https://bugs.winehq.org/show_bug.cgi?id=49052

lcrndrrr lcrndrrr@gmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |lcrndrrr@gmail.com

https://bugs.winehq.org/show_bug.cgi?id=49052

--- Comment #2 from Fabian Maurer dark.shadow4@web.de --- Created attachment 67058 --> https://bugs.winehq.org/attachment.cgi?id=67058 Relay log

Further insight: On windows the game creates two temporary files, under c:/users/USER/Temp with the format evbXXXX.tmp. One of them is empty, the other is a dll which is then loaded. Under wine, only the empty file is created, the temporary dll is not created/loaded and I guess this causes problems.

Adding a +relay log if someone wants to take a look...

https://bugs.winehq.org/show_bug.cgi?id=49052

Anastasius Focht focht@gmx.net changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |focht@gmx.net

--- Comment #4 from Anastasius Focht focht@gmx.net --- Hello folks,

from your comments it pretty much looks like standard application virtualization/sandboxing using native API hooking.

Paul already mentioned bug 33236, there are others as well. It could be a combination of multiple issues. Some of these sandboxing schemes rely on the native API call sequence(s) matching Windows loader.

* bug 33236 ("Multiple application virtualization schemes rely on LdrLoadDll to behave like native Windows loader (NtOpenFile, NtXXXSection) (VMWare ThinApp 4.x, BoxedApp)")

* bug 38950 ("Creo Elements/Direct Modeling Express 6.0 .NET based licensing tool crashes on startup (Xenocode VM, 'load_native_dll' must also allow imports resolving for 'EXECUTABLE_IMAGE')")

* bug 23451 ("VMWare Thinapps (packaged with version >4.5) and XenoCode wrapped apps fail to run (differences in process creation sequence at native API level)")

If registry virtualization is involved:

* bug 38956 ("Multiple applications wrapped with Xenocode fail with .NET Framework error (Creo Elements, Neuro-Programmer v2.5)(registry virtualization fails to intercept Wine's root key handles)")

Regards

https://bugs.winehq.org/show_bug.cgi?id=49052

--- Comment #6 from Paul Gofman pgofman@codeweavers.com --- (In reply to Fabian Maurer from comment #5)

It's a bit difficult, since it's a paid game. However, I'd be willing to share my account temporarily for debugging purposes, if that'd be ok. Just know that the client is all Japanese and that you might need a VM to download, since the client doesn't work too well on Wine.

(In reply to Fabian Maurer from comment #5)

@Anastasius, @Paul Thanks for your comments. I'm not sure what it does, but to be it seems pretty strange. As a small note, the fake "plugin.dll" and "executeAPI" from the patch are enough to get the game to run. Note that on windows, there is no plugin.dll either - only that temporary DLL. Maybe a fallback when the temporary DLL can't be loaded? It only seems need that ZwOpenFile patch when actually having a real DLL called plugin.dll in the folder.

This DLL must be spoofed by Enigma through hooking ntdll API, Wine needs to work through hooked NtOpenFile, file and section I/O entirely to get that DLL loaded like on Windows. It is strange that the game works without, maybe it is needed later.

...

from your comments it pretty much looks like standard application virtualization/sandboxing using native API hooking.

Mh, could be, ENIGMA is known to do that. I don't know how I would debug something like that though - I hope'd it'd be simpler.

Yes, it is known, but it would maybe be interesting to debug what exactly it needs to work and maybe fix these, as lining up just every API to depend on the other calls exactly like on on Windows is somewhat hard to approach at once. Part of this work has been done when moving the functions to kernelbase, but Enigma depends on some calls been correctly routed to hooks within ntdll itself.

...

Is there any way I can get this game to test?

It's a bit difficult, since it's a paid game. However, I'd be willing to share my account temporarily for debugging purposes, if that'd be ok. Just know that the client is all Japanese and that you might need a VM to download, since the client doesn't work too well on Wine.

I can probably buy it, I just need an exact link to the correct game and version, and maybe some exact install instructions to avoid spending time for bypassing unrelated problems.

https://bugs.winehq.org/show_bug.cgi?id=49052

Chris Moeller chris@kode54.net changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |chris@kode54.net

--- Comment #8 from Chris Moeller chris@kode54.net --- Another potentially Enigma protected title, and this one is in English, Spanish, French, and German: Blossom Tales: The Sleeping King. It's on Steam, and it's 60% off for the next 25 hours from this posting. It's also a .NET Framework 4.x application, using the XNA 4.0 framework. Also totally safe for the whole family, if you're looking for a test title that isn't porn.

It also appears to use its hooking to bundle and import the invisible libraries, SlimDX.DirectInput, and the Steamworks api for handling achievements. All resources are bundled into a single monolithic 600mb executable.

https://bugs.winehq.org/show_bug.cgi?id=49052

--- Comment #9 from Paul Gofman pgofman@codeweavers.com --- Created attachment 68331 --> https://bugs.winehq.org/attachment.cgi?id=68331 Bypass NtOpenFile in NtGetNlsSectionPtr()

I've tested the Blossom Tales: The Sleeping King with the latest Wine and it is almost there. The following upstream changes made the hidden DLLs load ok now: - moving most of Nt... functions to the Unix part of ntdll; - reworking loader so that it fully works through Nt functions now and thus does not depend on the dll being placed as a Unix disk file.

Still with mainstream Wine the game hits stack overflow exception at start. That happens because NtGetNlsSectionPtr() is not in the Unix part yet. It calls NtOpenFile which is hotpatched by Enigma, and Enigma uses kernelbase locale functions to handle the file name. This results in infinite recursion. The attached proof of concept hack makes the game start fine for me. So this should work in a proper way once NtGetNlsSectionPtr gets moved to the Unix part.

I also tested 'The Rising of the Shield Hero Relive The Animation' which had the same issues and it is also working fine for me with the attached hack.

https://bugs.winehq.org/show_bug.cgi?id=49052

--- Comment #11 from Fabian Maurer dark.shadow4@web.de --- For this issue, I can only test until I hit the" Not installed properly" message, because the DMM Launcher doesn't work yet...

Anyways, that works since wine-5.16.

https://bugs.winehq.org/show_bug.cgi?id=49052

--- Comment #12 from Rafał Mużyło galtgendo@o2.pl --- Well, I'm not 100% sure it's a regression or a new issue, but a *trial* of this game crashes now without even displaying the window...

https://bugs.winehq.org/show_bug.cgi?id=49052

Fabian Maurer dark.shadow4@web.de changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Fixed by SHA1| |54c31d5332a71d785db1b73cf3b | |e41818adeab8a Resolution|--- |FIXED

--- Comment #14 from Fabian Maurer dark.shadow4@web.de --- Marking fixed. Just tested with the DMM client, and it can run the copy-protected game just fine. There's other issues, but this one is fixed.