more of the following prerequisites may also be required on your machine:

Ninja-build:

https://github.com/ninja-build/ninja/releases

Android NDK:

https://developer.android.com/ndk/downloads/index.html

Clang/LLVM:

http://releases.llvm.org/download.html

VS 2017 clients:

Open Visual Studio 2017 File->Open Folder->navigate to project root and select "CMakeLists.txt"

See cmake-support-vs for details regarding how to configure your environment.

Xcode clients:

open terminal, from project root: mkdir build && cd build && cmake -DMACOS=on -G"Xcode" .. open xcode File->Open->navigate to project root/build and select "Project.xcodeproj"

See cmake-Xcode-integration for additional details

Build

On Windows using Visual Studio nmake:

   makewin.cmd <x86|x64> [options]

This will start MSVC environment calling vcvarsall.bat , clean the output directory, call cmake and nmake. The latest Visual Studio version is obtained by calling vswhere.exe

On Mac using make:

   ./makemac [options]
   ./makeios [options]

On Linux using make:

   ./makelinux [options]
   ./makeaosp [options]

How to compile for Android on Windows:

  • Unpack the latest Android NDK to c:\android-ndk
  • Unpack Ninja-build to c:\ninja
  • Add c:\ninja to the path environment variable
  • Create a folder under the root of the enlistment called "android", cd into that folder, then run the following command to create ninja build files:
    cmake -DCMAKE_ANDROID_NDK=c:/android-ndk ^
        -DCMAKE_ANDROID_NDK_TOOLCHAIN_VERSION=clang ^
        -DCMAKE_SYSTEM_NAME=Android ^
        -DCMAKE_SYSTEM_VERSION=19 ^
        -DCMAKE_ANDROID_ARCH_ABI=x86 ^
        -DCMAKE_ANDROID_STL_TYPE=c++_shared ^
        -DCMAKE_BUILD_TYPE=Release ^
        -DAOSP=on ^
        -G"Ninja" ..

To compile, run the following command from the android folder:

    ninja

Enable pack features

By default, pack is NOT turned on in the build scripts and is not supported for mobile devices. Use the --pack option in the build scripts or pass -DMSIX_PACK=on to the CMake command to enable it. You will have to set also -DUSE_VALIDATION_PARSE=on in the build script, otherwise the build operation will fail.

Build Status

The following native platforms are in development now:

Windows

master
Debug x32 Build Status
Debug x64 Build Status
Release x32 Build Status
Release x64 Build Status
Release x32 Without Bundle support Build Status
Release x64 Without Bundle support Build Status
Release x32 With Validation Parser Build Status
Release x64 With Validation Parser Build Status
Debug x32 With Pack Build Status
Debug x64 With Pack Build Status
Release x32 With Pack Build Status
Release x64 With Pack Build Status
Release x32 Xerces With Pack Build Status
Release x64 Xerces With Pack Build Status

Built in the Azure Pipelines windows-latest pool. See specifications here

macOS

master
Debug Build Status
Release Build Status
Release Without Bundle support Build Status
Debug With Pack Build Status
Release With Pack Build Status
Debug arm64 Build Status
Release arm64 Build Status
Release Without Bundle support arm64 Build Status
Debug With Pack arm64 Build Status
Release With Pack arm64 Build Status
Release Universal Build Status
Release Without Bundle support Universal Build Status
Release With Pack Universal Build Status

Built in the Azure Pipelines macOS pool. See specification here

iOS

master
Debug Emulator Build Status
Release Emulator Build Status
Release Emulator Without Bundle support Build Status
Release arm64 Build Status

Built in the Azure Pipelines macOS pool. See specification here

Android

master
Debug Emulator Build Status
Release Emulator Build Status
Release Emulator Without Bundle support Build Status
Release arm Build Status
Release arm Without Bundle support Build Status

Built in the Azure Pipelines macOS pool. See specification here

Linux

master
Debug Build Status
Release Build Status
Release Without Bundle Support Build Status
Release With Validation Parser Build Status
Debug With Pack Build Status
Release With Pack Build Status

