[Bug 43041] Multiple application installers crash due to missing message string for 0x800b0100 (TRUST_E_NOSIGNATURE) (CodeXL 2.3, RT Se7en Lite)

https://bugs.winehq.org/show_bug.cgi?id=43041

Anastasius Focht focht@gmx.net changed:

What |Removed |Added ---------------------------------------------------------------------------- Summary|CodeXL install fails |Multiple application | |installers crash due to | |missing message string for | |0x800b0100 | |(TRUST_E_NOSIGNATURE) | |(CodeXL 2.3, RT Se7en Lite) CC| |focht@gmx.net Keywords| |Installer Ever confirmed|0 |1 Component|-unknown |kernel32 Status|UNCONFIRMED |NEW

--- Comment #2 from Anastasius Focht focht@gmx.net --- Hello folks,

the trace leading to the failure is exactly the same as bug 27576 (uses same installer technology)

--- snip --- $ WINEDEBUG=+tid,+seh,+relay,+msi,+imagehlp,+wintrust,+crypt wine ./CodeXL_Win_2.3.629.exe >>log.txt 2>&1 ... 003d:Call KERNEL32.CreateProcessW(00000000,00b1c9b4 L""Z:\home\focht\Downloads\CodeXL_Win_2.3.629.exe" /i "C:\users\focht\Application Data\GPUOpen.com\CodeXL 2.3.629\install\ED00F2E\setup.msi" ADDSOURCE="X86DebuggersAndTo" SECONDSEQUENCE="1" EXECUTEACTION="INSTALL" ACTION="INSTALL" CLIENTUILEVEL="0" ADDLOCAL="Profile_Srv_32,Pr"...,00000000,00000000,00000000,00000410,00000000,00000000,00b1c490,00b1c480) ret=7e87595c ... 0049:Call KERNEL32.__wine_kernel_init() ret=7bc69f60 ... 003d:Ret KERNEL32.CreateProcessW() retval=00000001 ret=7e87595c ... 0049:Call msi.MsiGetFileSignatureInformationW(0060c3c0 L"Z:\home\focht\Downloads\CodeXL_Win_2.3.629.exe",00000001,0033efe8,00000000,00000000) ret=004a9156 0049:trace:msi:MsiGetFileSignatureInformationW L"Z:\home\focht\Downloads\CodeXL_Win_2.3.629.exe" 00000001 0x33efe8 (nil) (nil) ... 0049:Call wintrust.WinVerifyTrustEx(ffffffff,7d151fac,0033eef4) ret=7d09f41a 0049:trace:wintrust:WinVerifyTrust (0xffffffff, {00aac56b-cd44-11d0-8cc2-00c04fc295ee}, 0x33eef4) 0049:trace:wintrust:dump_wintrust_data 0x33eef4 0049:trace:wintrust:dump_wintrust_data cbStruct: 52 0049:trace:wintrust:dump_wintrust_data pPolicyCallbackData: (nil) 0049:trace:wintrust:dump_wintrust_data pSIPClientData: (nil) 0049:trace:wintrust:dump_wintrust_data dwUIChoice: 2 0049:trace:wintrust:dump_wintrust_data fdwRevocationChecks: 00000001 0049:trace:wintrust:dump_wintrust_data dwUnionChoice: 1 0049:trace:wintrust:dump_file_info 0x33eee4 0049:trace:wintrust:dump_file_info cbStruct: 16 0049:trace:wintrust:dump_file_info pcwszFilePath: L"Z:\home\focht\Downloads\CodeXL_Win_2.3.629.exe" 0049:trace:wintrust:dump_file_info hFile: (nil) 0049:trace:wintrust:dump_file_info pgKnownSubject: (null) 0049:trace:wintrust:dump_wintrust_data dwStateAction: 1 0049:trace:wintrust:dump_wintrust_data hWVTStateData: (nil) 0049:trace:wintrust:dump_wintrust_data pwszURLReference: (null) 0049:trace:wintrust:dump_wintrust_data dwProvFlags: 00000000 0049:trace:wintrust:dump_wintrust_data dwUIContext: 1 0049:trace:wintrust:WINTRUST_DefaultVerify (0xffffffff, {00aac56b-cd44-11d0-8cc2-00c04fc295ee}, 0x33eef4) ... 