This whole subject (signing) is a very complicated, non-static, not
completely functional mess/pain in the ass. Mercifully, I have not had
to venture in to this yet (one of the perks of R&D, so I don’t know a
great deal. However, there are a ton of threads on this subject on this
list. If you’re looking for a place to start, I would check out the 2
(maybe three) articles by Peter of OSR at osronline.com. In addition to
sorting out what works and what doesn’t, et. c., at least one of these
articles contains links to the Microsoft overviews, which, if you’re
totally new to the subject, are probably the place to start.
As far as your specific question (PDB), I do not know the answer; it is
a possibility, but I would bet against it. Whatever the case, what you
state about time date stamp matching is not correct. PDB’s are not
matched by timedate stamps; they are matched by an internal UUID that is
located in the IMAGE_DEBUG_DIRECTORY in the PE and buried in an
undocumented (but well known) location in the PDB.
This (PDB) is the very end of the problem; there is a staggering amount
of procedure that comes before this issue, if it is in fact a problem.
This is the best I can do; you need to check out the archives,
osronline and/or the Microsoft articles.
mm
>> alanadams@dr.com 2006-11-06 16:17 >>>
I’ve only recently started being exposed to having to sign code that
we’re building.
I have to assume that the modification / appended data introduced by
signing a binary is already well accounted for in the PDB matching
process.
At a guess, I would assume that the PDB matching isn’t affected
because the PE link time stamp is still the same & the fact that extra
data was appended is ignored.
Is the technology more complex than that (just for my own
edification), or are there other gotchas related to this
post-modification of the binary that are useful to know from a
debugging perspective?
Thanks.
Alan Adams
You are currently subscribed to windbg as: xxxxx@evitechnology.com
To unsubscribe send a blank email to xxxxx@lists.osr.com