Built in the Azure Pipelines Hosted Ubuntu 1604. See specification here

Windows 7 support

The MSIX SDK is fully supported and tested on Windows 7. However, an Application Manifest MUST be included to any executable that is expected to run on Windows 7 and uses msix.dll. Specifically, the Application Manifest MUST include the supportedOS flags for Windows 7. The manifest is not included on msix.dll because the compat manifest doesn't matter on DLLs. See the manifest that is used for makemsix and samples of this project as example. The Windows 7 machine might also require the Microsoft Visual C++ Redistributable binaries installed to run properly. Alternatively, build msix.dll with makewin.cmd <x86|x64> -mt [options] to use static version of the runtime library and don't require the redistributables.

Android support

The MSIX SDK minimum supported for Android is API Level 19.

We also produce msix-jni.jar which acts as a helper to get the languages from the Android device. Because of it, we expect either a -DANDROID_SDK and -DANDROID_SDK_VERSION on the cmake command and, if not present, we default to $ANDROID_HOME and 24 respectively. The default level for the SDK level is 24 because we use the Configuration class and, depending on the version of the device, we either use the locale attribute (deprecated as of API level 24) or getLocales. We recommend using the makeaosp script to build for Android on non-Windows devices.

Apple Silicon

To enable building the MSIX SDK to run on Apple Silicon do the following:

  1. Install Xcode beta 12 (https://developer.apple.com/download/)
  2. Change active developer directory sudo xcode-select -switch /Applications/Xcode-beta.app/Contents/Developer
  3. Build using makemac.sh ./makemac.sh -arch arm64 --skip-tests

Testing

msixtest uses Catch2 as testing framework. msixtest is either an executable or a shared library, depending on the platform. It has a single entrypoint msixtest_main that takes argc and argv, as main, plus the path were the test packages are located. The shared library is used for our mobile test apps, while non-mobile just forwards the arguments to msixtest_main. It requires msix.dll to be build with "Release" or "RelWithDebInfo" CMake switch.

First build the project, then:

Testing for non-mobile devices:

Go to the build directory and run msixtes\msixtest.exe. You can run an specific test by running msixtest [test name]. By default, the test will only output the failling tests, use -s to output successfull tests.

Testing on mobile devices:

iOS

First build the project for iOS, then launch xCode and load src/test/mobile/iOSBVT.xcworkspace, compile the test app, and then launch the iPhone simulator. You can also run "testios.sh -p iOSBVT/iOSBVT.xcodeproj" from src/test/mobile.

Android:

From within bash, navigate to src/test/mobile, and run "./testaosponmac.sh".

Releasing

If you are the current maintainer of this project:

  1. Pull latest payload to release in master
  2. Confirm that all platforms/architectures/flavors build and all BVTs pass
  3. From a windows cmd prompt: release_master.cmd
  4. Confirm that new branch called "release_v1.xxx" where "xxx" is the next incremental version is created

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.

If you have any questions or comments, you can send them our team directly!

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Report a Computer Security Vulnerability

If you are a security researcher and believe you have found a security vulnerability that meets the definition of a security vulnerability that is not resolved by the 10 Immutable Laws of Security, please send e-mail to us at secure@microsoft.com. To help us to better understand the nature and scope of the possible issue, please include as much of the below information as possible.

  • Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
  • Product and version that contains the bug, or URL if for an online service
  • Service packs, security updates, or other updates for the product you have installed
  • Any special configuration required to reproduce the issue
  • Step-by-step instructions to reproduce the issue on a fresh install
  • Proof-of-concept or exploit code
  • Impact of the issue, including how an attacker could exploit the issue

Microsoft follows Coordinated Vulnerability Disclosure (CVD) and, to protect the ecosystem, we request that those reporting to us do the same. To encrypt your message to our PGP key, please download it from the Microsoft Security Response Center PGP Key. You should receive a response within 24 hours. If for some reason you do not, please follow up with us to ensure we received your original message. For further information, please visit the Microsoft Security Response Policy and Practices page and read the Acknowledgment Policy for Microsoft Security Bulletins.

For additional details, see Report a Computer Security Vulnerability on Technet