Merge pull request #418 from microsoft/dev/willxie/r2m

Merge release to main; Version bump to 1.0.43

Author: willxie-eng

CHANGELOG.md

@@ -7,7 +7,15 @@ Please format the changes as follows:
 + BugFixes:
 + Updates:
 
+## 1.0.43
+
+## 1.0.42
++ BugFixes:
+  + Fix Linux build
+
 ## 1.0.41
++ Updates:
+  + Remove PathCch functions in order to support Win7
 
 ## 1.0.40
 + No new changes.

build/Version.props

@@ -12,7 +12,7 @@
     -->
     <SemanticVersionMajor>1</SemanticVersionMajor>
     <SemanticVersionMinor>0</SemanticVersionMinor>
-    <SemanticVersionPatch>41</SemanticVersionPatch>
+    <SemanticVersionPatch>43</SemanticVersionPatch>
 
     <FileVersionMajor>15</FileVersionMajor>
     <FileVersionMinor>1</FileVersionMinor>
@@ -30,15 +30,15 @@
      -->
     <ProxyFileVersionMajor>$(SemanticVersionMajor)</ProxyFileVersionMajor>
     <ProxyFileVersionMinor>0</ProxyFileVersionMinor>
-    <ProxyFileVersionPatch>2</ProxyFileVersionPatch>
+    <ProxyFileVersionPatch>3</ProxyFileVersionPatch>
     <ProxyFileVersion>$(ProxyFileVersionMajor).$(ProxyFileVersionMinor).$(ProxyFileVersionPatch)</ProxyFileVersion>
 
     <!--
       Date when Semantic Version was changed.
       Update for every public release.
       Format is YYYY-MM-DD
     -->
-    <SemanticVersionDate>2021-05-05</SemanticVersionDate>
+    <SemanticVersionDate>2021-08-03</SemanticVersionDate>
 
     <!--
       Build version is used to distinguish internally built NuGet packages.

build/yaml/jobs/codeanalysis/apiscan.yaml

@@ -13,7 +13,7 @@ jobs:
   # No dependencies. Requires Build Stages to ensure that binaries are built
 
   pool:
-    name: VSEng-ReleasePool
+    name: VSEngSS-MicroBuild2019
     demands:
     - msbuild
     - visualstudio
@@ -25,13 +25,20 @@ jobs:
   - checkout: self
     clean: true
 
+  # Expire ApiScan one day before declared expirary, to make sure that we update it before
+  # it expires, regardless of timezone
+  - powershell: if ((Get-Date).Add((New-TimeSpan -Days 1)) -ge (Get-Date -Date "$(ApiScanExpiration)")) { throw "ApiScan key expired. Please update" }
+
   - task: DownloadBuildArtifacts@0
     displayName: Download Windows Files (Release)
     inputs:
       downloadType: single
       artifactName: binaries-windows-Release
       downloadPath: $(Build.ArtifactStagingDirectory)
 
+  - task: NodeTool@0
+    displayName: 'Use Node 6.x'
+
   # Scan only native files that are released as part of the product.
   - task: CopyFiles@2
     displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)\ApiScan'
@@ -58,6 +65,8 @@ jobs:
       symbolsFolder: 'SRV*http://symweb;$(Build.ArtifactStagingDirectory)/ApiScan'
       isLargeApp: false
     continueOnError: true
+    env:
+      AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(TenantId);AppKey=$(AppKey)
 
   # Publish SecurityAnalysis Logs
   - template: ../../steps/codeanalysis/publishreports.yaml

build/yaml/pipelines/codeanalysis.yaml

@@ -9,7 +9,10 @@
 name: $(date:yyyyMMdd)$(rev:rr)
 
 variables:
-  TeamName: ClrInstrumentationEngine
+- group: CLRIE-ApiScan
+- name: TeamName
+  value: ClrInstrumentationEngine
+  readonly: true
 
 stages:
 

build/yaml/steps/microbuild/signing.yaml

@@ -14,7 +14,7 @@ steps:
     displayName: Set Signing From Parameters
 
 # nuget install MicroBuild.Plugins.Signing
-- task: MicroBuildSigningPlugin@2
+- task: MicroBuildSigningPlugin@3
   displayName: Install Signing Plugin
   condition: and(succeeded(), in(variables['SignType'], 'Real', 'Test'))
   inputs:

src/Common.Headers/Common.Headers.vcxitems

@@ -19,6 +19,7 @@
     <ClInclude Include="$(MSBuildThisFileDirectory)InitOnce.h" />
     <ClInclude Include="$(MSBuildThisFileDirectory)SafeFindFileHandle.h" />
     <ClInclude Include="$(MSBuildThisFileDirectory)Singleton.h" />
+    <ClInclude Include="$(MSBuildThisFileDirectory)StringUtils.h" />
     <ClInclude Include="$(MSBuildThisFileDirectory)tstring.h" />
   </ItemGroup>
 </Project>

