Disallow patching capabilities of executables

All of the assigned capabilities of executables are likely to be
actually needed unlike those of dlls, so do not create a patched
sis for an application with non-self-signable capabilities.
Similarly block creation of a patched package if any executable has
a protected range SID, as installer will refuse to install such a
package anyway.

Task-number: QTBUG-13886
Reviewed-by: Janne Koskinen

2 files changed, 33 insertions, 17 deletions

diff --git a/bin/createpackage.pl b/bin/createpackage.pl
index cce0b54510..85be5d3432 100755
--- a/bin/createpackage.pl
+++ b/bin/createpackage.pl
@@ -212,21 +212,21 @@ my $certpath = File::Spec->catdir($scriptpath, File::Spec->updir(), "src/s60inst
 
 # Check some pre-conditions and print error messages if needed.
 unless (length($templatepkg)) {
-    print "\nError: Template PKG filename is not defined!\n";
+    print "\nERROR: Template PKG filename is not defined!\n";
     Usage();
 }
 
 # Check template exist
 stat($templatepkg);
 unless( -e _ ) {
-    print "\nError: Package description file '$templatepkg' does not exist!\n";
+    print "\nERROR: Package description file '$templatepkg' does not exist!\n";
     Usage();
 }
 
 # Check certifcate preconditions and set default certificate variables if needed
 if (length($certificate)) {
     unless(length($key)) {
-        print "\nError: Custom certificate key file parameter missing.!\n";
+        print "\nERROR: Custom certificate key file parameter missing.!\n";
         Usage();
     }
 } else {
@@ -261,7 +261,7 @@ if (length($certfile)) {
 
         # Do some validation
         unless(scalar(@certinfo) >= 2 && scalar(@certinfo) <= 3 && length($certinfo[0]) && length($certinfo[1]) ) {
-            print "\nError: $certfile line '$_' does not contain valid information!\n";
+            print "\nERROR: $certfile line '$_' does not contain valid information!\n";
             Usage();
         }
 
@@ -280,14 +280,14 @@ if (!$preservePkgOutput) {
 
 local $/;
 # read template file
-open( TEMPLATE, $templatepkg) or die "Error '$templatepkg': $!\n";
+open( TEMPLATE, $templatepkg) or die "ERROR: '$templatepkg': $!";
 $_=<TEMPLATE>;
 close (TEMPLATE);
 
 # If the pkg file does not contain macros, there is no need for platform or target.
 if (m/\$\(PLATFORM\)/) {
     unless (length($platform) && length($target)) {
-        print "\nError: Platform or target is not defined!\n";
+        print "\nERROR: Platform or target is not defined!\n";
         Usage();
     }
 }
@@ -297,7 +297,7 @@ s/\$\(PLATFORM\)/$platform/gm;
 s/\$\(TARGET\)/$target/gm;
 
 #write the output
-open( OUTPUT, ">$pkgoutput" ) or die "Error '$pkgoutput' $!\n";
+open( OUTPUT, ">$pkgoutput" ) or die "ERROR: '$pkgoutput' $!";
 print OUTPUT $_;
 close OUTPUT;
 
@@ -306,7 +306,7 @@ if ($preprocessonly) {
 }
 
 if($stub) {
-    if(!($epocroot)) { die("EPOCROOT must be set to create stub sis files"); }
+    if(!($epocroot)) { die("ERROR: EPOCROOT must be set to create stub sis files"); }
     my $systeminstall = "$epocroot/epoc32/data/z/system/install";
     mkpath($systeminstall);
     my $stub_sis_name = $systeminstall."/".$stub_sis_name;
@@ -319,15 +319,15 @@ if($stub) {
         && !$onlyUnsigned) {
         print("Auto-patching capabilities for self signed package.\n");
         my $patch_capabilities = File::Spec->catfile(dirname($0), "patch_capabilities");
-        system ("$patch_capabilities $pkgoutput");
+        system ("$patch_capabilities $pkgoutput") and die ("ERROR: Automatic patching failed");
     }
 
