feat: make loadSystemRoots() use exit code to test command success (#104)

* feat: loadSystemRoots use ExitCode to test cmd success

* update workflow to test more go versions

* print log

* add go 1.22 to unit tests

* revert security_test.go

* fix dumping CLR modTableRows

* fix conflicts

Author: ayoubfaouzi

.github/workflows/ci.yaml

@@ -8,15 +8,15 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        go-version: [1.16.x, 1.17.x, 1.18.x, 1.19.x]
+        go-version: [1.16.x, 1.17.x, 1.18.x, 1.19.x, 1.20.x, 1.21.x, 1.22.x]
         os: [ubuntu-latest, macos-latest, windows-latest]
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Install Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
           go-version: ${{ matrix.go-version }}
 
@@ -37,17 +37,17 @@ jobs:
         uses: codecov/codecov-action@v2
         with:
           files: ./coverage
-        if: matrix.os == 'windows-latest' && matrix.go-version == '1.19.x'
+        if: matrix.os == 'windows-latest' && matrix.go-version == '1.23.x'
 
       - name: Go vet
         run: |
           go vet .
-        if: matrix.os == 'windows-latest' && matrix.go-version == '1.19.x'
+        if: matrix.os == 'windows-latest' && matrix.go-version == '1.23.x'
 
       - name: Staticcheck
-        uses: dominikh/[email protected].0
+        uses: dominikh/[email protected].1
         with:
-          version: "2022.1"
+          version: "2024.1"
           install-go: false
           cache-key: ${{ matrix.go }}
-        if: matrix.os == 'windows-latest' && matrix.go-version == '1.19.x'
+        if: matrix.os == 'windows-latest' && matrix.go-version == '1.23.x'

cmd/dump.go

@@ -854,15 +854,17 @@ func parsePE(filename string, cfg config) {
 			switch table {
 			case peparser.Module:
 				fmt.Print("\n\t[Modules]\n\t---------\n")
-				modTableRow := modTable.Content.(peparser.ModuleTableRow)
-				modName := pe.GetStringFromData(modTableRow.Name, pe.CLR.MetadataStreams["#Strings"])
-				Mvid := pe.GetStringFromData(modTableRow.Mvid, pe.CLR.MetadataStreams["#GUID"])
-				MvidStr := hex.EncodeToString(Mvid)
-				fmt.Fprintf(w, "Generation:\t 0x%x\n", modTableRow.Generation)
-				fmt.Fprintf(w, "Name:\t 0x%x (%s)\n", modTableRow.Name, string(modName))
-				fmt.Fprintf(w, "Mvid:\t 0x%x (%s)\n", modTableRow.Mvid, MvidStr)
-				fmt.Fprintf(w, "EncID:\t 0x%x\n", modTableRow.EncID)
-				fmt.Fprintf(w, "EncBaseID:\t 0x%x\n", modTableRow.EncBaseID)
+				modTableRows := modTable.Content.([]peparser.ModuleTableRow)
+				for _, modTableRow := range modTableRows {
+					modName := pe.GetStringFromData(modTableRow.Name, pe.CLR.MetadataStreams["#Strings"])
+					Mvid := pe.GetStringFromData(modTableRow.Mvid, pe.CLR.MetadataStreams["#GUID"])
+					MvidStr := hex.EncodeToString(Mvid)
+					fmt.Fprintf(w, "Generation:\t 0x%x\n", modTableRow.Generation)
+					fmt.Fprintf(w, "Name:\t 0x%x (%s)\n", modTableRow.Name, string(modName))
+					fmt.Fprintf(w, "Mvid:\t 0x%x (%s)\n", modTableRow.Mvid, MvidStr)
+					fmt.Fprintf(w, "EncID:\t 0x%x\n", modTableRow.EncID)
+					fmt.Fprintf(w, "EncBaseID:\t 0x%x\n", modTableRow.EncBaseID)
+				}
 				w.Flush()
 
