[Bug 47480] Multiple .NET 4.x games and applications crash in rsaenh (Rhinoceros 6, Project Reality Launcher 5.5.x)(CryptEncrypt / CryptDecrypt must support state reset)
WineHQ Bugzilla
wine-bugs at winehq.org
Sat Dec 28 22:34:38 CST 2019
https://bugs.winehq.org/show_bug.cgi?id=47480
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Rhinoceros 6 (.NET 4.x app) |Multiple .NET 4.x games and
|crashes in rsaenh during |applications crash in
|local license file |rsaenh (Rhinoceros 6,
|validation |Project Reality Launcher
| |5.5.x)(CryptEncrypt /
| |CryptDecrypt must support
| |state reset)
--- Comment #2 from Anastasius Focht <focht at gmx.net> ---
Hello Lorenzo,
--- quote ---
Project Reality Launcher 5.5.0 is also affected from this bug. (prequisiste
winetricks dotnet40)
--- quote ---
indeed, refining summary to reflect this.
Managed backtrace of 'PRLauncher' process:
--- snip ---
Unhandled Exception: System.Reflection.TargetInvocationException: Exception has
been thrown by the target of an invocation. --->
System.Reflection.TargetInvocationException: Exception has been thrown by the
target of an invocation. ---> System.AccessViolationException: Attempted to
read or write protected memory. This is often an indication that other memory
is corrupt.
at
System.Security.Cryptography.CapiNative.UnsafeNativeMethods.CryptDecrypt(SafeCapiKeyHandle
hKey, SafeCapiHashHandle hHash, Boolean Final, Int32 dwFlags, IntPtr pbData,
Int32& pdwDataLen)
at System.Security.Cryptography.CapiSymmetricAlgorithm.Reset()
at
System.Security.Cryptography.CapiSymmetricAlgorithm.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.Read(Byte[] buffer, Int32
offset, Int32 count)
at System.IO.StreamReader.ReadBuffer()
at System.IO.StreamReader.ReadToEnd()
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method,
Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes
methodAttributes, RuntimeType typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(IRuntimeMethodInfo method,
Object target, Object[] arguments, Signature sig, MethodAttributes
methodAttributes, RuntimeType typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean
skipVisibilityChecks)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.Reflection.MethodBase.Invoke(Object obj, Object[] parameters)
...
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.WhereEnumerableIterator`1.MoveNext()
at System.Linq.Enumerable.FirstOrDefault[TSource](IEnumerable`1 source)
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method,
Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes
methodAttributes, RuntimeType typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean
skipVisibilityChecks)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.Reflection.MethodBase.Invoke(Object obj, Object[] parameters)
...
at PRLauncher.WPF.ViewModel.MainWindowViewModel.<.ctor>b__121_18()
...
at -.f.c()
wine: Unhandled exception 0xe0434352 in thread 2d at address 000000007104F93D
(thread 002d), starting debugger...
--- snip ---
--- snip ---
Threads:
process tid prio (all id:s are in hex)
...
0000002c (D) C:\Program Files (x86)\Project Reality\Project Reality
BF2\mods\pr\bin\PRLauncher.exe
00000042 0
...
0000002e 0
0000002d 0 <==
--- snip --
Corresponding .NET reference source:
'TransformFinalBlock' ->
https://github.com/microsoft/referencesource/blob/master/System.Core/System/Security/Cryptography/CapiSymmetricAlgorithm.cs#L510
which calls 'Reset' method ->
https://github.com/microsoft/referencesource/blob/master/System.Core/System/Security/Cryptography/CapiSymmetricAlgorithm.cs#L422
--- snip ---
/// <summary>
/// Reset the state of the algorithm so that it can begin
processing a new message
/// </summary>
[SecuritySafeCritical]
private void Reset() {
Contract.Requires(m_key != null);
Contract.Ensures(m_depadBuffer == null);
//
// CryptEncrypt / CryptDecrypt must be called with the Final
parameter set to true so that
// their internal state is reset. Since we do all padding by hand,
this isn't done by
// TransformFinalBlock so is done on an empty buffer here.
//
byte[] buffer = new byte[OutputBlockSize];
int resetSize = 0;
unsafe {
fixed (byte* pBuffer = buffer) {
if (m_encryptionMode == EncryptionMode.Encrypt) {
...
}
else {
if
(!LocalAppContextSwitches.AesCryptoServiceProviderDontCorrectlyResetDecryptor)
{
resetSize = buffer.Length;
}
CapiNative.UnsafeNativeMethods.CryptDecrypt(m_key,
SafeCapiHashHandle.InvalidHandle,
true,
0,
new
IntPtr(pBuffer),
ref
resetSize);
}
}
}
// Also erase the depadding buffer so we don't cross data from the
previous message into this one
if (m_depadBuffer != null) {
Array.Clear(m_depadBuffer, 0, m_depadBuffer.Length);
m_depadBuffer = null;
}
}
--- snip ---
The function description highlights the use-case:
--- quote ---
Reset the state of the algorithm so that it can begin processing a new message
--- quote ---
Another tidbit from the sources, indicating a workaround:
'LocalAppContextSwitches.AesCryptoServiceProviderDontCorrectlyResetDecryptor'
Download:
http://files.realitymod.com/downloadassistant/PRBF2-Download-Assistant.exe
$ sha1sum prbf2_1.5.0.0_full.iso
b097e6cef3fa063a08fddd945ac74b389f864806 prbf2_1.5.0.0_full.iso
$ du -sh prbf2_1.5.0.0_full.iso
8.3G prbf2_1.5.0.0_full.iso
$ wine --version
wine-5.0-rc3
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list