Allowed reverse engineering methods

Nikolay Sivov nsivov at codeweavers.com
Sun May 30 13:27:20 CDT 2010 

On 5/30/2010 21:41, Mariusz Pluciński wrote:
> Hello
> I'm working on implementation of Games Explorer for Wine
> (in Google Summer of Code). My work gets progress, but to
> finish it, I need to get more information about Windows
> implementation.
>    
Hi, Mariusz.
> My question is: which reverse engineering methods are
> legal and accepted while working in Wine project?
> Only information I found is located on Wine's wiki page
> (http://wiki.winehq.org/SummerOfCode):
>
>    
>>   *  You are not allowed to read or reuse Windows source code
>> (leaked source / Windows>Research Kernel* / ...)
>> (* we are following the SFLC's advice)
>>   *  You are not allowed to reverse engineer Windows files by
>> disassembling or>decompiling them
>>   *  You are not allowed to analyze Windows files with the
>> trace functions of Wine
>>      
> But which methods are allowed? I assume that "obvious"
> methods (reading header files, registry dumps, etc.) are
> acceptable, but can I e.g. analyze .pdb symbol files
> (availble in e.g. Microsoft's DirectX SDK)?
>    
The main method is to write test.

Reading headers is allowed of course, the rule here is not to copy code 
blocks from
them to Wine's headers. Clean way is to study, then close it and write 
it itself.

Windows registry editor doesn't hide things AFAIK, so you obviously can 
read keynames,
default values etc. Wine uses same namings for keys for compatibility 
reasons, so that's allowed.

I don't know what kind of information is store in .pdb files, but 
assuming it's a private binary format
for machine consumption I think you should avoid it.
> Can I copy executable from Windows (.exe) and analyze it in Wine
> using winedebug's "relay" channel? (last point from website
> I linked above says that I can't analyze "Windows files" this way,
> but I'm not sure is it apply for executables in way I described).
>    
It depends what executable are you talking about. If it's your program 
but linked (or uses) to
a module you're testing AND this native module is setup to be used by 
Wine - then no, you can't.

In general Wine's tracing functionality shouldn't be used to get inside 
native modules provided by MS
to re-implement them. Often it happens that users do +relay by request 
for bug reports for example,
I believe this is fine as long as you don't use this trace data to 
implement module.
> Mariusz Pluciński
>

More information about the wine-devel mailing list