 			}

dotnet.go

@@ -724,11 +724,14 @@ func (pe *File) parseCLRHeaderDirectory(rva, size uint32) error {
 			table.Content, n, err = pe.parseMetadataMethodSpecTable(offset)
 		case GenericParamConstraint: // 0x2c
 			table.Content, n, err = pe.parseMetadataGenericParamConstraintTable(offset)
-
 		default:
 			pe.logger.Warnf("unhandled metadata table %d %s offset 0x%x cols %d",
 				tableIndex, MetadataTableIndexToString(tableIndex), offset, table.CountCols)
 		}
+		if err != nil {
+			pe.logger.Warnf("parsing metadata table %s failed with %v",
+				MetadataTableIndexToString(tableIndex), err)
+		}
 		offset += n
 
 	}

dotnet_metadata_tables.go

@@ -1195,7 +1195,7 @@ type AssemblyRefProcessorTableRow struct {
 
 // AssemblyRefOS 0x25
 type AssemblyRefOSTableRow struct {
-	OSPlatformId   uint32 `json:"os_platform_id"`   // a 4-byte constant
+	OSPlatformID   uint32 `json:"os_platform_id"`   // a 4-byte constant
 	OSMajorVersion uint32 `json:"os_major_version"` // a 4-byte constant
 	OSMinorVersion uint32 `json:"os_minor_version"` // a 4-byte constan)
 	AssemblyRef    uint32 `json:"assembly_ref"`     // an index into the AssemblyRef table

security.go

@@ -386,7 +386,9 @@ func (pe *File) parseSecurityDirectory(rva, size uint32) error {
 
 			// Verify the signature. This will also verify the chain of trust of the
 			// the end-entity signer cert to one of the root in the trust store.
-			if err == nil {
+			if err != nil {
+				pe.logger.Errorf("failed to loadSystemRoots: %v", err)
+			} else {
 				err = pkcs.VerifyWithChain(certPool)
 				if err == nil {
 					certValid = true
@@ -467,11 +469,11 @@ func loadSystemRoots() (*x509.CertPool, error) {
 	if needSync {
 		cmd := exec.Command("certutil", "-syncWithWU", dir)
 		hideWindow(cmd)
-		out, err := cmd.Output()
+		err := cmd.Run()
 		if err != nil {
 			return roots, err
 		}
-		if !strings.Contains(string(out), "command completed successfully") {
+		if cmd.ProcessState.ExitCode() != 0 {
 			return roots, err
 		}
 	}
@@ -563,12 +565,12 @@ func parseAuthenticodeContent(content []byte) (AuthenticodeContent, error) {
 	if err != nil {
 		return AuthenticodeContent{}, err
 	}
-	hashFunction, algorithmId, err := parseHashAlgorithm(authenticodeContent.MessageDigest.DigestAlgorithm)
+	hashFunction, algorithmID, err := parseHashAlgorithm(authenticodeContent.MessageDigest.DigestAlgorithm)
 	if err != nil {
 		return AuthenticodeContent{}, err
 	}
 	return AuthenticodeContent{
-		Algorithm:    algorithmId,
+		Algorithm:    algorithmID,
 		HashFunction: hashFunction,
 		HashResult:   authenticodeContent.MessageDigest.Digest,
 	}, nil

security_test.go

@@ -204,6 +204,7 @@ func TestParseSecurityDirectory(t *testing.T) {
 						t.Fatalf("certificate verification %d failed, cert %v, want %v", i, cert.Verified, expected.Verified)
 					}
 				}
+
 			}
 		})
 	}

version.go

@@ -372,9 +372,7 @@ func (pe *File) parseVersionEntry(e ResourceDirectoryEntry, vers map[string]stri
 				}
 			}
 		case VarFileInfoString:
-			break
 		default:
-			break
 		}
 
 		offset += uint32(f.Length)