Revert security cookie patch causing regression in multiple applications.

2024-11-21 16:46:54 -08:00 · 2015-07-10 20:55:42 +02:00 · 2015-07-10 20:55:42 +02:00 · d1f4a25cbd
commit d1f4a25cbd
parent 6df5635400
5 changed files with 94 additions and 18 deletions
--- a/README.md
+++ b/README.md
@ -39,9 +39,11 @@ Wine. All those differences are also documented on the
 Included bug fixes and improvements
 -----------------------------------

-**Bug fixes and features included in the next upcoming release [2]:**
+**Bug fixes and features included in the next upcoming release [4]:**

 * Increase buffer size in widl/typegen.c to avoid buffer overflow ([Wine Bug #37129](https://bugs.winehq.org/show_bug.cgi?id=37129))
+* Revert patch causing crash in IrfanView when using the WebP plugin ([Wine Bug #38895](https://bugs.winehq.org/show_bug.cgi?id=38895))
+* Revert patch causing crash in Word Viewer when opening docx files ([Wine Bug #38897](https://bugs.winehq.org/show_bug.cgi?id=38897))
 * Silence repeated wbemprox "timeout not supported" fixme ([Wine Bug #37618](https://bugs.winehq.org/show_bug.cgi?id=37618))


--- a/debian/changelog
+++ b/debian/changelog
@ -4,6 +4,7 @@ wine-staging (1.7.47) UNRELEASED; urgency=low
  * Added patch to silence repeated wbemprox "timeout not supported" fixme.
  * Added patch to increase buffer size in widl/typegen.c to avoid buffer
    overflow.
+  * Revert security cookie patch causing regression in multiple applications.
  * Removed patch to implement kernel32.GetNumaProcessorNode (accepted
    upstream).
  * Removed patch to initialize *end with NULL on failure in msvcrt.strtod
--- a/patches/ntdll-Revert_Security_Cookie/0001-Revert-ntdll-Randomize-security-cookie-when-availabl.patch
+++ b/patches/ntdll-Revert_Security_Cookie/0001-Revert-ntdll-Randomize-security-cookie-when-availabl.patch
@ -0,0 +1,51 @@
+From 2322a6e69849a1537724b0fe7dd08a3edea83e0c Mon Sep 17 00:00:00 2001
+From: Sebastian Lackner <sebastian@fds-team.de>
+Date: Fri, 10 Jul 2015 20:40:01 +0200
+Subject: Revert "ntdll: Randomize security cookie when available."
+
+This reverts commit 7e1c886fbfd362376b6aebe5381ab7d4433c3371.
+---
+ dlls/ntdll/virtual.c | 20 --------------------
+ 1 file changed, 20 deletions(-)
+
+diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
+index 410e060..bc3f7cd 100644
+--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
+@@ -1067,8 +1067,6 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
+     IMAGE_SECTION_HEADER sections[96];
+     IMAGE_SECTION_HEADER *sec;
+     IMAGE_DATA_DIRECTORY *imports;
+-    IMAGE_LOAD_CONFIG_DIRECTORY *loadcfg;
+-    ULONG loadcfg_size;
+     NTSTATUS status = STATUS_CONFLICTING_ADDRESSES;
+     int i;
+     off_t pos;
+@@ -1280,24 +1278,6 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
+         }
+     }
+ 
+-    /* randomize security cookie */
+-
+-    loadcfg = RtlImageDirectoryEntryToData( (HMODULE)ptr, TRUE,
+-                                            IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG, &loadcfg_size );
+-    if (loadcfg && loadcfg_size >= sizeof(*loadcfg))
+-    {
+-        static ULONG seed;
+-        ULONG_PTR *cookie = (ULONG_PTR *)loadcfg->SecurityCookie;
+-
+-        if (!seed) seed = NtGetTickCount() ^ GetCurrentProcessId();
+-        if (cookie)
+-        {
+-            *cookie = RtlRandom( &seed );
+-            if (sizeof(ULONG_PTR) > sizeof(ULONG)) /* fill up, but keep the highest word clear */
+-                *cookie ^= (ULONG_PTR)RtlRandom( &seed ) << 16;
+-        }
+-    }
+-
+     /* set the image protections */
+ 
+     VIRTUAL_SetProt( view, ptr, ROUND_SIZE( 0, header_size ), VPROT_COMMITTED | VPROT_READ );
+-- 
+2.4.5
+
--- a/patches/ntdll-Revert_Security_Cookie/definition
+++ b/patches/ntdll-Revert_Security_Cookie/definition
@ -0,0 +1,2 @@
+Fixes: [38897] Revert patch causing crash in Word Viewer when opening docx files
+Fixes: [38895] Revert patch causing crash in IrfanView when using the WebP plugin
--- a/patches/patchinstall.sh
+++ b/patches/patchinstall.sh
@ -168,6 +168,7 @@ patch_enable_all ()
 	enable_ntdll_NtQuerySection="$1"
 	enable_ntdll_NtSetLdtEntries="$1"
 	enable_ntdll_Pipe_SpecialCharacters="$1"
+	enable_ntdll_Revert_Security_Cookie="$1"
 	enable_ntdll_RtlIpStringToAddress="$1"
 	enable_ntdll_ThreadTime="$1"
 	enable_ntdll_Threading="$1"
@ -577,6 +578,9 @@ patch_enable ()
 		ntdll-Pipe_SpecialCharacters)
 			enable_ntdll_Pipe_SpecialCharacters="$2"
 			;;
+		ntdll-Revert_Security_Cookie)
+			enable_ntdll_Revert_Security_Cookie="$2"
+			;;
 		ntdll-RtlIpStringToAddress)
 			enable_ntdll_RtlIpStringToAddress="$2"
 			;;
@ -1972,6 +1976,23 @@ if test "$enable_Staging" -eq 1; then
 	) >> "$patchlist"
 fi

