CAPEv2 icon indicating copy to clipboard operation
CAPEv2 copied to clipboard

Published 20 hours ago verified publisher icon kevoreilly

GetVolumeNameForVolumeMountPointW hook causes some installers to crash

Open psalire opened this issue 4 years ago • 6 comments
trafficstars

Prerequisites

Please answer the following questions for yourself before submitting an issue.

  • [x] I am running the latest version
  • [x] I checked the documentation and found no answer
  • [x] I checked to make sure that this issue has not already been filed
  • [x] I'm reporting the issue to the correct repository (for multi-repository projects)
  • [x] I'm have read all configs with all optional parts

Expected Behavior

Windows installers don't crash

Current Behavior

Some installers will crash in my Windows 10 sandbox unless option exclude-apis=GetVolumeNameForVolumeMountPointW is set.

Screenshot

Failure Information (for bugs)

Steps to Reproduce

VLC installer is one installer I tried that crashes: https://www.videolan.org/vlc/

  1. Upload the vlc installer with default options
  2. Once the installer GUI is launched in the sandbox, observe that it crashes with the generic error window "vlc has stopped working"
  3. Upload the vlc installer with option exclude-apis=GetVolumeNameForVolumeMountPointW now set
  4. Observe that it no longer crashes

Context

Question Answer
Git commit a2f545646012c4e5e67c242339020f5e06ffa1fb
OS version Ubuntu 20.04, Windows 10 Guest

psalire avatar Sep 30 '21 18:09 psalire

wow thanks, the best question, how did you got the speciifc api ?

doomedraven avatar Sep 30 '21 18:09 doomedraven

Yep this saves a TON of work hunting for bad hooks - thank you.

I'll investigate asap.

kevoreilly avatar Sep 30 '21 18:09 kevoreilly

Great, glad to help

wow thanks, the best question, how did you got the speciifc api ?

Just manual trial and error. I noticed minhook=1 works without crashing, so next I tried excluding all the file related hooks which worked. And eventually narrowed it down to that single hook.

psalire avatar Sep 30 '21 20:09 psalire

thanks a lot @psalire, that for sure helps a lot to Kevin who is in charge of the monitor

doomedraven avatar Sep 30 '21 20:09 doomedraven

One piece of info that is missing is the operating system bitness - having just tried to recreate on x64 I assume you must be running 32-bit Windows?

Unfortunately the installer doesn't work on x64 either... I suspect this is down to a different issue (a known deadlock for which I have a fix https://github.com/kevoreilly/capemon/issues/12)

I haven't got a working 32-bit Win10 vm to test on but I plan to build one... The GetVolumeNameForVolumeMountPointW hook calls an internal function 'replace_wstring_in_buf' to harden against vm detection in the output from this api so testing without these calls is the first thing I will try,

kevoreilly avatar Oct 04 '21 20:10 kevoreilly

Hi @kevoreilly, I'm actually on 64-bit Win10. Sorry if the win32 in the screenshot was misleading. I was trying out the 32-bit installer just in case it was just something was going wrong with the 64-bit one, but both crash the same way

image

psalire avatar Oct 04 '21 21:10 psalire

Sorry not to respond here - this slipped my mind like the sieve it is. I can run this installer on Win10x64 no problem - would you mind re-checking with the latest versions of the monitor/loader?

image

kevoreilly avatar Jan 19 '23 10:01 kevoreilly