From: Tom Deseyn Subject: [PATCH] Avoid compiler optimization on embedded apphost hash Backport of https://github.com/dotnet/runtime/pull/110554 to .NET 8.0. --- src/runtime/src/native/corehost/corehost.cpp | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) --- a/src/runtime/src/native/corehost/corehost.cpp +++ b/src/runtime/src/native/corehost/corehost.cpp @@ -40,6 +40,19 @@ #define EMBED_HASH_LO_PART_UTF8 "74e592c2fa383d4a3960714caef0c4f2" #define EMBED_HASH_FULL_UTF8 (EMBED_HASH_HI_PART_UTF8 EMBED_HASH_LO_PART_UTF8) // NUL terminated +// This avoids compiler optimization which cause EMBED_HASH_HI_PART_UTF8 EMBED_HASH_LO_PART_UTF8 +// to be placed adjacent causing them to match EMBED_HASH_FULL_UTF8 when searched for replacing. +// See https://github.com/dotnet/runtime/issues/109611 for more details. +static bool compare_memory_nooptimization(volatile const char* a, volatile const char* b, size_t length) +{ + for (size_t i = 0; i < length; i++) + { + if (*a++ != *b++) + return false; + } + return true; +} + bool is_exe_enabled_for_execution(pal::string_t* app_dll) { constexpr int EMBED_SZ = sizeof(EMBED_HASH_FULL_UTF8) / sizeof(EMBED_HASH_FULL_UTF8[0]); @@ -63,11 +76,10 @@ // So use two parts of the string that will be unaffected by the edit. size_t hi_len = (sizeof(hi_part) / sizeof(hi_part[0])) - 1; size_t lo_len = (sizeof(lo_part) / sizeof(lo_part[0])) - 1; - - std::string binding(&embed[0]); - if ((binding.size() >= (hi_len + lo_len)) && - binding.compare(0, hi_len, &hi_part[0]) == 0 && - binding.compare(hi_len, lo_len, &lo_part[0]) == 0) + size_t embed_len = strlen(&embed[0]); + if (embed_len >= (hi_len + lo_len) + && compare_memory_nooptimization(&embed[0], hi_part, hi_len) + && compare_memory_nooptimization(&embed[hi_len], lo_part, lo_len)) { trace::error(_X("This executable is not bound to a managed DLL to execute. The binding value is: '%s'"), app_dll->c_str()); return false;