Buffer Overflow (boep) -> 1603 / 1722 MSI Install Error

[Oafed]

This releates to the error identified here http://paintdotnet.forumer.com/viewtopic.php?f=10&t=21585&p=122008 and here http://paintdotnet.forumer.com/viewtopic.php?f=10&t=22228&st=0&sk=t&sd=a.

No solution has been posted on either of those topics, but I've done some more debugging to identify the cause.

The security program that I have installed (Proventia) is blocking the install due to a "Buffer Overflow Exploit Attempt" by SetupNgen.exe. Here is the exact security log which is blocking SetupNgen.exe from completing (which results in the 1603 / 1733 error people are seeing).

ProcessID=5452|5568

SystemCall=NtCreateFile

Blocked=YES

Killed=NO

ExeFile=C:\Program+Files\Paint.NET\SetupNgen.exe

User=SYSTEM

Domain=NT+AUTHORITY

SecChkID=15954

AlertName=boep~setupngen

ReturnAddr=0091ad33, 2

Foxyshadis seems to have pulled out a debug version of Paint.Net and posted the stack trace of the exception:

System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
  at PaintDotNet.SetupNgen.SHGetFolderPathW(IntPtr hwndOwner, Int32 nFolder, IntPtr hToken, UInt32 dwFlags, IntPtr pszPath)
  at PaintDotNet.SetupNgen.SHGetFolderPath(Int32 nFolder)
  at PaintDotNet.SetupNgen.MainImpl(String[] args)
  at PaintDotNet.SetupNgen.Main(String[] args)

The MSI log reports

Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action _577D73A5_8502_4A32_A3DC_26C3DEF80357, location: C:\Program Files\Paint.NET\SetupNgen.exe, command: /install DESKTOPSHORTCUT=1 PDNUPDATING=0 SKIPCLEANUP=1 "PROGRAMSGROUP=" QUEUENGEN=1

The consensis is that this problem was introduced after v3.10. v3.10 does not throw this exception when installing but all subsequent versions do.

[Oafed]

Do to the lack of acknowledgment from the Paint.Net team I figured I'd track down the bug myself. I downloaded the source and after filling in some junk strings I built and ran everything just fine. Maybe I will just have to build it myself from now on.

The installer is not included as part of the the source - so I can't track down the bug.

It is annoying me to no end that every computer at the corporation I work at can not install Paint.Net because our security software is blocking a buffer overflow bug in the installer.

[david.atwell]

I'm sorry that you haven't received a reply yet, but there is no Paint.NET team, per se - there's just Rick. Since he's the only developer that's active on the project, he may have missed this one first time around. He should probably see it this time around, though.

Not trying to make excuses - just provide an explanation. He has a real life, too. :-)

[Rick Brewster]

Do to the lack of acknowledgment from the Paint.Net team I figured I'd track down the bug myself. I downloaded the source and after filling in some junk strings I built and ran everything just fine. Maybe I will just have to build it myself from now on.

The installer is not included as part of the the source - so I can't track down the bug.

It is annoying me to no end that every computer at the corporation I work at can not install Paint.Net because our security software is blocking a buffer overflow bug in the installer.

There is no "buffer overflow" bug; that is just the name for the error code that Windows returns when there is an insufficient buffer. Your security software is being over zealous. Please see this blog entry by Raymond Chen, who is a senior engineer at Microsoft: http://blogs.msdn.com/oldnewthing/archi ... 55308.aspx .

The issue is most likely caused by having your Desktop or Documents folders assigned to a "bizarre" location. Is the path very very long? I'm guessing it's on a network or something?

Honestly, I'd recommend you not use that security software, or at least reconfigure it not to incorrectly step in on buffer overflow "errors".

That said, there are some issues that have cropped up recently concerning our error handling for calls to SHGetFolderPathW, which are being fixed for the 3.32 release. I have no way of knowing if your security software will still try and block it though; it looks like its jumping in with fists and knives even before the error code gets passed back to my code.

[Oafed]

I agree that the security software blows and should be dumped - unfortunately the IT gestapo has a strangle hold on us. I do have admin on my system but they are good at making it difficult to bypass (I can't just stop the service or kill the process). I heard a rumor that someone has a registry script that disables it. I need that script.

Sorry for being hasty - I'm just frustrated because I like Paint.Net quite a bit but haven't been able to install it lately.

[david.atwell]

You can run an install on a computer that allows it, copy it from the install directory onto a flash drive, and then copy it to the hard drive directly. You'll lose printing functionality (just use MSPaint or MSWord for that) and Explorer thumbnails for PDN files (which is not too necessary anyway), but you should be able to run everything (including plugins) perfectly well.

This assumes that the destination computer already has the .NET framework, of course. :-)

[Oafed]

Awesome! Sounds good to me. I'll definitely do that.

[HITMAN-X-]

You'll lose printing functionality

Wow I did not know that. never even came to my mind to test it when I 1st did the tutorial for boot cds. I will have to look into this sometime and add that note to the tutorial. Who knows I may be the reason some people have printing problems :?.