0049:Call crypt32.CryptSIPRetrieveSubjectGuid(0060c3c0 L"Z:\home\focht\Downloads\CodeXL_Win_2.3.629.exe",00000088,001920d4) ret=7ce7dffb 0049:trace:crypt:CryptSIPRetrieveSubjectGuid (L"Z:\home\focht\Downloads\CodeXL_Win_2.3.629.exe" 0x88 0x1920d4) 0049:Call KERNEL32.SetFilePointerEx(00000088,00000000,00000000,0033eb98,00000001) ret=7cde9c31 0049:Ret KERNEL32.SetFilePointerEx() retval=00000001 ret=7cde9c31 0049:Call KERNEL32.SetFilePointer(00000088,00000000,00000000,00000000) ret=7cde9c42 0049:Ret KERNEL32.SetFilePointer() retval=00000000 ret=7cde9c42 0049:Call KERNEL32.ReadFile(00000088,0033eb94,00000004,0033eba8,00000000) ret=7cde9c5c 0049:Ret KERNEL32.ReadFile() retval=00000001 ret=7cde9c5c 0049:trace:crypt:CryptSIPRetrieveSubjectGuid file magic = 0x4d5a9000 0049:Call KERNEL32.SetFilePointerEx(00000088,00000000,00000000,00000000,00000000) ret=7cdea421 0049:Ret KERNEL32.SetFilePointerEx() retval=00000001 ret=7cdea421 0049:Ret crypt32.CryptSIPRetrieveSubjectGuid() retval=00000001 ret=7ce7dffb 0049:trace:wintrust:SOFTPUB_GetFileSubject returning 0 .... 0049:trace:crypt:CryptSIPGetSignedDataMsg (0x197610 0x192078 0 0x33ec80 (nil)) 0049:Call wintrust.CryptSIPGetSignedDataMsg(00197610,00192078,00000000,0033ec80,00000000) ret=7cdeabd4 0049:trace:wintrust:CryptSIPGetSignedDataMsg (0x197610 0x192078 0 0x33ec80 (nil)) 0049:trace:wintrust:WINTRUST_GetSignedMsgFromPEFile (0x197610 0x192078 0 0x33ec80 (nil)) ... 0049:Call imagehlp.ImageGetCertificateHeader(00000088,00000000,0033eb10) ret=7ce7690c 0049:trace:imagehlp:ImageGetCertificateHeader 0x88 0 0x33eb10 0049:trace:imagehlp:IMAGEHLP_GetNTHeaders handle 0x88 0049:Call KERNEL32.SetFilePointer(00000088,00000000,00000000,00000000) ret=7cd722ad 0049:Ret KERNEL32.SetFilePointer() retval=00000000 ret=7cd722ad 0049:Call KERNEL32.ReadFile(00000088,0033e794,00000040,0033e790,00000000) ret=7cd722e0 0049:Ret KERNEL32.ReadFile() retval=00000001 ret=7cd722e0 0049:Call KERNEL32.SetFilePointer(00000088,000000e8,00000000,00000000) ret=7cd7233a 0049:Ret KERNEL32.SetFilePointer() retval=000000e8 ret=7cd7233a 0049:Call KERNEL32.ReadFile(00000088,0033e908,000000f8,0033e790,00000000) ret=7cd7236f 0049:Ret KERNEL32.ReadFile() retval=00000001 ret=7cd7236f 0049:trace:imagehlp:IMAGEHLP_GetSecurityDirOffset ret = 0 size = 0 addr = 0 0049:Call KERNEL32.SetFilePointer(00000088,00000000,00000000,00000000) ret=7cd726c9 0049:Ret KERNEL32.SetFilePointer() retval=00000000 ret=7cd726c9 0049:Call KERNEL32.ReadFile(00000088,0033ea34,00000004,0033ea38,00000000) ret=7cd726f5 0049:Ret KERNEL32.ReadFile() retval=00000001 ret=7cd726f5 0049:Ret imagehlp.ImageGetCertificateHeader() retval=00000000 ret=7ce7690c ... 