Get copyright info for native and r2r binaries #10148
Conversation
When attempting to re-enable in-build signing, runtime was throwing out an error that Microsoft.NETCore.App.Composite.r2r.dll had an empty copyright (interpreted as non-MSFT) but was being signed with a Microsoft cert. What was happening was that this r2r binary, because of the way it's created, doesn't have the assembly attributes with copyright info that would normally be present. In this case, as well as native binaries, we should be using the file version info present in native resources to find the copyright info. This is used as a fallback for managed binaries, and always in the case of native (which didn't have copyright info before).
|
https://dev.azure.com/dnceng/internal/_build/results?buildId=1905066&view=results for official build, then will test in key repos that build native code/these r2r binaries |
hoyosjs
left a comment
hoyosjs
left a comment
There was a problem hiding this comment.
Logic seems solid - the test just needs adjustment as the empty copyright is really a space in the native resource.
Yep, found that one out. Also fixed possible null-deref. In my test build with runtime (which crashed due to a bug), it was already throwing out some errors due to copyright in native binaries. So there may be some cleanup to do there. |
|
Turned this into a message for now. Will need some tweaks to the tests. |
|
Updated, PTAL |
| // Turn the else into a warning (and hoist into the if above) after issue is complete. | ||
| if (peInfo.IsManaged) | ||
| { | ||
| LogWarning(SigningToolErrorCode.SIGN001, warning); |
There was a problem hiding this comment.
Should be use the same warn code here? Wont it be confusing in case someone disables the warn?
There was a problem hiding this comment.
They were all used SIGN001 before, but it makes sense to split them. I'm changed it to SIGN001 and a new one SIGN004.
| } | ||
| } | ||
|
|
||
| // If there is no copyright available, it's possible this was a r2r binary. Get the native info instead. |
There was a problem hiding this comment.
| // If there is no copyright available, it's possible this was a r2r binary. Get the native info instead. | |
| // If there is no copyright available as metadata, it's possible it has an RT_VERSION Windows resource instead. |
4 participants
When attempting to re-enable in-build signing, runtime was throwing out an error that Microsoft.NETCore.App.Composite.r2r.dll had an empty copyright (interpreted as non-MSFT) but was being signed with a Microsoft cert. What was happening was that this r2r binary, because of the way it's created, doesn't have the assembly attributes with copyright info that would normally be present.
In this case, as well as native binaries, we should be using the file version info present in native resources to find the copyright info. This is used as a fallback for managed binaries, and always in the case of native (which didn't have copyright info before).
To double check: