[Bug 37387] Age of Empires 2 crashes on startup (Safedisc v1.5 encrypted .ICD must be already decrypted when calling/resuming entry point)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat Sep 26 12:32:22 CDT 2015
https://bugs.winehq.org/show_bug.cgi?id=37387
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |obfuscation
Status|UNCONFIRMED |RESOLVED
CC| |focht at gmx.net
Resolution|--- |ABANDONED
Summary|Age of Empires 2: Illegal |Age of Empires 2 crashes on
|32-bit code instruction |startup (Safedisc v1.5
| |encrypted .ICD must be
| |already decrypted when
| |calling/resuming entry
| |point)
--- Comment #3 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
the crash is the result of entry point called while the ICD was still
encrypted. This should never happen ;-)
Looks like bug 9925 which was fixed a long time ago (Wine 0.9.50).
OP's host setup was likely broken (Linux kernel, Wine build).
--- snip ---
-=[ ProtectionID v0.6.6.7 DECEMBER]=-
(c) 2003-2015 CDKiLLER & TippeX
Build 24/12/14-22:48:13
Scanning -> Z:\home\focht\Downloads\aoe2\Age of Empires II\EMPIRES.EXE
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 344863 (05431Fh)
Byte(s)
Compilation TimeStamp : 0x39660360 -> Fri 07th Jul 2000 16:20:48 (GMT)
[TimeStamp] 0x39660360 -> Fri 07th Jul 2000 16:20:48 (GMT) | PE Header | - |
Offset: 0x000000B8 | VA: 0x004000B8 | -
-> File has 1311 (051Fh) bytes of appended data starting at offset 053E00h
[File Heuristics] -> Flag #1 : 00000000000001001100000000000101 (0x0004C005)
[Entrypoint Section Entropy] : 6.63 (section #1) ".text " | Size : 0x12A00
(76288) byte(s)
[DllCharacteristics] -> Flag : (0x0000) -> NONE
[SectionCount] 7 (0x7) | ImageSize 0x5A000 (368640) byte(s)
[VersionInfo] Company Name : Microsoft Corporation
[VersionInfo] Product Name : Age of Empires II
[VersionInfo] Product Version : 2.0a
[VersionInfo] File Description : Age of Empires II
[VersionInfo] File Version : 00.14.22.0712
[VersionInfo] Original FileName : EMPIRES2.EXE
[VersionInfo] Internal Name : EMPIRES2
[VersionInfo] Legal Copyrights : Copyright © Microsoft Corp. 1999
[!] Safedisc v1.50.020 detected !
[CompilerDetect] -> Visual C++ 5.1
- Scan Took : 0.442 Second(s) [0000001BAh (442) tick(s)] [558 of 573 scan(s)
done]
Scanning -> Z:\home\focht\Downloads\aoe2\Age of Empires II\EMPIRES2.ICD
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 2555949 (027002Dh)
Byte(s)
Compilation TimeStamp : 0x3981D1DF -> Fri 28th Jul 2000 18:33:03 (GMT)
[TimeStamp] 0x3981D1DF -> Fri 28th Jul 2000 18:33:03 (GMT) | PE Header | - |
Offset: 0x00000100 | VA: 0x00400100 | -
-> File has 45 (02Dh) bytes of appended data starting at offset 0270000h
[File Heuristics] -> Flag #1 : 00000000000000000000010000000100 (0x00000404)
[Entrypoint Section Entropy] : 8.00 (section #0) ".text " | Size : 0x20DB5D
(2153309) byte(s)
[DllCharacteristics] -> Flag : (0x0000) -> NONE
[SectionCount] 7 (0x7) | ImageSize 0x381000 (3674112) byte(s)
[VersionInfo] Company Name : Microsoft Corporation
[VersionInfo] Product Name : Age of Empires II
[VersionInfo] Product Version : 2.0a
[VersionInfo] File Description : Age of Empires II
[VersionInfo] File Version : 00.14.22.0712
[VersionInfo] Original FileName : EMPIRES2.EXE
[VersionInfo] Internal Name : EMPIRES2
[VersionInfo] Legal Copyrights : Copyright © Microsoft Corp. 1999
[!] Safedisc v1.50.020 protected ICD file !
[CompilerDetect] -> Visual C++ 6.0
- Scan Took : 0.958 Second(s) [0000003BEh (958) tick(s)] [558 of 573 scan(s)
done]
--- snip ---
--- snip ---
Wine-dbg>
0x7b86e739 call_process_entry+0x9 in kernel32: call *0xc(%ebp)
Wine-dbg>
0x005fe3c1 EntryPoint in empires2.icd: repne s 0xffffffbc(%ecx)
Wine-dbg>disas 0x005fe3c1
0x005fe3c1 EntryPoint in empires2.icd: repne s 0xffffffbc(%ecx)
0x005fe3c5: movb $0x9e,%dl
0x005fe3c7: ficoms 0x14(%edx)
0x005fe3ca: andb %al,%ah
0x005fe3cc: movb $0x16,%bl
0x005fe3ce: adcl 0x328cd7d0(%edi),%esp
0x005fe3d4: adcl %ecx,%esi
0x005fe3d6: adcb 0x0(%eax),%ch
0x005fe3d8: movsb (%esi),%es:(%edi)
0x005fe3d9: subb $-43,%al
--- snip ---
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list