0049:trace:wintrust:CryptSIPGetSignedDataMsg returning 0 0049:Ret wintrust.CryptSIPGetSignedDataMsg() retval=00000000 ret=7cdeabd4 0049:trace:crypt:CryptSIPGetSignedDataMsg returning 0 0049:Call KERNEL32.CloseHandle(00000088) ret=7ce7e953 0049:Ret KERNEL32.CloseHandle() retval=00000001 ret=7ce7e953 0049:trace:wintrust:SoftpubLoadMessage returning 1 (800b0100) 0049:Ret wintrust.SoftpubLoadMessage() retval=00000001 ret=7ce80ebf 0049:trace:wintrust:WINTRUST_DefaultVerify returning 800b0100 0049:trace:wintrust:WinVerifyTrust returning 800b0100 0049:Ret wintrust.WinVerifyTrustEx() retval=800b0100 ret=7d09f41a 0049:Call wintrust.WinVerifyTrustEx(ffffffff,7d151fac,0033eef4) ret=7d09f50b 0049:trace:wintrust:WinVerifyTrust (0xffffffff, {00aac56b-cd44-11d0-8cc2-00c04fc295ee}, 0x33eef4) 0049:trace:wintrust:dump_wintrust_data 0x33eef4 0049:trace:wintrust:dump_wintrust_data cbStruct: 52 0049:trace:wintrust:dump_wintrust_data pPolicyCallbackData: (nil) 0049:trace:wintrust:dump_wintrust_data pSIPClientData: (nil) 0049:trace:wintrust:dump_wintrust_data dwUIChoice: 2 0049:trace:wintrust:dump_wintrust_data fdwRevocationChecks: 00000001 0049:trace:wintrust:dump_wintrust_data dwUnionChoice: 1 0049:trace:wintrust:dump_file_info 0x33eee4 0049:trace:wintrust:dump_file_info cbStruct: 16 0049:trace:wintrust:dump_file_info pcwszFilePath: L"Z:\home\focht\Downloads\CodeXL_Win_2.3.629.exe" 0049:trace:wintrust:dump_file_info hFile: 0xffffffff 0049:trace:wintrust:dump_file_info pgKnownSubject: (null) 0049:trace:wintrust:dump_wintrust_data dwStateAction: 2 0049:trace:wintrust:dump_wintrust_data hWVTStateData: 0x192040 0049:trace:wintrust:dump_wintrust_data pwszURLReference: (null) 0049:trace:wintrust:dump_wintrust_data dwProvFlags: 00000000 0049:trace:wintrust:dump_wintrust_data dwUIContext: 1 0049:trace:wintrust:WINTRUST_DefaultClose (0xffffffff, {00aac56b-cd44-11d0-8cc2-00c04fc295ee}, 0x33eef4) 0049:Call wintrust.SoftpubCleanup(00192040) ret=7ce8139a ... 0049:Call crypt32.CryptMsgClose(00000000) ret=7ce80788 0049:trace:crypt:CryptMsgClose ((nil)) 0049:Ret crypt32.CryptMsgClose() retval=00000001 ret=7ce80788 0049:Ret wintrust.SoftpubCleanup() retval=00000000 ret=7ce8139a ... 0049:trace:wintrust:WINTRUST_DefaultClose returning 00000000 0049:trace:wintrust:WinVerifyTrust returning 00000000 0049:Ret wintrust.WinVerifyTrustEx() retval=00000000 ret=7d09f50b 0049:Ret msi.MsiGetFileSignatureInformationW() retval=800b0100 ret=004a9156 0049:Call KERNEL32.FormatMessageW(00001300,00000000,800b0100,00000400,0033ef90,00000000,00000000) ret=004aa67d 0049:Ret KERNEL32.FormatMessageW() retval=00000000 ret=004aa67d 0049:trace:seh:raise_exception code=c0000005 flags=0 addr=0x4c42b1 ip=004c42b1 tid=0049 0049:trace:seh:raise_exception info[0]=00000000 0049:trace:seh:raise_exception info[1]=00000000 0049:trace:seh:raise_exception eax=00000000 ebx=00000000 ecx=0033eff8 edx=0000013d esi=0033eff8 edi=0033eff8 0049:trace:seh:raise_exception ebp=0033ef60 esp=0033ef60 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00210202 0049:trace:seh:call_stack_handlers calling handler at 0x4eb487 code=c0000005 flags=0 ... --- snip ---

