[Bug 39262] DiscordSetup.exe (.NET 4.5.2 app): Squirrell installer requires being run as unelevated process (' explorer.exe' should run unelevated by default with Vista+ setting)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sun Jun 25 08:43:48 CDT 2017
https://bugs.winehq.org/show_bug.cgi?id=39262
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|DiscordSetup.exe doesn`t |DiscordSetup.exe (.NET
|run (Squirrell installer |4.5.2 app): Squirrell
|fails) |installer requires being
| |run as unelevated process
| |('explorer.exe' should run
| |unelevated by default with
| |Vista+ setting)
URL|https://discordapp.com/ |https://discordapp.com/api/
| |download?platform=win
Keywords| |Installer
CC| |focht at gmx.net
--- Comment #6 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
updating the bug report...
As Louis already mentioned, the Discord bootstrapper installer
(Squirrel.Windows) checks for .NET Framework 4.5.x and attempts to download the
MS redistributable via Bits (which is another issue) if Wine-Mono is not
present (or not usable which is the more common case).
--- snip ---
...
0052:fixme:qmgr:BackgroundCopyJob_AddFileSet Check for valid filenames and
supported protocols
...
0040:trace:loaddll:free_modref Unloaded module
L"C:\\windows\\system32\\actxprxy.dll" : builtin
0040:trace:loaddll:free_modref Unloaded module
L"C:\\windows\\system32\\qmgrprxy.dll" : builtin
0040:trace:loaddll:load_builtin_dll Loaded
L"C:\\windows\\system32\\actxprxy.dll" at 0xf6ad0000: builtin
0040:trace:loaddll:load_builtin_dll Loaded
L"C:\\windows\\system32\\qmgrprxy.dll" at 0xf6db0000: builtin
0051:fixme:qmgr:BackgroundCopyJob_AddFileSet Check for valid filenames and
supported protocols
0052:fixme:qmgr:BackgroundCopyJob_SetPriority (0x124b30)->(0): stub
0051:fixme:qmgr:BackgroundCopyJob_SetNoProgressTimeout (0x124b30)->(120): stub
0040:err:ole:marshal_object Failed to create an IRpcStubBuffer from IPSFactory
for {659cdeac-489e-11d9-a9cd-000d56965251} with error 0x80004002
0052:err:ole:ClientIdentity_QueryMultipleInterfaces
IRemUnknown_RemQueryInterface failed with error 0x80004002
...
--- snip ---
'{659cdeac-489e-11d9-a9cd-000d56965251}' -> 'IBackgroundCopyCallback2'
'SquirrelSetup.log':
--- snip ---
...
[6/25/2017, 14:28:9]Signature verified, verifying signer
[6/25/2017, 14:28:9]C:\2c5c84849edfde078761d2c84c\SetupUtility.exe - Signature
verified successfully for SetupUtility.exe
[6/25/2017, 14:28:9] C:\2c5c84849edfde078761d2c84c\SetupUtility.exe Signature
verified successfully for SetupUtility.exe
[6/25/2017, 14:28:9]Signature verification succeeded for SetupUtility.exe
[6/25/2017, 14:28:9]File C:\2c5c84849edfde078761d2c84c\SetupUtility.exe, locked
for install.
[6/25/2017, 14:28:9]Verifying Digital Signatures:
C:\2c5c84849edfde078761d2c84c\SetupUtility.exe Success
[6/25/2017, 14:28:9]Downloading http://go.microsoft.com/fwlink/ to
C:\2c5c84849edfde078761d2c84c\Windows6.1-KB958488-v6001-x86.msu
{[6/25/2017, 14:28:9] Action: Downloading Item ...
}
[6/25/2017, 14:28:9]Starting download attempt 1 of 4 for
http://go.microsoft.com/fwlink/?LinkId=249117&clcid=0x409 using None
[6/25/2017, 14:28:9]Log File C:\users\focht\Temp\dd_BITS.log does not yet exist
but may do at Watson upload time
[6/25/2017, 14:28:10]evaluating IsPresent:
[6/25/2017, 14:28:10]returning false
[6/25/2017, 14:28:10]Log File C:\users\focht\Temp\dd_BITS.log does not yet
exist but may do at Watson upload time
{[6/25/2017, 14:28:10] Action: Downloading
http://go.microsoft.com/fwlink/?LinkId=249117&clcid=0x409 using BITS ...
}
--- snip ---
-> 'winetricks -q dotnet452'
With that prerequisite satisfied, it goes into an endless loop:
--- snip --
...
Start up installer:
Want machine install
Start up installer:
Want machine install
we are UAC elevated, so restart Z:\home\focht\Downloads\DiscordSetup.exe,
Start up installer:
Want machine install
we are UAC elevated, so restart Z:\home\focht\Downloads\DiscordSetup.exe,
<repeats endlessly>
...
--- snip --
The bootstrapper detects the installer as elevated process and tries restart as
unelevated process using Explorer shell (IShellDispatch2::ShellExecute).
Wine 'explorer.exe' doesn't get special treatment, it runs elevated by default
(like any other process), hence the endless loop.
Corresponding source code of the 'Squirrel' bootstrapper:
https://github.com/hammerandchisel/Squirrel.Windows
https://github.com/hammerandchisel/Squirrel.Windows/blob/master/src/Setup/winmain.cpp
--- snip ---
...
bool weAreUACElevated = CUpdateRunner::AreWeUACElevated() == S_OK;
bool explicitMachineInstall = (cmdLine.Find(L"--machine") >= 0);
if (explicitMachineInstall || weAreUACElevated) {
LogMessage(false, L"Want machine install");
...
--- snip ---
https://github.com/hammerandchisel/Squirrel.Windows/blob/master/src/Setup/UpdateRunner.cpp#L37
--- snip ---
HRESULT CUpdateRunner::AreWeUACElevated()
{
HANDLE hProcess = GetCurrentProcess();
HANDLE hToken = 0;
HRESULT hr;
if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken)) {
hr = HRESULT_FROM_WIN32(GetLastError());
goto out;
}
TOKEN_ELEVATION_TYPE elevType;
DWORD dontcare;
if (!GetTokenInformation(hToken, TokenElevationType, &elevType,
sizeof(TOKEN_ELEVATION_TYPE), &dontcare)) {
hr = HRESULT_FROM_WIN32(GetLastError());
goto out;
}
hr = (elevType == TokenElevationTypeFull ? S_OK : S_FALSE);
LogMessage(false, L"Elevated process: %s\n", (hr == S_OK) ? "yes" : "no");
out:
if (hToken) {
CloseHandle(hToken);
}
return hr;
}
--- snip ---
https://github.com/hammerandchisel/Squirrel.Windows/blob/master/src/Setup/UpdateRunner.cpp#L112
--- snip ---
HRESULT CUpdateRunner::ShellExecuteFromExplorer(LPWSTR pszFile, LPWSTR
pszParameters)
{
HRESULT hr;
CComPtr<IShellFolderViewDual> spFolderView;
hr = GetDesktopAutomationObject(IID_PPV_ARGS(&spFolderView));
if (FAILED(hr)) return hr;
CComPtr<IDispatch> spdispShell;
hr = spFolderView->get_Application(&spdispShell);
if (FAILED(hr)) return hr;
return CComQIPtr<IShellDispatch2>(spdispShell)->ShellExecute(
CComBSTR(pszFile),
CComVariant(pszParameters ? pszParameters : L""),
CComVariant(L""),
CComVariant(L""),
CComVariant(SW_SHOWDEFAULT));
}
--- snip ---
MSDN blog entry which describes the method with example code:
https://blogs.msdn.microsoft.com/oldnewthing/20131118-00/?p=2643
("How can I launch an unelevated process from my elevated process and vice
versa?")