     # Create SIS.
     # The 'and' is because system uses 0 to indicate success.
     if($epocroot) {
-        system ("$epocroot/epoc32/tools/makesis $pkgoutput $unsigned_sis_name") and die ("makesis failed");
+        system ("$epocroot/epoc32/tools/makesis $pkgoutput $unsigned_sis_name") and die ("ERROR: makesis failed");
     } else {
-        system ("makesis $pkgoutput $unsigned_sis_name") and die ("makesis failed");
+        system ("makesis $pkgoutput $unsigned_sis_name") and die ("ERROR: makesis failed");
     }
     print("\n");
 
@@ -354,7 +354,7 @@ if($stub) {
     my $relcert = File::Spec->abs2rel($certificate);
     my $relkey = File::Spec->abs2rel($key);
     # The 'and' is because system uses 0 to indicate success.
-    system ("signsis $unsigned_sis_name $signed_sis_name $relcert $relkey $passphrase") and die ("signsis failed");
+    system ("signsis $unsigned_sis_name $signed_sis_name $relcert $relkey $passphrase") and die ("ERROR: signsis failed");
 
     # Check if creating signed SIS Succeeded
     stat($signed_sis_name);
diff --git a/bin/patch_capabilities.pl b/bin/patch_capabilities.pl
index a85f073912..06ab116623 100755
--- a/bin/patch_capabilities.pl
+++ b/bin/patch_capabilities.pl
@@ -152,7 +152,7 @@ if (@ARGV)
             my $newLine = $line;
 
             # Patch pkg UID if it's in protected range
-            if ($line =~ m/^\#.*\((0x[0-7][0-9|a-f|A-F]*)\).*$/)
+            if ($line =~ m/^\#.*\((0x[0-7][0-9a-fA-F]*)\).*$/)
             {
                 my $oldUID = $1;
                 my $newUID = $oldUID;
@@ -162,7 +162,7 @@ if (@ARGV)
             }
 
             # Patch embedded sis name and UID if UID is in protected range
-            if ($line =~ m/^@\"*(.*\.sis).*\((0x[0-7][0-9|a-f|A-F]*)\).*$/)
+            if ($line =~ m/^@\"*(.*\.sis).*\((0x[0-7][0-9a-fA-F]*)\).*$/)
             {
                 my $oldSisName = $1;
                 my $oldUID = $2;
@@ -280,7 +280,16 @@ if (@ARGV)
                 my $capabilitiesToAllow = join(" ", @capabilitiesToAllow);
                 my @capabilitiesToDrop;
                 while (<$dllCaps>) {
-                    if (/^Vendor ID: (.*)$/) {
+                    if (/^Secure ID: ([0-7][0-9a-fA-F]*)$/) {
+                        my $exeSid = $1;
+                        if ($binaryBaseName =~ /\.exe$/) {
+                            # Installer refuses to install protected executables in a self signed package, so abort if one is detected.
+                            # We can't simply just patch the executable SID, as any registration resources executable uses will be linked to it via SID.
+                            print ("Patching: Executable with SID in the protected range (0x$exeSid) detected: \"$binaryBaseName\". A self-signed sis with protected executables is not supported.\n");
+                            exit(1);
+                        }
+                    }
+                    if (/^Vendor ID: ([0-9a-fA-F]*)$/) {
                         $originalVid = "$1";
                     }
                     if (!$capsFound) {
@@ -303,8 +312,15 @@ if (@ARGV)
                     my $capsToDropStr = join("\", \"", @capabilitiesToDrop);
                     $capsToDropStr =~ s/\", \"$//;
 
-                    print ("Patching: The following capabilities used in \"$binaryBaseName\" are not compatible with a self-signed package and will be removed: \"$capsToDropStr\".\n");
-                    $executeNeeded = 1;
+                    if ($binaryBaseName =~ /\.exe$/) {
+                        # While libraries often have capabilities they do not themselves need just to enable them to be loaded by wider variety of processes,
+                        # executables are more likely to need every capability they have been assigned or they won't function correctly.
+                        print ("Patching: Executable with capabilities incompatible with self-signing detected: \"$binaryBaseName\". (Incompatible capabilities: \"$capsToDropStr\".) Reducing capabilities is only supported for libraries.\n");
+                        exit(1);
+                    } else {
+                        print ("Patching: The following capabilities used in \"$binaryBaseName\" are not compatible with a self-signed package and will be removed: \"$capsToDropStr\".\n");
+                        $executeNeeded = 1;
+                    }
                 }
                 $commandToExecute = sprintf($baseCommandToExecute, join(" ", @capabilitiesToSet));
             }