+# Patchset server-Misc_ACL
+# |
+# | This patchset fixes the following Wine bugs:
+# |   *	[#15980] GetSecurityInfo returns NULL DACL for process object
+# |
+# | Modified files:
+# |   *	dlls/advapi32/tests/security.c, server/process.c, server/security.h, server/token.c
+# |
+if test "$enable_server_Misc_ACL" -eq 1; then
+	patch_apply server-Misc_ACL/0001-server-Add-default-security-descriptor-ownership-for.patch
+	patch_apply server-Misc_ACL/0002-server-Add-default-security-descriptor-DACL-for-proc.patch
+	(
+		echo '+    { "Erich E. Hoover", "server: Add default security descriptor ownership for processes.", 1 },';
+		echo '+    { "Erich E. Hoover", "server: Add default security descriptor DACL for processes.", 1 },';
+	) >> "$patchlist"
+fi
+
 # Patchset server-CreateProcess_ACLs
 # |
 # | This patchset fixes the following Wine bugs:
@ -1991,23 +2012,6 @@ if test "$enable_server_CreateProcess_ACLs" -eq 1; then
 	) >> "$patchlist"
 fi

-# Patchset server-Misc_ACL
-# |
-# | This patchset fixes the following Wine bugs:
-# |   *	[#15980] GetSecurityInfo returns NULL DACL for process object
-# |
-# | Modified files:
-# |   *	dlls/advapi32/tests/security.c, server/process.c, server/security.h, server/token.c
-# |
-if test "$enable_server_Misc_ACL" -eq 1; then
-	patch_apply server-Misc_ACL/0001-server-Add-default-security-descriptor-ownership-for.patch
-	patch_apply server-Misc_ACL/0002-server-Add-default-security-descriptor-DACL-for-proc.patch
-	(
-		echo '+    { "Erich E. Hoover", "server: Add default security descriptor ownership for processes.", 1 },';
-		echo '+    { "Erich E. Hoover", "server: Add default security descriptor DACL for processes.", 1 },';
-	) >> "$patchlist"
-fi
-
 # Patchset advapi32-LsaLookupSids
 # |
 # | Modified files:
@ -3555,6 +3559,22 @@ if test "$enable_ntdll_Pipe_SpecialCharacters" -eq 1; then
 	) >> "$patchlist"
 fi

+# Patchset ntdll-Revert_Security_Cookie
+# |
+# | This patchset fixes the following Wine bugs:
+# |   *	[#38897] Revert patch causing crash in Word Viewer when opening docx files
+# |   *	[#38895] Revert patch causing crash in IrfanView when using the WebP plugin
+# |
+# | Modified files:
+# |   *	dlls/ntdll/virtual.c
+# |
+if test "$enable_ntdll_Revert_Security_Cookie" -eq 1; then
+	patch_apply ntdll-Revert_Security_Cookie/0001-Revert-ntdll-Randomize-security-cookie-when-availabl.patch
+	(
+		echo '+    { "Sebastian Lackner", "Revert \"ntdll: Randomize security cookie when available.\".", 1 },';
+	) >> "$patchlist"
+fi
+
 # Patchset ntdll-RtlIpStringToAddress
 # |
 # | Modified files: