The AL compiler builds invalid permission XML files when it contains only few permissions

[Thomas-Torggler-EOS]

1. Describe the bug
Permissions (being in XML format or AL format, does not matter) are converted into an "entitlements"-XML file inside the built package. When that package is installed, the BC service extracts this entitlements file and places it into a local cache for the service. This cache is read on service startup.

When there are very few (or even no) permissions in the app, that generated entitlement file might be less than 256 bytes in size. If this is the case, the BC service pads that file with 0x00 resulting in an invalid XML file and causing the service to fail startup.

The problem lies in the class Microsoft.Dynamics.Nav.CodeAnalysis.Packaging.PackageReader in the method ReadFileAsBytes. This method allocates a new MemoryStream as the destination and then copies the source into that destination stream.

The problem is, that the result value of that method uses GetBuffer instead of ToArray. The latter would be correct and would only return the bytes that actually have content. GetBuffer though returns the full underlying buffer, regardless if it contains data or not. This is initially allocated to 256 bytes (filled with 0x00) and thus will always return a buffer of at least 256 bytes, and - if the actual content is smaller - will therefore pad the return with 0x00.

2. To Reproduce

1. Create any AL app without objects
2. Create an permission set with a single permission to the "Customer" table (see below)
3. Build the app

permissionset 50100 Yada
{
    Permissions = table Customer = X;
}

4. Use the above mentioned .NET class to extract the contents of the package like so:

var pr = NavAppPackageReader.Create(stream);
foreach (var path in pr.ReadTableOfContents())
{
	var bytes = pr.ReadFileAsBytes(path); // <-- there it is
}

3. Expected behavior
If my content is less than 256 bytes it should only return the actual bytes.

4. Actual behavior
If the content is less than 256 bytes it is padded to 256 bytes with 0x00.
For example entitlements/<appId>.xml finishes in a series of 0x00.

5. Versions:

• AL Language: 15.0.1290655
• Visual Studio Code: 1.96.4
• Business Central: n/a
• Operating System:
  • Windows
  • Linux
  • MacOS
    Internal work item: AB#564414

[BazookaMusic]

Cool find, will be fixed in one of the next releases.

[DobbyNator94]

@BazookaMusic is there a timeline, when the fixed AL language is available?

[DobbyNator94]

The entitlement.xml from our extracted app is bigger than 256 bytes. But same error.

Does anyone have an idea? You can't start the service tier, nothing.. I my opinion a big bug that needs a fast fix in AL compiler or OnPrem BC. We can't deliver our update to our customers on BC 25.3 on prem. Btw, we are using runtime packages for app delivery.

Created a runtime package with the same version (onprem etc), publish, restart, same error. No runtime package, no error.

[thloke]

I have a fix for this (or more accurately, implemented exactly the same fix proposed by @Thomas-Torggler-EOS), and will be backporting it. Not sure why we haven't encountered this bug before since this codepath hasn't changed in forever.

It only affects runtime packages because they're the only ones using this method to read bytes out of the package.

[thloke]

When the fix is released, it will require a new version of the BC server. The runtime package itself is fine, it's the reading out of the content that's buggy. There is one workaround where if you find the file on disk, you can manually edit it to remove the extra 0x00 characters.