Difference between revisions of "Money Sunset Patch Utility"

From PalOMoney
Jump to navigation Jump to search
Line 4: Line 4:
  
 
* See [http://blogs.msdn.com/b/oldnewthing/archive/2012/11/13/10367904.aspx Microsoft Money crashes during import of account ... - MSDN Blogs] for documentation of his fix.
 
* See [http://blogs.msdn.com/b/oldnewthing/archive/2012/11/13/10367904.aspx Microsoft Money crashes during import of account ... - MSDN Blogs] for documentation of his fix.
* Some documentation for the uninitialized hash table fix is in the Remediation topic above.
+
* Some documentation for the Uninitialized Hash Table fix is in the Remediation topic above.
  
 +
== OFX Import Uninitialized Hash Table Bug Details ==
 +
 +
Here are the details about the bug. The original code to patch is found in this pattern:
 +
* "\x83\xBE\x8C\x1C\x00\x00\x00\x74\x31\x33\xC0\x83\xF8\x43\x7D"
 +
with these bytes (2 are different, \x74\x31 becomes \x90\x90)
 +
* "\x83\xBE\x8C\x1C\x00\x00\x00\x90\x90\x33\xC0\x83\xF8\x43\x7D";
 +
 +
Even though the patch is only 2 bytes (it could have been done with one), the long pattern above is intended to prevent patching the wrong location. The original and patched patterns are found only once in the "Home and Business" version 17.0.0.3817 mnyob99.dll file at offset 0x410388. This address will be different for other versions of the file.
 +
 +
(Note: The Raymond Chen pattern, from Cal Lerner, is the same length, but there are two matches in mnyob99.dll. This fact complicated the design of the Money Sunset Patch Utility, below.)
  
== OFX Import Uninitialized Hash Table Bug Details ==
+
A fair amount of effort was made to determine *why* the bug sometimes strikes; however, this has not so far yielded definitive results. The patch initializes a hash table after it is created. The original code skipped the initialization if there were no entries to add to the table. The crash came when the uninitiated table is searched by a child function.
 +
 
 +
An analysis of the code indicates that:
 +
* the hash table is created in a function, and
 +
* there is only one path to initialize the table after it is created, so
 +
* the initialization code cannot be reached except after creating a new hash table (famous last words).
 +
* it is therefore "impossible" to erase an existing hash table, so
 +
* the patch should be safe (knock on wood).
  
TBD details about the bug, including addresses to patch, in this case with NOPs.
+
If anyone has any concerns about the above logic, please discuss it in the forum, or on this topic's Talk page.
  
 +
Because the "why" has not been answered, it seems prudent to plan for reverting the current patch when a possibly more elegant solution becomes available. This consideration complicated the design of the Money Sunset Patch Utility, below.
  
 
== PatchOMoney Money Sunset Patch Command Line Utility ==
 
== PatchOMoney Money Sunset Patch Command Line Utility ==
 +
 +
The PalOMoney application cannot perform this function, because patching a program file requires elevated administrator privileges, and it is undesirable to run PalOMoney or any ordinary application with elevated privileges.
  
 
[[File:PatchOMoney0 1.jpg]]
 
[[File:PatchOMoney0 1.jpg]]
  
The PalOMoney application cannot perform this function, because patching a program file requires elevated administrator privileges, and it is undesirable to run PalOMoney or any ordinary application with elevated privileges.
+
The just-named PatchOMoney utility can be used to patch, revert, or just display the patch status of any affected files, which are backed up. So far, only mnyob99.dll is affected.
 +
 
 +
The utility works by:
 +
* Locating your Money Sunset installation, and
 +
* Backing up any files to be patched.
 +
** This is not a substitute for you backing up your Money installation files, which you must do.
 +
* Verifying the to-be-patched files for version, etc., and
 +
* Seeing if the software is un-patched or not. Each patch is tested separately.
 +
* Displaying a list of original and patched locations.
 +
* You can select one original location to patch and the first patched location to revert, per patch. Not selecting a location leaves the file as is. (This odd scheme is easier to code and less buggy than a more elaborate user interface.)
 +
 
 +
The patch utility is a command line utility to keep it small to reduce download bandwidth, reduce development and testing effort, and discourage use by users unwilling to interact with a console app.
 +
 
 +
=== General Instructions  ===
  
This as-yet unnamed (PatchOSunset?) free utility must be run with elevated administrator privileges. To do so,  
+
The just-named PatchOMoney utility must be run with elevated administrator privileges. To do so,  
 
* Open a command prompt "As Administrator."
 
* Open a command prompt "As Administrator."
* Navigate to the utility folder.
+
* CD repeatedly to navigate to the utility folder, typically C:\Program Files\PalOMoney.com\PalOMoney.
* Enter the utility name to run the utility. It may ask you questions about backups, etc. Answer them.
+
* Enter PatchOMoney to run the utility.  
* Observe the written output.
+
** You can also right click on the exe file and select "Run as Administrator."
 +
* Answer the questions in order.
 +
* Observe all written output. The output is also saved in PatchOMoney.log in you Documents folder.
 
* If the patch succeeded, test your Money Sunset installation.
 
* If the patch succeeded, test your Money Sunset installation.
 
* If there are any remaining problems, open a support incident topic in the forum.
 
* If there are any remaining problems, open a support incident topic in the forum.
  
