1

Closed

verpatch embedds incompatible version info

description

When applying verpatch to a binary by invoking the program via the /va /pv parameters, the modified binary results in truncated string version properties when these are read via the ANSI API (VerQueryValueA). It seems that the obtained string properties (such as InternalName, Copyright, or ProductVersion) have lost their very last character, so the originally written value such as "Copyright (c) 2013 Bruker Daltonik GmbH" becomes "Copyright (c) 2013 Bruker Daltonik Gmb" using the VerQueryValueA function.

The effect does not occur when reading them via the Unicode API (VerQueryValueW), but is reproducible and does not dependent on the actual string contents. In particular it happens even when the string contents are pure ASCII characters, so it is not related to Unicode contents in any way.

The issue is a real problem, because we cannot control whether programs inspecting our binaries will use the ANSI version or the Unicode version of the API to retrieve the version information for that. This looks like writing actually an incorrect version info format, just that the error becomes (only?) visible when attempting to read it via the ANSI-based API.

The attached C++ source code can be used to demonstrate the problem:

1) Rebuild the source file main.cpp in a new Visual Studio console project (It doesn't matter whether it is a unicode-based or mbcs-based project, because the sources don't use the generic macros for function names or type names). For simplicity reasons, name the project "VersionInfo" and let it produce an executable named "VersionInfo.exe".

2) Invoke verpatch.exe on the resulting executable:

verpatch.exe VersionInfo.exe "1.0.0" /va /pv "1.0.0" /s "(c)" "Copyright (c) Bruker Daltonik GmbH"

3) Execute the modified executable. The output is:

<quote>
Success (Ansi version):
Length in characters: 34
       Copyright: "Copyright (c) Bruker Daltonik Gmb"
Success (Unicode version):
Length in characters: 34
       Copyright: "Copyright (c) Bruker Daltonik GmbH"
</quote>

Note that the character length is correct in both cases, but the Ansi-based version does not get the final character ('H'), but instead an additional zero-terminator.

The problem is not dependent on the actual contents. Here is a more simple example with a different text by invoking

verpatch.exe VersionInfo.exe "1.0.0" /va /pv "1.0.0" /s "(c)" "1234567890"

instead. After program execution we get

<quote>
Success (Ansi version):
Length in characters: 10
       Copyright: "123456789"
Success (Unicode version):
Length in characters: 10
       Copyright: "1234567890"
</quote>

file attachments

Closed Jan 6, 2014 at 6:19 PM by ddbug

comments

ddbug wrote Aug 4, 2013 at 7:26 PM

This may be cured by adding extra null char after value strings. Will add in next release.

Thanks.
  • dd

wrote Aug 4, 2013 at 7:27 PM

wrote Aug 4, 2013 at 8:20 PM

wrote Jan 6, 2014 at 6:19 PM