[Bug 47175] New: Star Wars - The Old Republic web-installer fails with ' ... require administrative permission acknowledgment' ( BitRaider filter driver SCM config 'ImagePath' must be prefixed with '\??\ ')
wine-bugs at winehq.org
wine-bugs at winehq.org
Sun May 12 09:06:48 CDT 2019
https://bugs.winehq.org/show_bug.cgi?id=47175
Bug ID: 47175
Summary: Star Wars - The Old Republic web-installer fails with
'... require administrative permission acknowledgment'
(BitRaider filter driver SCM config 'ImagePath' must
be prefixed with '\??\')
Product: Wine
Version: 4.8
Hardware: x86-64
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: -unknown
Assignee: wine-bugs at winehq.org
Reporter: focht at gmx.net
Distribution: ---
Hello folks,
found this comment:
https://old.reddit.com/r/wine_gaming/comments/bmpsaw/support_components_as_in_spyware_failed_to/
which is related to the BitRaider service/component/technology
(https://www.bitraider.com/)
Further articles for reference:
*
https://www.reddit.com/r/swtor/comments/5wt85k/guide_how_to_run_swtor_on_osxmacos_using_wine/
*
https://www.reddit.com/r/swtor/comments/bcqg0h/anyone_else_experience_this_i_deleted_the/
*
https://www.reddit.com/r/swtor/comments/3ksypm/guide_to_permanently_removing_bitraider_and/
*
https://www.codeweavers.com/compatibility/crossover/tips/star-wars-the-old-republic/installation-of-drivers-require-administrative-permision
There are actually multiple interesting bugs behind the BitRaider functionality
(streaming downloader/content distribution system).
The first issues have to with the way the Windows service configuration (SCM)
is stored/handled in registry. The folks who wrote this piece of gar....^ have
an interesting way of using Windows service control manager API and bypassing
it completely when dealing with kernel/filter driver service configurations.
I leave you out some hours of investigations with dead-ends and misleading log
output.
There is a helper (console) app which is used to install and configure
BitRaider. At least three log file locations are of interest during
boostrapping of the game installer/launcher which includes set up of BitRaider.
--- snip ---
.wine/drive_c/ProgramData/BitRaider/common/logs/BR_Debuglog.txt
...
.wine/drive_c/Star Wars-The Old Republic/bitraider/logs/swtor_swtor.txt
...
.wine/drive_c/Star Wars-The Old Republic/logs/launcher_20190511.log
--- snip ---
'swtor_swtor.txt'
--- snip ---
...
1.3.3.4098 2014/10/10 15:09 1.3.3_hotfix #22 Logfile updated
2019/05/11 08:55:16.927:[INFO]MachineId: LAV9AVgtU0VCMUctcjMVNSIAbgBuADMA PID:
8
2019/05/11 08:55:16.929:[INFO]Language ID: 1033 Kernel:
C:\windows\system32\ntoskrnl.exe
2019/05/11 08:55:16.929:[INFO]Host OS: Windows 7 [6.1.7601.21863] - 64-Bit -
Release Client. - Process Elevated - User Fully Elevated
2019/05/11 08:55:16.929:[INFO]Exepath: C:\Star Wars-The Old
Republic\bitraider\bin\brwc.exe
2019/05/11 08:55:16.929:[INFO]Command Parms: "brdestpath=c:\star wars-the old
republic" brlocalebank=0 id=swtor_swtor -brnolaunch -brnoui brcallingpid=8
2019/05/11 08:55:16.937:[INFO]Connecting to Service Core, command: 13
2019/05/11 08:55:16.942:[INFO]CBRWCApp: Loaded common path "c:\star wars-the
old republic\Bitraider\bin\" for ID=swtor_swtor
2019/05/11 08:55:16.993:[INFO]STLEFE: Skipping extract to C:\Star Wars-The Old
Republic\bitraider\bin\BRException.exe; identical to reource
2019/05/11 08:55:16.995:[INFO]STLEFE: Skipping extract to
C:\ProgramData\BitRaider\common\BRException.exe; identical to reource
2019/05/11 08:55:16.998:[INFO]STLEFE: Skipping extract to C:\Star Wars-The Old
Republic\bitraider\bin\BRExtPipe.dll; identical to reource
2019/05/11 08:55:16.999:[INFO]STLEFE: Skipping extract to
C:\ProgramData\BitRaider\BRExtPipe.dll; identical to reource
2019/05/11 08:55:17.033:[CRIT](BRDriver64_1_3_3_E02B25FC): reading 'ImagePath'
string under key System\CurrentControlSet\Services\BRDriver64_1_3_3_E02B25FC
failed. error code 0
2019/05/11 08:55:17.042:[INFO]CSTL-StartStopSupportServiceStub: CurrentState: 3
2019/05/11 08:55:18.047:[INFO]CSTL-StartStopSupportServiceStub: CurrentState: 1
2019/05/11 08:55:18.062:[INFO]STLEFE: Skipping extract to
C:\ProgramData\BitRaider\BRSptStub.exe; identical to reource
2019/05/11 08:55:18.081:[INFO]Attempting to install a new copy of the service
helper.
2019/05/11 08:55:18.540:[INFO]Support Service Successfully installed
2019/05/11 08:55:18.541:[CRIT](BRDriver64_1_3_3_E02B25FC): reading
'Ima2019/05/11 08:59:45.826:[INFO]
...
--- snip ---
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Star Wars-The Old Republic/bitraider/bin
$ WINEDEBUG=+seh,+relay,+server,+reg,+service wine ./brwc.exe
brdestpath="c:\star wars-the old republic" brlocalebank=0 id=swtor_swtor
-brnolaunch -brnoui brcallingpid=8 >>log.txt 2>&1
...
0082:Call KERNEL32.GetModuleHandleW(007683c8 L"kernel32.dll") ret=004aaaec
0082:Ret KERNEL32.GetModuleHandleW() retval=7b430000 ret=004aaaec
0082:Call KERNEL32.GetProcAddress(7b430000,00769538 "GetSystemWow64DirectoryW")
ret=004aaafc
0082:Ret KERNEL32.GetProcAddress() retval=7b43675c ret=004aaafc
0082:Call KERNEL32.GetSystemWow64DirectoryW(0031c660,00000104) ret=004aab0e
0082:Ret KERNEL32.GetSystemWow64DirectoryW() retval=00000013 ret=004aab0e
...
0082:Call advapi32.RegOpenKeyExW(80000002,0031d0ec
L"System\\CurrentControlSet\\Services\\BRDriver64_1_3_3_E02B25FC",00000000,00020019,0031c890)
ret=00483205
0082:trace:reg:open_key
(0x2c,L"System\\CurrentControlSet\\Services\\BRDriver64_1_3_3_E02B25FC",20019,0x31c890)
0082: open_key( parent=002c, access=00020019, attributes=00000000,
name=L"System\\CurrentControlSet\\Services\\BRDriver64_1_3_3_E02B25FC" )
0082: open_key() = 0 { hkey=01cc }
0082:trace:reg:open_key <- 0x1cc
0082:Ret advapi32.RegOpenKeyExW() retval=00000000 ret=00483205
0082:Call advapi32.RegQueryValueExW(000001cc,00754df4
L"DisplayName",00000000,0031c88c,0031ceec,0031c894) ret=00483249
0082:trace:reg:RegQueryValueExW
(0x1cc,L"DisplayName",(nil),0x31c88c,0x31ceec,0x31c894=512)
0082:trace:reg:NtQueryValueKey (0x1cc,L"DisplayName",2,0x31c6c4,256)
0082: get_key_value( hkey=01cc, name=L"DisplayName" )
0082: get_key_value() = 0 { type=1, total=52,
data={42,00,52,00,44,00,72,00,69,00,76,00,65,00,72,00,36,00,34,00,5f,00,31,00,5f,00,33,00,5f,00,33,00,5f,00,45,00,30,00,32,00,42,00,32,00,35,00,46,00,43,00,00,00}
}
0082:Ret advapi32.RegQueryValueExW() retval=00000000 ret=00483249
0082:Call advapi32.RegQueryValueExW(000001cc,00754e0c
L"ErrorControl",00000000,0031c88c,0031c888,0031c894) ret=004832b4
0082:trace:reg:RegQueryValueExW
(0x1cc,L"ErrorControl",(nil),0x31c88c,0x31c888,0x31c894=4)
0082:trace:reg:NtQueryValueKey (0x1cc,L"ErrorControl",2,0x31c6c4,16)
0082: get_key_value( hkey=01cc, name=L"ErrorControl" )
0082: get_key_value() = 0 { type=4, total=4, data={01,00,00,00} }
0082:Ret advapi32.RegQueryValueExW() retval=00000000 ret=004832b4
0082:Call advapi32.RegQueryValueExW(000001cc,00754e34
L"ImagePath",00000000,0031c88c,0031ceec,0031c894) ret=00483358
