Money Sunset Patch Utility

From PalOMoney
Revision as of 17:18, 7 May 2013 by Admin (talk | contribs)
Jump to navigation Jump to search

See Money Sunset Import Bug Remediation for an explanation of and introduction to this topic.

There are currently two patches for Money Sunset. The first is Microsoft's Raymond Chen's fix for an uninitialized string. The second is the PalOMoney OFX import uninitialized hash table fix.

OFX Import Uninitialized Hash Table Bug Details

Here are the details about the bug. The original code to patch is found in this pattern:

  • "\x83\xBE\x8C\x1C\x00\x00\x00\x74\x31\x33\xC0\x83\xF8\x43\x7D"

with these bytes (2 are different, \x74\x31 becomes \x90\x90)

  • "\x83\xBE\x8C\x1C\x00\x00\x00\x90\x90\x33\xC0\x83\xF8\x43\x7D";

Even though the patch is only 2 bytes (it could have been done with one), the long pattern above is intended to prevent patching the wrong location. The original and patched patterns are found only once in the "Home and Business" version 17.0.0.3817 mnyob99.dll file at offset 0x410388. This address will be different for other versions of the file.

(Note: The Raymond Chen pattern, from Cal Learner's blog post, is the same length, but there are two matches in mnyob99.dll. This fact complicated the design of the Money Sunset Patch Utility, below.)

A fair amount of effort was made to determine *why* the bug sometimes strikes; however, this has not so far yielded definitive results. The patch initializes a hash table after it is created. The original code skipped the initialization if there were no entries to add to the table. The crash came when the uninitiated table is searched by a child function.

An analysis of the code indicates that:

  • the hash table is created in a function, and
  • there is only one path to initialize the table after it is created, so
  • the initialization code cannot be reached except after creating a new hash table (famous last words).
  • it is therefore "impossible" to erase an existing hash table, so
  • the patch should be safe (knock on wood).

If anyone has any concerns about the above logic, please discuss it in the forum, or on this topic's Talk page.

Because the "why" has not been answered, it seems prudent to plan for reverting the current patch when a possibly more elegant solution becomes available. This consideration complicated the design of the Money Sunset Patch Utility, below.

PatchOMoney Money Sunset Patch Command Line Utility

The PalOMoney application cannot perform this function, because patching a program file requires elevated administrator privileges, and it is undesirable to run PalOMoney or any ordinary application with elevated privileges.

PatchOMoney0 2.jpg

The just-named PatchOMoney utility can be used to patch, revert, or just display the patch status of any affected files, which are backed up. So far, only mnyob99.dll is affected.

The utility works by:

  • Locating your Money Sunset installation, and
  • Backing up any files to be patched.
    • This is not a substitute for you backing up your Money installation files, which you should do, unless you have the installation media and all previous patches.
  • Verifying the to-be-patched files for version, etc., and
  • Seeing if the software is un-patched or not. Each patch is tested separately.
  • Displaying a list of original and patched locations.
  • You can select one original location to patch and the first patched location to revert, per patch. Not selecting a location leaves the file as is. (This odd scheme is easier to code and less buggy than a more elaborate user interface.)

The patch utility is a command line utility to keep it small to reduce download bandwidth, reduce development and testing effort, and discourage use by users unwilling to interact with a console app.

General Instructions

If you downloaded the free zip file package, you can run PatchOMoney from within the zip file, but it is better to extract it to a folder on your computer.

The user must be given full permissions to the Money installation program file folders and affected files, or PatchOMoney must be run with elevated administrator privileges. If you are concerned with security, see #Security below. To run:

If running as administrator:

  • Open a command prompt "As Administrator."

Otherwise:

  • As administrator grant yourself full access rights (permissions) to the MnyCoreFiles folder and mnyob99.dll.
  • Open a command prompt.

Continue:

  • CD repeatedly to navigate to the utility's installation folder, typically C:\Program Files\PalOMoney.com\PalOMoney, or to wherever you downloaded and unzipped it.
  • Type PatchOMoney and press Enter to run the utility.
    • Using Explorer, you can also right click on the exe file and select "Run as Administrator."
  • Answer the prompts in order. Pressing Enter skips all actions, and just displays the status of the patches.
  • Observe all written output. The output is also saved in PatchOMoney.log in your "Documents" folder.
  • If the patch succeeded, test your Money Sunset installation.
  • If there are any remaining problems, open a support incident topic in the forum.
  • For safety, revoke (delete) your user-name's full access rights (permissions) to the MnyCoreFiles folder and mnyob99.dll.

PatchOMoney is supported in the forums. See #Support.

Specific Instructions

Sign On and Backup

PatchOMoney (version), the EXPERIMENTAL Microsoft Money Sunset patch utility Copyright (c) 2013 PalOMoney.com. All rights reserved.