src/Common.Headers/StringUtils.h

@@ -0,0 +1,86 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+#pragma once
+
+#include <string>
+
+class StringUtils
+{
+public:
+
+    // The maximum string length. Set arbitrarily;
+    static const size_t MAX_STRING_LEN = 10000;
+
+    // Gets the length of the given string using the the standard wcsnlen_s.
+    // Returns E_BOUNDS if the length of wszString is greater than MAX_STRING_LEN.
+    // For use with untrusted data which may not have a null terminator.
+    static HRESULT WStringLen(_In_ const WCHAR* wszString, _Out_ size_t& len)
+    {
+        len = wcsnlen_s(wszString, MAX_STRING_LEN);
+
+        if (len >= MAX_STRING_LEN)
+        {
+            return E_BOUNDS;
+        }
+
+        return S_OK;
+    }
+
+    // Gets the length of the given string using the standard strnlen.
+    // Returns E_BOUNDS if the length of wszString is greater than MAX_STRING_LEN.
+    // For use with untrusted data which may not have a null terminator.
+    static HRESULT StringLen(_In_ const char* szString, _Out_ size_t& len)
+    {
+        len = strnlen(szString, MAX_STRING_LEN);
+
+        if (len >= MAX_STRING_LEN)
+        {
+            return E_BOUNDS;
+        }
+
+        return S_OK;
+    }
+
+    // Gets the length of the given string using the standard wcsnlen_s.
+    // Yields the same result as calling wcsnlen_s(wszString, MAX_STRING_LEN);
+    // For use with untrusted data which may not have a null terminator.
+    static size_t WStringLen(_In_ const WCHAR* wszString)
+    {
+        return wcsnlen_s(wszString, MAX_STRING_LEN);
+    }
+
+
+    // Gets the length of the given string using the standard strnlen.
+    // Yields the same result as calling strnlen(szString, MAX_STRING_LEN);
+    // For use with untrusted data which may not have a null terminator.
+    static size_t StringLen(_In_ const char* szString)
+    {
+        return strnlen(szString, MAX_STRING_LEN);
+    }
+
+    // Modifies pwszPath by appending pwszMore.
+    // Checks cBounds before appending to prevent buffer overflows.
+    //
+    // This function wraps PathAppend since supporting Win7 means PathCchAppend is not available.
+    static HRESULT SafePathAppend(_Inout_updates_z_(cBounds) LPWSTR pwszPath, _In_ LPCWSTR pwszMore, _In_ size_t cBounds)
+    {
+#ifndef PLATFORM_UNIX
+        // If PathAppend fails, the destination buffer will be cleared. Check bounds before appending.
+        // +1 for additional directory separator character, +1 for null terminator.
+        if (StringUtils::WStringLen(pwszPath) + StringUtils::WStringLen(pwszMore) + 2 > cBounds)
+        {
+            return E_BOUNDS;
+        }
+
+        if (!PathAppend(pwszPath, pwszMore))
+        {
+            return E_FAIL;
+        }
+
+        return S_OK;
+#else
+        return PathCchAppend(pwszPath, MAX_PATH, pwszMore);
+#endif
+    }
+};

src/Common.Lib/Common.Lib.vcxproj

@@ -47,7 +47,7 @@
       <SubSystem>Windows</SubSystem>
       <GenerateDebugInformation>true</GenerateDebugInformation>
       <AdditionalLibraryDirectories>$(OutDir);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>Common.Lib.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;msxml6.lib;version.lib;mscoree.lib;%(AdditionalDependencies);Faultrep.lib;PathCch.lib</AdditionalDependencies>
+      <AdditionalDependencies>Common.Lib.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;msxml6.lib;version.lib;mscoree.lib;Faultrep.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <AdditionalOptions Condition="'$(Platform)'=='Win32'">/SafeSEH %(AdditionalOptions)</AdditionalOptions>
     </Link>
     <Lib>

src/InstrumentationEngine.Lib/CMakeLists.txt

@@ -22,7 +22,6 @@ set(src_files
     ./InstrumentationMethodSetting.cpp
     ./LoggerService.cpp
     ./Logging.cpp
-    ./StringUtils.cpp
 )
 
 add_lib(${PROJECT_NAME}

src/InstrumentationEngine.Lib/InstrumentationEngine.Lib.vcxproj

@@ -114,7 +114,6 @@
     <ClInclude Include="SharedArray.h" />
     <ClInclude Include="SignatureValidator.h" />
     <ClInclude Include="stdafx.h" />
-    <ClInclude Include="StringUtils.h" />
     <ClInclude Include="targetver.h" />
     <ClInclude Include="Util.h" />
   </ItemGroup>
@@ -138,7 +137,6 @@
     <ClCompile Include="stdafx.cpp">
       <PrecompiledHeader>Create</PrecompiledHeader>
     </ClCompile>
-    <ClCompile Include="StringUtils.cpp" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\Common.Lib\Common.Lib.vcxproj">