0082:trace:reg:RegQueryValueExW
(0x1cc,L"ImagePath",(nil),0x31c88c,0x31ceec,0x31c894=512)
0082:trace:reg:NtQueryValueKey (0x1cc,L"ImagePath",2,0x31c6c4,256)
0082: get_key_value( hkey=01cc, name=L"ImagePath" )
0082: get_key_value() = 0 { type=1, total=126,
data={43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,44,00,61,00,74,00,61,00,5c,00,42,00,69,00,74,00,52,00,61,00,69,00,64,00,65,00,72,00,5c,00,73,00,75,00,70,00,70,00,6f,00,72,00,74,00,5c,00,31,00,2e,00,33,00,2e,00,33,00,5c,00,45,00,30,00,32,00,42,00,32,00,35,00,46,00,43,00,5c,00,42,00,52,00,44,00,72,00,69,00,76,00,65,00,72,00,36,00,34,00,2e,00,73,00,79,00,73,00,00,00}
}
0082:Ret advapi32.RegQueryValueExW() retval=00000000 ret=00483358
0082:Call KERNEL32.GetLastError() ret=004836aa
0082:Ret KERNEL32.GetLastError() retval=00000000 ret=004836aa
...
0082:Call user32.MessageBoxW(00000000,00c26108 L"Installation of the driver and
support components require administrative permission acknowledgment.\r\nTry
invoking the client again.\r\nInstaller cannot continue. Exiting.",00c28250
L"Fatal error",00000000) ret=0041f794
...
--- snip ---
The app writes kernel/filter driver service configuration directly into
registry ('System\\CurrentControlSet\\Services\\...'), lets the helper service
(userspace side) of the filter driver register the actual kernel service using
SCM and then rewrites parts of the filter driver config again. Yay.
Unfortunately the reason for the first problem can't be seen in trace log, one
has to debug the garbage.
Relevant piece of app code:
--- snip ---
00482F60 | push ebp |
00482F61 | mov ebp,esp |
00482F63 | push FFFFFFFF |
00482F65 | push <brwc.sub_6489B2> |
00482F6A | mov eax,dword ptr fs:[0] |
00482F70 | push eax |
00482F71 | sub esp,A6C |
...
00483002 | push A |
00483004 | push brwc.753C2C | L"BRDriver64"
00483009 | call <brwc.sub_409E60> |
...
0048312F | push C |
00483131 | push brwc.753C78 | L"BRDriver.sys"
00483136 | lea esi,dword ptr ss:[ebp-A48] |
0048313C | call <brwc.sub_40B040> |
00483141 | mov eax,dword ptr ds:[7D19BC] |
00483146 | mov ecx,dword ptr ds:[7D19B8] |
0048314C | mov edx,dword ptr ds:[7D19B4] |
00483152 | push eax |
00483153 | mov eax,dword ptr ds:[7D19B0] |
00483158 | push ecx |
00483159 | push edx |
0048315A | push eax |
0048315B | push brwc.754D84 | L"_%u_%u_%u_%08X"
00483160 | lea esi,dword ptr ss:[ebp-A2C] |
00483166 | call <brwc.sub_408EB0> |
...
004831CA | mov eax,esi |
004831CC | push eax |
; L"System\\CurrentControlSet\\Services\\%s"
004831CD | push brwc.754DA8 |
004831D2 | lea edx,dword ptr ss:[ebp-210] |
004831D8 | push 100 |
004831DD | push edx |
004831DE | call <brwc.sub_60427D> |
...
004832C9 | push 1FE |
004832CE | lea edx,dword ptr ss:[ebp-A0E] |
004832D4 | xor ecx,ecx |
004832D6 | push edi |
004832D7 | push edx |
004832D8 | mov word ptr ss:[ebp-A10],cx |
004832DF | call <brwc.sub_60DD90> |
004832E4 | add esp,C |
004832E7 | push brwc.754E28 | L"\\??\\"
004832EC | lea eax,dword ptr ss:[ebp-A10] |
004832F2 | push 100 |
004832F7 | push eax |
004832F8 | call <brwc.sub_603BD1> |
004832FD | mov eax,dword ptr ss:[ebp-A48] |
00483303 | add esp,C |
00483306 | cmp dword ptr ss:[ebp-A34],8 |
0048330D | jae brwc.483315 |
0048330F | lea eax,dword ptr ss:[ebp-A48] |
00483315 | push eax |
00483316 | lea ecx,dword ptr ss:[ebp-A10] |
0048331C | push 100 |
00483321 | push ecx |
00483322 | call <brwc.sub_606E76> |
00483327 | add esp,C |
0048332A | lea edx,dword ptr ss:[ebp-A68] |
00483330 | push edx |
00483331 | mov edx,dword ptr ss:[ebp-A6C] |
00483337 | lea eax,dword ptr ss:[ebp-410] |
0048333D | push eax |
0048333E | lea ecx,dword ptr ss:[ebp-A70] |
00483344 | push ecx |
00483345 | push edi |
00483346 | push brwc.754E34 | L"ImagePath"
0048334B | push edx |
0048334C | mov dword ptr ss:[ebp-A68],200 |
00483356 | call ebx |
00483358 | test eax,eax |
0048335A | jne brwc.48368F |
...
0048368F | cmp dword ptr ss:[ebp-A18],8 |
00483696 | mov esi,dword ptr ss:[ebp-A2C] |
0048369C | jae brwc.4836A4 |
0048369E | lea esi,dword ptr ss:[ebp-A2C] |
004836A4 | call dword ptr ds:[69438C] |
004836AA | push eax |
004836AB | lea ecx,dword ptr ss:[ebp-210] |
004836B1 | push ecx |
004836B2 | push esi |
; L"(%s): reading 'ImagePath' string under key %s failed. error code %x\n"
004836B3 | push brwc.755180 |
004836B8 | jmp brwc.48370E |
--- snip ---
To cut it short: It seems 'ImagePath' entries for SERVICE_KERNEL_DRIVER or
SERVICE_FILE_SYSTEM_DRIVER driver services are to be prefixed with native
NT-path '\??\' syntax when created via advapi32.CreateServiceA/W().
Manual creation of service config keys by app prior:
--- snip ---
...
003c:Call advapi32.RegCreateKeyExW(80000002,0032f5d4
L"System\\CurrentControlSet\\Services\\BRDriver64_1_3_3_E02B25FC",00000000,0042ab4c,00000000,0000000e,00000000,0032efd0,0032efc8)
ret=0040b176
003c:trace:reg:NtCreateKey
(0x24,L"System\\CurrentControlSet\\Services\\BRDriver64_1_3_3_E02B25FC",L"",0,e,0x32ee14)
003c: create_key( access=0000000e, options=00000000,
objattr={rootdir=0024,attributes=00000000,sd={},name=L"System\\CurrentControlSet\\Services\\BRDriver64_1_3_3_E02B25FC"},
class=L"" )
003c: create_key() = 0 { hkey=0054, created=0 }
003c:trace:reg:NtCreateKey <- 0x54
003c:Ret advapi32.RegCreateKeyExW() retval=00000000 ret=0040b176
003c:Call advapi32.RegSetValueExW(00000054,0042d644
L"DisplayName",00000000,00000001,005f2aa0,00000032) ret=0040b1b6
003c:trace:reg:NtSetValueKey (0x54,L"DisplayName",1,0x5f2aa0,52)
003c: set_key_value( hkey=0054, type=1, namelen=22, name=L"DisplayName",
data={42,00,52,00,44,00,72,00,69,00,76,00,65,00,72,00,36,00,34,00,5f,00,31,00,5f,00,33,00,5f,00,33,00,5f,00,45,00,30,00,32,00,42,00,32,00,35,00,46,00,43,00,00,00}
)
003c: set_key_value() = 0
003c:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040b1b6
003c:Call advapi32.RegSetValueExW(00000054,0042d65c
L"ErrorControl",00000000,00000004,0032efbc,00000004) ret=0040b1e2
003c:trace:reg:NtSetValueKey (0x54,L"ErrorControl",4,0x32efbc,4)
003c: set_key_value( hkey=0054, type=4, namelen=24, name=L"ErrorControl",
data={01,00,00,00} )
003c: set_key_value() = 0
003c:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040b1e2
003c:Call advapi32.RegSetValueExW(00000054,0042d684
L"ImagePath",00000000,00000001,0032efd4,00000084) ret=0040b26c
003c:trace:reg:NtSetValueKey (0x54,L"ImagePath",1,0x32efd4,134)
003c: set_key_value( hkey=0054, type=1, namelen=18, name=L"ImagePath",
data={5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,44,00,61,00,74,00,61,00,5c,00,42,00,69,00,74,00,52,00,61,00,69,00,64,00,65,00,72,00,5c,00,73,00,75,00,70,00,70,00,6f,00,72,00,74,00,5c,00,31,00,2e,00,33,00,2e,00,33,00,5c,00,45,00,30,00,32,00,42,00,32,00,35,00,46,00,43,00,5c,00,42,00,52,00,44,00,72,00,69,00,76,00,65,00,72,00,36,00,34,00,2e,00,73,00,79,00,73,00,00,00}
)
003c: set_key_value() = 0
003c:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040b26c
003c:Call advapi32.RegSetValueExW(00000054,0042d698
L"Start",00000000,00000004,0032efb8,00000004) ret=0040b298
003c:trace:reg:NtSetValueKey (0x54,L"Start",4,0x32efb8,4)
003c: set_key_value( hkey=0054, type=4, namelen=10, name=L"Start",
data={03,00,00,00} )
003c: set_key_value() = 0
003c:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040b298
003c:Call advapi32.RegSetValueExW(00000054,0042d6a4
L"Type",00000000,00000004,0032efc0,00000004) ret=0040b2c6
003c:trace:reg:NtSetValueKey (0x54,L"Type",4,0x32efc0,4)
003c: set_key_value( hkey=0054, type=4, namelen=8, name=L"Type",
data={02,00,00,00} )
003c: set_key_value() = 0
003c:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040b2c6
003c:Call advapi32.RegSetValueExW(00000054,0042d6b0
L"Tag",00000000,00000004,0032efcc,00000004) ret=0040b2ee
003c:trace:reg:NtSetValueKey (0x54,L"Tag",4,0x32efcc,4)
003c: set_key_value( hkey=0054, type=4, namelen=6, name=L"Tag",
data={02,00,00,00} )
003c: set_key_value() = 0
003c:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040b2ee
003c:Call advapi32.RegSetValueExW(00000054,0042d6c8
L"DependOnService",00000000,00000007,0032f1d4,0000000c) ret=0040b361
003c:trace:reg:NtSetValueKey (0x54,L"DependOnService",7,0x32f1d4,14)
003c: set_key_value( hkey=0054, type=7, namelen=30, name=L"DependOnService",
data={46,00,6c,00,74,00,4d,00,67,00,72,00,00,00} )
003c: set_key_value() = 0
003c:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040b361
003c:Call advapi32.RegSetValueExW(00000054,0042d71c
L"Group",00000000,00000007,0032f3d4,00000032) ret=0040b3db
003c:trace:reg:NtSetValueKey (0x54,L"Group",7,0x32f3d4,52)
003c: set_key_value( hkey=0054, type=7, namelen=10, name=L"Group",
data={46,00,73,00,46,00,69,00,6c,00,74,00,65,00,72,00,20,00,41,00,63,00,74,00,69,00,76,00,69,00,74,00,79,00,20,00,4d,00,6f,00,6e,00,69,00,74,00,6f,00,72,00,00,00}
)
003c: set_key_value() = 0
003c:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040b3db
003c:Call advapi32.RegCloseKey(00000054) ret=0040b4be
003c: close_handle( handle=0054 )
003c: close_handle() = 0
003c:Ret advapi32.RegCloseKey() retval=00000000 ret=0040b4be
003c:Call advapi32.RegCreateKeyExW(80000002,0032f5d4
L"System\\CurrentControlSet\\Services\\BRDriver64_1_3_3_E02B25FC\\Instances",00000000,0042ab4c,00000000,0000000e,00000000,0032efd0,0032efc8)
ret=0040b504
003c:trace:reg:NtCreateKey
(0x24,L"System\\CurrentControlSet\\Services\\BRDriver64_1_3_3_E02B25FC\\Instances",L"",0,e,0x32ee14)
003c: create_key( access=0000000e, options=00000000,
objattr={rootdir=0024,attributes=00000000,sd={},name=L"System\\CurrentControlSet\\Services\\BRDriver64_1_3_3_E02B25FC\\Instances"},
class=L"" )
003c: create_key() = 0 { hkey=0054, created=0 }
003c:trace:reg:NtCreateKey <- 0x54
003c:Ret advapi32.RegCreateKeyExW() retval=00000000 ret=0040b504
...
--- snip ---
Call to SCM to create service entry. The app passes
'C:\\ProgramData\\BitRaider\\support\\1.3.3\\E02B25FC\\BRDriver64.sys' as fully
qualified path to the service binary file (kernel driver):
--- snip ---
...
003c:Call advapi32.CreateServiceW(0014f2a0,005f2aa0
L"BRDriver64_1_3_3_E02B25FC",005f2aa0
L"BRDriver64_1_3_3_E02B25FC",000f01ff,00000002,00000003,00000001,005f2bd8
L"C:\\ProgramData\\BitRaider\\support\\1.3.3\\E02B25FC\\BRDriver64.sys",00000000,00000000,00000000,00000000,00000000)
ret=0040b048
003c:trace:service:CreateServiceW 0x14f2a0 L"BRDriver64_1_3_3_E02B25FC"
L"BRDriver64_1_3_3_E02B25FC"
...
--- snip ---
'services.exe' side:
--- snip ---
...
0014:trace:service:svcctl_CreateServiceWOW64W Call
msvcrt._vsnprintf(00bbeff0,00000400,0041b0aa "(%s, %s, 0x%x, %s)\n",00bbf430)
ret=00401def
0014:Ret msvcrt._vsnprintf() retval=0000008f ret=00401def
(L"BRDriver64_1_3_3_E02B25FC", L"BRDriver64_1_3_3_E02B25FC", 0xf01ff,
L"C:\\ProgramData\\BitRaider\\support\\1.3.3\\E02B25FC\\BRDriver64.sys")
...
0014:trace:service:create_serviceW Call
msvcrt._vsnprintf(00bbf020,00000400,0041b0aa "(%s, %s, 0x%x, %s)\n",00bbf460)
ret=00401def
...