The first problem is 'MsiGetFileSignatureInformationW' failing, leading to failing 0x800b0100 (TRUST_E_NOSIGNATURE) message string resource lookup which causes a crash. Unlike bug 27576 the app crash handler catches it properly here (no recursion) and displays an error dialog.

As already said in bug 27576 the call to 'MsiGetFileSignatureInformation' looks kinda fishy, it will always fail. The executable doesn't contain a signature at all. Maybe it's generic installer (framework) code that gets always executed, regardless if the playload has been digitally signed or not.

--- snip --- -=[ ProtectionID v0.6.8.5 DECEMBER]=- (c) 2003-2017 CDKiLLER & TippeX Build 24/12/16-13:09:21 Ready... Scanning -> Z:\home\focht\Downloads\CodeXL_Win_2.3.629.exe File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 141227628 (086AF66Ch) Byte(s) | Machine: 0x14C (I386) Compilation TimeStamp : 0x55F7D8C6 -> Tue 15th Sep 2015 08:37:26 (GMT) [TimeStamp] 0x55F7D8C6 -> Tue 15th Sep 2015 08:37:26 (GMT) | PE Header | - | Offset: 0x000000F0 | VA: 0x004000F0 | - [TimeStamp] 0x55F7D8C6 -> Tue 15th Sep 2015 08:37:26 (GMT) | DebugDirectory | - | Offset: 0x000FD444 | VA: 0x004FE844 | - -> File has 139200108 (084C066Ch) bytes of appended data starting at offset 01EF000h [!] Executable uses SEH Tables (/SAFESEH) (1489 calculated 1489 recorded... 0 invalid addresses) [File Heuristics] -> Flag #1 : 00000100000001001101000000000100 (0x0404D004) [Entrypoint Section Entropy] : 6.63 (section #0) ".text " | Size : 0xFC61C (1033756) byte(s) [DllCharacteristics] -> Flag : (0x8140) -> ASLR | DEP | TSA [SectionCount] 5 (0x5) | ImageSize 0x1F9000 (2068480) byte(s) [VersionInfo] Company Name : GPUOpen.com [VersionInfo] Product Name : CodeXL [VersionInfo] Product Version : 2.3.629 [VersionInfo] File Description : CodeXL 2.3.629 installer [VersionInfo] File Version : 2.3.629 [VersionInfo] Original FileName : CodeXL_Win_2.3.629.exe [VersionInfo] Internal Name : CodeXL_Win_2.3.629 [VersionInfo] Legal Copyrights : Copyright (C) 2017 GPUOpen.com [ModuleReport] [IAT] Modules -> KERNEL32.dll | USER32.dll | GDI32.dll | ADVAPI32.dll | SHELL32.dll | ole32.dll | OLEAUT32.dll | dbghelp.dll | SHLWAPI.dll | COMCTL32.dll | MSIMG32.dll | VERSION.dll | MPR.dll | COMDLG32.dll [ModuleReport] [DelayImport] Modules -> msi.dll | gdiplus.dll | UxTheme.dll | WININET.dll | dwmapi.dll [Debug Info] (record 1 of 1) (file offset 0xFD440) Characteristics : 0x0 | TimeDateStamp : 0x55F7D8C6 (Tue 15th Sep 2015 08:37:26 (GMT)) | MajorVer : 0 / MinorVer : 0 -> (0.0) Type : 2 (0x2) -> CodeView | Size : 0x47 (71) AddressOfRawData : 0x116D20 | PointerToRawData : 0x115920 CvSig : 0x53445352 | SigGuid A6356DD1-3EFD-4526-8C413FF1E37610E2 Age : 0x1 (1) | Pdb : C:\Branch\win\Release\stubs\x86\ExternalUi.pdb [-= Installer =-] Advanced Installer Module ! [CompilerDetect] -> Visual C++ 9.0 (Visual Studio 2008) - Scan Took : 3.952 Second(s) [000000BE8h (3048) tick(s)] [566 of 580 scan(s) done] --- snip ---

Using 'signtool.exe' from Windows SDK:

--- snip --- $ wine signtool.exe verify /pa /v CodeXL_Win_2.3.629.exe

Verifying: CodeXL_Win_2.3.629.exe SignTool Error: No signature found.

Number of files successfully Verified: 0 Number of warnings: 0 Number of errors: 1 --- snip ---

Using a modified of the patch from https://bugs.winehq.org/show_bug.cgi?id=27576#c4 with severity value fixed it runs into bug 34989

--- snip --- 0066:Call KERNEL32.CreateFileW(00954070 L"\\.\pipe\ToServerAdvinst_Extract_Z:\home\focht\Downloads\CodeXL_Win_2.3.629.exe",c0000000,00000000,00000000,00000003,00000000,00000000) ret=00348f01 0066:Ret KERNEL32.CreateFileW() retval=000000e8 ret=00348f01 ... 0037:Ret KERNEL32.WaitForSingleObject() retval=00000102 ret=0047e5b3 0037:Call KERNEL32.WaitForSingleObject(00000064,000000c8) ret=0047e5b3 0037:Ret KERNEL32.WaitForSingleObject() retval=00000102 ret=0047e5b3 0037:Call KERNEL32.WaitForSingleObject(00000064,000000c8) ret=0047e5b3 0037:Ret KERNEL32.WaitForSingleObject() retval=00000102 ret=0047e5b3 ... <forever> --- snip ---

The patch from https://bugs.winehq.org/show_bug.cgi?id=34989#c22 makes it run to completion.

I'd keep bug 27576 around for the hang (another problem on top) and use this one for the message string failure.

@austin

https://bugs.winehq.org/attachment.cgi?id=49966

'Severity=Error' (0x3) is wrong, the severity value is shifted 30 bits so 0x800b0100 -> severity = 0x2

It seems there is a specific severity for COM/OLE errors, represented by 'STATUS_SEVERITY_COERROR' -> 'CoError=0x2'

$ wine --version wine-2.8-133-g3f01ab4c39

$ sha1sum CodeXL_Win_2.3.629.exe b2a0b3def9ce00da17c88b1ca539dca2dacb3860 CodeXL_Win_2.3.629.exe

$ du -sh CodeXL_Win_2.3.629.exe 135M CodeXL_Win_2.3.629.exe

Regards