Watch, Follow, &
Connect with Us
Public Report
Report From: Delphi-BCB/Compiler/Delphi/Linker    [ Add a report in this area ]  
Report #:  72147   Status: Closed
Invalid section table entries on empty sections
Project:  Delphi Build #:  XE, ... XE5
Version:    19.0 Submitted By:   Patrick Kolla-ten Venne
Report Type:  Crash / Data loss / Total failure Date Reported:  3/11/2009 1:13:23 PM
Severity:    Commonly encountered problem Last Updated: 12/10/2013 6:30:42 PM
Platform:    All versions Internal Tracking #:   10454
Resolution: Fixed (Resolution Comments) Resolved in Build: : XE5 Update2
Duplicate of:  None
Voting and Rating
Overall Rating: No Ratings Yet
0.00 out of 5
Total Votes: 20
Description
(actually the Platform is Vista only, but that is not available for selection in this bugtracker)

Situation: code-signing files on Vista with the Vista SDK has a new option available: /ph generates page hashes for executables (see http://msdn.microsoft.com/en-us/library/aa387764.aspx ).

In combination with a IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY (0x0080) flag in the Characteristics field of the PE Optional Header, this allows some more security.
(see http://msdn.microsoft.com/en-us/library/ms680339.aspx )

Expected: patching the header flag and code-signing the file with /ph should create a file that is able to run on Vista.

Experienced: a file thus modified will not run on Vista.

Thanks to Microsoft (all credits for finding this out go to them), the background is now clear: the section table of files compiled with Delphi, including 2009, lists sections with a physical size of zero but a non-zero address, which causes the failure. A workaround is to manually patch the section table of Delphi executables here.

The PE format says about the PointerToRawData for empty sections:
"When a section contains only uninitialized data, this field should be zero."
(see http://www.microsoft.com/whdc/system/platform/firmware/PECOFFdwn.mspx )

Type and Severity of this entry are disputable probably - for me its Total Failure (file does not even run), but most people probably don't codesign using /ph, so it will be infrequently encountered.
Steps to Reproduce:
1. Patch the PE optional header field "Characteristics" to include the IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY flag and update header checksum.

2. Codesign the file using /ph on Vista.

3. Run it - Vista will reject it. This means properly code-signed files will not even run on Vista!

4. Compile again, patch again, this time patching the physical address of sections with physical size of zero to zero.

5. Code-sign the new one.

6. Test it - it runs.
Workarounds
Patch section table.
Attachment
None
Comments

Patrick Kolla-ten Venne at 10/8/2010 6:33:21 AM -
Tested with Delphi XE - bug still exists a year, two major and some minor releases later.

Tomohiro Takahashi at 10/10/2010 6:06:05 AM -
Unfortunately, this issue is still Open.
As you know, QualityCentral is NOT technical support service. If you need more support, please contact technical support. Sorry for inconvenience.
http://support.embarcadero.com/

Patrick Kolla-ten Venne at 10/11/2010 8:09:00 AM -
I don't need support - I wrote my own tools to patch the PE header from the invalid version Delphi creates to a valid one, and thanks to Delphis new build tools, I can fix every projects executable right after it has been created and before codesigning it.

All I wanted to do here is to raise awareness for this bug (and too the fact that quite some core issues have been unfixed for years).

Chris Nillissen at 9/23/2013 12:47:32 AM -
This is still not fixed in XE5. This is very important to get fixed!!

Patrick, could you include your work around example for others on here please?

Tomohiro Takahashi at 9/24/2013 1:21:31 AM -
Thanks for the notification.
I updated the status of this report in our internal tracking system.

Chris Nillissen at 10/31/2013 1:08:43 AM -
Is this fix included in XE5 Update 1? Because its still not working for me.

Tomohiro Takahashi at 11/1/2013 5:06:43 AM -
No, the fix is not included in XE5 Update1.

Chris Nillissen at 4/10/2014 6:43:15 PM -
After XE5 Update 2 this is now working for the most part. On Windows 7 and above it always works but for some of the same compiled applications it still comes up with the error on Windows Vista.

Server Response from: ETNACODE01