The utility works by:
+
=== Details ===
* Locating your Money Sunset installation, and
+
 
* Verifying the to-be-patched files for version, etc., and
+
 
* Seeing if the software is unpatched or not. Each patch is tested separately.  
+
=== Obtaining PatchOMoney ===
** If the original defective code is detected for any patch, the affected file is backed up.  
+
 
** If the files do not match the patch pattern, the utility quits with an appropriate error message.
+
A free standalone release package is coming soon! The download location is TBD. It may be a free product at the store, or perhaps a simple link on this page right here. PatchOMoney will be included in the next PalOMoney release.  
* After the back is completed, the utility patches the software, and reports success or failure.
+
 
 +
=== Notes ===
  
The patch utility is a command line utility to keep it small to reduce download bandwidth, reduce development and testing effort, and discourage use by users unable or unwilling to open a command prompt.
+
For security, patches are hard coded into the PatchOMoney.exe file. As patches are added, a new version will be released. PalOMoney.com will calculate and publish the MD5 hash for each version of the utility, and the utility will be signed with our (self-signed) code signing certificate. The current version is labeled 1.0.0.898, but it is still very experimental software, it doesn't deserve a 1.0 version number.
  
The download location is TBD. It may be a free product at the store, or perhaps a simple link on this page right here.
 
  
 
=== Reverting the Patch ===
 
=== Reverting the Patch ===
  
 
If you wish to revert a patch to the original code, enter "revert" followed by one or more patch numbers. The original backup file will still remain.
 
If you wish to revert a patch to the original code, enter "revert" followed by one or more patch numbers. The original backup file will still remain.

Revision as of 07:35, 12 April 2013

See Money Sunset Import Bug Remediation for an explanation of and introduction to this topic.

There are currently two patches for Money Sunset. The first is Microsoft's Raymond Chen's fix for an uninitialized string. The second is the PalOMoney OFX import uninitialized hash table fix.

OFX Import Uninitialized Hash Table Bug Details

Here are the details about the bug. The original code to patch is found in this pattern:

  • "\x83\xBE\x8C\x1C\x00\x00\x00\x74\x31\x33\xC0\x83\xF8\x43\x7D"

with these bytes (2 are different, \x74\x31 becomes \x90\x90)

  • "\x83\xBE\x8C\x1C\x00\x00\x00\x90\x90\x33\xC0\x83\xF8\x43\x7D";

Even though the patch is only 2 bytes (it could have been done with one), the long pattern above is intended to prevent patching the wrong location. The original and patched patterns are found only once in the "Home and Business" version 17.0.0.3817 mnyob99.dll file at offset 0x410388. This address will be different for other versions of the file.

(Note: The Raymond Chen pattern, from Cal Lerner, is the same length, but there are two matches in mnyob99.dll. This fact complicated the design of the Money Sunset Patch Utility, below.)

A fair amount of effort was made to determine *why* the bug sometimes strikes; however, this has not so far yielded definitive results. The patch initializes a hash table after it is created. The original code skipped the initialization if there were no entries to add to the table. The crash came when the uninitiated table is searched by a child function.

An analysis of the code indicates that:

  • the hash table is created in a function, and
  • there is only one path to initialize the table after it is created, so
  • the initialization code cannot be reached except after creating a new hash table (famous last words).
  • it is therefore "impossible" to erase an existing hash table, so
  • the patch should be safe (knock on wood).

If anyone has any concerns about the above logic, please discuss it in the forum, or on this topic's Talk page.

Because the "why" has not been answered, it seems prudent to plan for reverting the current patch when a possibly more elegant solution becomes available. This consideration complicated the design of the Money Sunset Patch Utility, below.

PatchOMoney Money Sunset Patch Command Line Utility

The PalOMoney application cannot perform this function, because patching a program file requires elevated administrator privileges, and it is undesirable to run PalOMoney or any ordinary application with elevated privileges.

PatchOMoney0 1.jpg

The just-named PatchOMoney utility can be used to patch, revert, or just display the patch status of any affected files, which are backed up. So far, only mnyob99.dll is affected.

The utility works by:

  • Locating your Money Sunset installation, and
  • Backing up any files to be patched.
    • This is not a substitute for you backing up your Money installation files, which you must do.
  • Verifying the to-be-patched files for version, etc., and
  • Seeing if the software is un-patched or not. Each patch is tested separately.
  • Displaying a list of original and patched locations.
  • You can select one original location to patch and the first patched location to revert, per patch. Not selecting a location leaves the file as is. (This odd scheme is easier to code and less buggy than a more elaborate user interface.)

The patch utility is a command line utility to keep it small to reduce download bandwidth, reduce development and testing effort, and discourage use by users unwilling to interact with a console app.

General Instructions

The just-named PatchOMoney utility must be run with elevated administrator privileges. To do so,

  • Open a command prompt "As Administrator."
  • CD repeatedly to navigate to the utility folder, typically C:\Program Files\PalOMoney.com\PalOMoney.
  • Enter PatchOMoney to run the utility.
    • You can also right click on the exe file and select "Run as Administrator."
  • Answer the questions in order.
  • Observe all written output. The output is also saved in PatchOMoney.log in you Documents folder.
  • If the patch succeeded, test your Money Sunset installation.
  • If there are any remaining problems, open a support incident topic in the forum.

Details

Obtaining PatchOMoney

A free standalone release package is coming soon! The download location is TBD. It may be a free product at the store, or perhaps a simple link on this page right here. PatchOMoney will be included in the next PalOMoney release.

Notes

For security, patches are hard coded into the PatchOMoney.exe file. As patches are added, a new version will be released. PalOMoney.com will calculate and publish the MD5 hash for each version of the utility, and the utility will be signed with our (self-signed) code signing certificate. The current version is labeled 1.0.0.898, but it is still very experimental software, it doesn't deserve a 1.0 version number.


Reverting the Patch

If you wish to revert a patch to the original code, enter "revert" followed by one or more patch numbers. The original backup file will still remain.