0014:Call advapi32.RegCreateKeyW(00000024,00033d30
L"BRDriver64_1_3_3_E02B25FC",00bbf3c8) ret=004066d8
0014:trace:reg:NtCreateKey
(0x24,L"BRDriver64_1_3_3_E02B25FC",(null),0,2000000,0xbbf128)
0014: create_key( access=02000000, options=00000000,
objattr={rootdir=0024,attributes=00000000,sd={},name=L"BRDriver64_1_3_3_E02B25FC"},
class=L"" )
0014: create_key() = 0 { hkey=01a0, created=0 }
0014:trace:reg:NtCreateKey <- 0x1a0
0014:Ret advapi32.RegCreateKeyW() retval=00000000 ret=004066d8
0014:Call advapi32.RegSetValueExW(000001a0,0041c670
L"DisplayName",00000000,00000001,00033e20,00000034) ret=0040655e
0014:trace:reg:NtSetValueKey (0x1a0,L"DisplayName",1,0x33e20,52)
0014: set_key_value( hkey=01a0, type=1, namelen=22, name=L"DisplayName",
data={42,00,52,00,44,00,72,00,69,00,76,00,65,00,72,00,36,00,34,00,5f,00,31,00,5f,00,33,00,5f,00,33,00,5f,00,45,00,30,00,32,00,42,00,32,00,35,00,46,00,43,00,00,00}
)
0014: set_key_value() = 0
0014:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040655e
0014:Call advapi32.RegSetValueExW(000001a0,0041c610
L"ImagePath",00000000,00000001,00033d80,00000086) ret=0040655e
0014:trace:reg:NtSetValueKey (0x1a0,L"ImagePath",1,0x33d80,134)
0014: set_key_value( hkey=01a0, type=1, namelen=18, name=L"ImagePath",
data={5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,44,00,61,00,74,00,61,00,5c,00,42,00,69,00,74,00,52,00,61,00,69,00,64,00,65,00,72,00,5c,00,73,00,75,00,70,00,70,00,6f,00,72,00,74,00,5c,00,31,00,2e,00,33,00,2e,00,33,00,5c,00,45,00,30,00,32,00,42,00,32,00,35,00,46,00,43,00,5c,00,42,00,52,00,44,00,72,00,69,00,76,00,65,00,72,00,36,00,34,00,2e,00,73,00,79,00,73,00,00,00}
)
0014: set_key_value() = 0
0014:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040655e
0014:Call advapi32.RegDeleteValueW(000001a0,0041c600 L"Group") ret=00406568
0014:trace:reg:NtDeleteValueKey (0x1a0,L"Group")
0014: delete_key_value( hkey=01a0, name=L"Group" )
0014: delete_key_value() = 0
0014:Ret advapi32.RegDeleteValueW() retval=00000000 ret=00406568
0014:Call advapi32.RegSetValueExW(000001a0,0041c590
L"ObjectName",00000000,00000001,00034770,00000018) ret=0040655e
0014:trace:reg:NtSetValueKey (0x1a0,L"ObjectName",1,0x34770,24)
0014: set_key_value( hkey=01a0, type=1, namelen=20, name=L"ObjectName",
data={4c,00,6f,00,63,00,61,00,6c,00,53,00,79,00,73,00,74,00,65,00,6d,00,00,00}
)
0014: set_key_value() = 0
0014:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040655e
0014:Call advapi32.RegDeleteValueW(000001a0,0041c570 L"Description")
ret=00406568
0014:trace:reg:NtDeleteValueKey (0x1a0,L"Description")
0014: delete_key_value( hkey=01a0, name=L"Description" )
0014: delete_key_value() = OBJECT_NAME_NOT_FOUND
0014:Ret advapi32.RegDeleteValueW() retval=00000002 ret=00406568
0014:Call advapi32.RegDeleteValueW(000001a0,0041c5e0 L"DependOnService")
ret=0040622f
0014:trace:reg:NtDeleteValueKey (0x1a0,L"DependOnService")
0014: delete_key_value( hkey=01a0, name=L"DependOnService" )
0014: delete_key_value() = 0
0014:Ret advapi32.RegDeleteValueW() retval=00000000 ret=0040622f
0014:Call advapi32.RegDeleteValueW(000001a0,0041c5b0 L"DependOnGroup")
ret=0040622f
0014:trace:reg:NtDeleteValueKey (0x1a0,L"DependOnGroup")
0014: delete_key_value( hkey=01a0, name=L"DependOnGroup" )
0014: delete_key_value() = OBJECT_NAME_NOT_FOUND
0014:Ret advapi32.RegDeleteValueW() retval=00000002 ret=0040622f
0014:Call advapi32.RegSetValueExW(000001a0,0041c650
L"Start",00000000,00000004,00033c94,00000004) ret=004067f9
0014:trace:reg:NtSetValueKey (0x1a0,L"Start",4,0x33c94,4)
0014: set_key_value( hkey=01a0, type=4, namelen=10, name=L"Start",
data={03,00,00,00} )