PatchOMoney is distributed with NO WARRANTY. Use this at your own risk. This software must run as administrator to patch your Money program files. Although this software attempts to create a backup of any modified files, you must make your own independent backup before continuing.

Have you backed up your Money installation (y/N)?

Even though PatchOMoney creates its own backup, you really should back up your MS Money installation. Also, you should make sure that you have your installation media if you move to a new computer, etc.

If you cannot find the Money program files to back them up, PatchOMoney will display their location.

  • Answer Y(es) to the backup question, and PatchOMoney will display the program files location and version info, e.g.,

2013-05-02_14-08-49=File Version info: 17.0.0.1414 for
G:\Program Files\Microsoft Money Plus\MNYCoreFiles\mnyob99.dll

You can then answer No to skip patching and just report on the patch status.

  • Tip: press ^C (Ctrl+C) to quit PatchOMoney immediately.

A enhancement request for PatchOMoney to display the program files location during the sign-on, prior to any questions, is under consideration.

Access Phase

If the PatchOMoney cannot access your Money installation, it cannot do its job. You need permissions to the Money program files to run PatchOMoney. If there permissions are insufficient, PatchOMoney will complain and quit. You can get the permissions using either of the methods described above.

Backup Phase

PatchOMoney tests for access to a backup of every file it will modify, in this case only mnyob99.dll. The backup file is named mnyob99_Org.dll. If that file does not exist, PatchOMoney copies mnyob99.dll to that file name. If that fails, PatchOMoney complains and quits.

Display, Patch, or Revert Phase

For each coded patch, PatchOMoney opens the file, searches for the original and patch code, and displays:

  • Version information of the file it is about to patch.
  • Up to 8 locations in the file containing original code, that is a pattern that matches the original code, and a summary.
  • Up to 8 locations in the file containing patched code, that is a pattern that matches the patched code, and a summary.
    • Note: Raymond Chen's pattern is found in two locations in mnyobj99.dll. His bug fix patched the first (1) entry. There has been no research on the 2nd location, so leave it unpatched.

If any patched code is found, PatchOMoney prompts REVERT patched code 1 at (offset) to the original (y/N)

  • You can choose to revert the first patch to the original code. Select y to revert. Any other key skips reversion.

If any original code is found in more than one location, PatchOMoney prompts # original locations, select one # to patch, or N to skip (1, 2, .., N)

  • Press a number key to choose a location to patch. Any other key skips reversion.

If you selected a number to patch, PatchOMoney prompts APPLY the patch to original code # at xxxxx (y/N)?

  • Select y to patch. Any other key skips patching.

PatchOMoney performs the requested operations, and adjusts the file time to indicate the number of patches applied by a minute each.

End Phase

PatchOMoney displays the results of the operation, and any appropriate error messages.

  • Press any key to exit.

Notes

PatchOMoney does not change the file version information, but rather increments the last written time of the file by one minute for every patch applied. A file with the same time and date as the backup file is or should be unpatched. For this reason, you should start with an un-patched, original file. If you have already patched a file, you will be working with a more recent date, which will not be as meaningful as an original date.

Security

It is extremely dangerous to download and run *any* executable from a website, much less run it with administrative permissions. Do not do this until you really trust the site. That includes PalOMoney.com. One of the reasons behind PatchOMoney.exe being a console application is that it is small and easily verified, by other third parties whom you might trust, to not contain malicious code or spyware, etc.

For security, patches are hard coded into the PatchOMoney.exe file. As patches are added, a new version will be released. The current version is labeled 1.0.0.102, but it is still very experimental software.

The utility is signed with PalOMoney.com's self-signed code signing certificate, whose thumbprint is "‎fc 9b c8 20 04 0d 56 19 b4 b9 3b fb b3 5b 0d c8 ba ca 82 59." Right click PatchOMoney.exe, select Properties, then the Digital Signatures tab, and click the Details button to launch the Digital Signature Details dialog. Click View Certificate to open the Certificate dialog, and examine the certificate. It should match the image below, and have the same thumbprint. If you need more assurance, you can [download the certificate] from this site and compare.

  • Locate and right click on PatchOMoney.exe, select Properties, then verify the Digital Certificate (see #Security below).
    • Do not continue if the certificate does not match that below. Get a fresh copy from PalOMoney.com.

PalOMoneyCodeCert0.jpg

If time permits and there is a need, PalOMoney.com may also calculate and publish the MD5 hash for each version of the utility.

Support

Periodically check this wiki page and Money Sunset Import Bug Remediation. Post a reply to the support forum [PatchOMoney topic].

For discussion of the contents and scope of this page, use the Discussion tab, above.

Download PatchOMoney

Download the free standalone release PatchOMoney107.zip package. PatchOMoney will be included PalOMoney releases starting with 1.0.5.