$ sha1sum DiscordSetup.exe
5afe638501000efdc5967e6b6aca3aeb0453e91d DiscordSetup.exe
$ du -sh DiscordSetup.exe
51M DiscordSetup.exe
$ wine --version
wine-2.11
ProtectionID scan for exact bootstrapper version:
--- snip ---
Scanning -> Z:\home\focht\Downloads\DiscordSetup.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 52553728 (0321E800h)
Byte(s) | Machine: 0x14C (I386)
Compilation TimeStamp : 0x56A1C7D8 -> Fri 22nd Jan 2016 06:10:32 (GMT)
[TimeStamp] 0x56A1C7D8 -> Fri 22nd Jan 2016 06:10:32 (GMT) | PE Header | - |
Offset: 0x00000110 | VA: 0x00400110 | -
[TimeStamp] 0x56A1C7D8 -> Fri 22nd Jan 2016 06:10:32 (GMT) | DebugDirectory | -
| Offset: 0x0001EE94 | VA: 0x00420294 | -
[TimeStamp] 0x56A1C7D8 -> Fri 22nd Jan 2016 06:10:32 (GMT) | DebugDirectory | -
| Offset: 0x0001EEB0 | VA: 0x004202B0 | -
-> File Appears to be Digitally Signed @ Offset 0321AA00h, size : 03E00h /
015872 byte(s)
[!] Executable uses SEH Tables (/SAFESEH) (32 calculated 32 recorded... 0
invalid addresses)
[File Heuristics] -> Flag #1 : 00000100000001001101000000000100 (0x0404D004)
[Entrypoint Section Entropy] : 6.64 (section #0) ".text " | Size : 0x1E713
(124691) byte(s)
[DllCharacteristics] -> Flag : (0x8140) -> ASLR | DEP | TSA
[SectionCount] 5 (0x5) | ImageSize 0x321F000 (52555776) byte(s)
[VersionInfo] Company Name : Hammer & Chisel. Inc.
[VersionInfo] Product Name : Discord - https://discordapp.com/
[VersionInfo] Product Version : 0.0.297
[VersionInfo] File Description : Discord - https://discordapp.com/
[VersionInfo] File Version : 0.0.297
[VersionInfo] Original FileName : Setup.exe
[VersionInfo] Internal Name : Setup.exe
[VersionInfo] Legal Copyrights : Copyright (c) 2015 Hammer & Chisel. Inc. All
rights reserved.
[ModuleReport] [IAT] Modules -> KERNEL32.dll | USER32.dll | ADVAPI32.dll |
SHELL32.dll | ole32.dll | OLEAUT32.dll | urlmon.dll | COMCTL32.dll
[Debug Info] (record 1 of 2) (file offset 0x1EE90)
Characteristics : 0x0 | TimeDateStamp : 0x56A1C7D8 (Fri 22nd Jan 2016 06:10:32
(GMT)) | MajorVer : 0 / MinorVer : 0 -> (0.0)
Type : 2 (0x2) -> CodeView | Size : 0x54 (84)
AddressOfRawData : 0x28AF0 | PointerToRawData : 0x276F0
CvSig : 0x53445352 | SigGuid 76C3FB1A-E82F-4419-930C7AC592F64CA0
Age : 0x1 (1) | Pdb :
c:\tmp\squirrel\-1240161847\src\Setup\bin\Release\Setup.pdb
[Debug Info] (record 2 of 2) (file offset 0x1EEAC)
Characteristics : 0x0 | TimeDateStamp : 0x56A1C7D8 (Fri 22nd Jan 2016 06:10:32
(GMT)) | MajorVer : 0 / MinorVer : 0 -> (0.0)
Type : 12 (0xC) -> Undocumented | Size : 0x14 (20)
AddressOfRawData : 0x28B44 | PointerToRawData : 0x27744
[CompilerDetect] -> Visual C++ 12.0 (Visual Studio 2012)
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 7.317 Second(s) [000001E03h (7683) tick(s)] [506 of 580 scan(s)
done]
--- snip ---
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list