0014: set_key_value() = 0
0014:Ret advapi32.RegSetValueExW() retval=00000000 ret=004067f9
0014:Call advapi32.RegSetValueExW(000001a0,0041c630
L"ErrorControl",00000000,00000004,00033c98,00000004) ret=0040682e
0014:trace:reg:NtSetValueKey (0x1a0,L"ErrorControl",4,0x33c98,4)
0014: set_key_value( hkey=01a0, type=4, namelen=24, name=L"ErrorControl",
data={01,00,00,00} )
0014: set_key_value() = 0
0014:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040682e
0014:Call advapi32.RegSetValueExW(000001a0,0041c660
L"Type",00000000,00000004,00033c90,00000004) ret=00406863
0014:trace:reg:NtSetValueKey (0x1a0,L"Type",4,0x33c90,4)
0014: set_key_value( hkey=01a0, type=4, namelen=8, name=L"Type",
data={02,00,00,00} )
0014: set_key_value() = 0
0014:Ret advapi32.RegSetValueExW() retval=00000000 ret=00406863
0014:Call advapi32.RegSetValueExW(000001a0,0041c540
L"PreshutdownTimeout",00000000,00000004,00033cd0,00000004) ret=0040689b
0014:trace:reg:NtSetValueKey (0x1a0,L"PreshutdownTimeout",4,0x33cd0,4)
0014: set_key_value( hkey=01a0, type=4, namelen=36, name=L"PreshutdownTimeout",
data={20,bf,02,00} )
0014: set_key_value() = 0
0014:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040689b
0014:Call advapi32.RegSetValueExW(000001a0,0041c540
L"PreshutdownTimeout",00000000,00000004,00033cd0,00000004) ret=004068cc
0014:trace:reg:NtSetValueKey (0x1a0,L"PreshutdownTimeout",4,0x33cd0,4)
0014: set_key_value( hkey=01a0, type=4, namelen=36, name=L"PreshutdownTimeout",
data={20,bf,02,00} )
0014: set_key_value() = 0
0014:Ret advapi32.RegSetValueExW() retval=00000000 ret=004068cc
0014:Call advapi32.RegSetValueExW(000001a0,0041c518
L"WOW64",00000000,00000004,00bbf3c4,00000004) ret=0040694c
0014:trace:reg:NtSetValueKey (0x1a0,L"WOW64",4,0xbbf3c4,4)
0014: set_key_value( hkey=01a0, type=4, namelen=10, name=L"WOW64",
data={01,00,00,00} )
0014: set_key_value() = 0
0014:Ret advapi32.RegSetValueExW() retval=00000000 ret=0040694c
0014:Call advapi32.RegDeleteValueW(000001a0,0041c588 L"Tag") ret=00406969
0014:trace:reg:NtDeleteValueKey (0x1a0,L"Tag")
0014: delete_key_value( hkey=01a0, name=L"Tag" )
0014: delete_key_value() = 0
0014:Ret advapi32.RegDeleteValueW() retval=00000000 ret=00406969
0014:Call advapi32.RegCloseKey(000001a0) ret=004066e8
0014: close_handle( handle=01a0 )
0014: close_handle() = 0
0014:Ret advapi32.RegCloseKey() retval=00000000 ret=004066e8
...
--- snip ---
Microsoft documentation doesn't tell about this special case:
https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-createservicea
--- quote ---
lpBinaryPathName
The fully qualified path to the service binary file. If the path contains a
space, it must be quoted so that it is correctly interpreted. For example,
"d:\my share\myservice.exe" should be specified as ""d:\my
share\myservice.exe"".
The path can also include arguments for an auto-start service. For example,
"d:\myshare\myservice.exe arg1 arg2". These arguments are passed to the service
entry point (typically the main function).
If you specify a path on another computer, the share must be accessible by the
computer account of the local computer because this is the security context
used in the remote call. However, this requirement allows any potential
vulnerabilities in the remote computer to affect the local computer. Therefore,
it is best to use a local file.
--- quote ---
After fixing SCM, the app validation goes further - only to run into next
issue.
$ sha1sum SWTOR_setup.exe
c538935eff4ec90ce2e48dc7e515a8dec2f15f58 SWTOR_setup.exe
$ du -sh SWTOR_setup.exe
32M SWTOR_setup.exe
$ wine --version
wine-4.8
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list