Closed chipitsine closed 3 years ago
very similar behaviour for openvpn
C:\i>C:\i\binskim\bld\bin\x64_Release\Publish\netcoreapp3.1\win-x64\BinSkim.exe analyze analyze "C:\i\openvpn-pipeline-artifacts\*.*" --recurse
Analyzing...
Analyzing 'compat.pdb'...
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2001 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'LoadImageAboveFourGigabyteAddress' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.IL.Rules.LoadImageAboveFourGigabyteAddress.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2001.LoadImagesAboveFourGigabyteAddress.cs:line 53
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2002 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'DoNotIncorporateVulnerableDependencies' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.DoNotIncorporateVulnerableDependencies.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2002.DoNotIncorporateVulnerableDependencies.cs:line 89
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 63
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2004 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableSecureSourceCodeHashing' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_DebugDirectories()
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_CodeViewDebugDirectoryData() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 179
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsDotNetCoreBootstrapExe() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 544
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 85
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2006 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'BuildWithSecureTools' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.BuildWithSecureTools.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2006.BuildWithSecureTools.cs:line 78
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 63
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2007 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableCriticalCompilerWarnings' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.EnableCriticalCompilerWarnings.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2007.EnableCriticalCompilerWarnings.cs:line 76
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 63
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2008 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableControlFlowGuard' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.EnableControlFlowGuard.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2008.EnableControlFlowGuard.cs:line 74
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2009 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableAddressSpaceLayoutRandomization' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsXBox() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 670
at Microsoft.CodeAnalysis.IL.Rules.EnableAddressSpaceLayoutRandomization.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2009.EnableAddressSpaceLayoutRandomization.cs:line 54
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2011 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableStackProtection' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.StackProtectionUtilities.CommonCanAnalyze(PEBinary target, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\StackProtectionUtilities.cs:line 26
at Microsoft.CodeAnalysis.IL.Rules.EnableStackProtection.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2011.EnableStackProtection.cs:line 45
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 63
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2012 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'DoNotModifyStackProtectionCookie' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.StackProtectionUtilities.CommonCanAnalyze(PEBinary target, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\StackProtectionUtilities.cs:line 26
at Microsoft.CodeAnalysis.IL.Rules.DoNotModifyStackProtectionCookie.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2012.DoNotModifyStackProtectionCookie.cs:line 56
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2013 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'InitializeStackProtection' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.StackProtectionUtilities.CommonCanAnalyze(PEBinary target, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\StackProtectionUtilities.cs:line 26
at Microsoft.CodeAnalysis.IL.Rules.InitializeStackProtection.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2013.InitializeStackProtection.cs:line 50
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 63
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2014 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'DoNotDisableStackProtectionForFunctions' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.StackProtectionUtilities.CommonCanAnalyze(PEBinary target, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\StackProtectionUtilities.cs:line 26
at Microsoft.CodeAnalysis.IL.Rules.DoNotDisableStackProtectionForFunctions.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2014.DoNotDisableStackProtectionForFunctions.cs:line 71
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 63
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2015 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableHighEntropyVirtualAddresses' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.IL.Rules.EnableHighEntropyVirtualAddresses.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2015.EnableHighEntropyVirtualAddresses.cs:line 52
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2016 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'MarkImageAsNXCompatible' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.IL.Rules.MarkImageAsNXCompatible.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2016.MarkImageAsNXCompatible.cs:line 51
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2018 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableSafeSEH' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_Machine() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 706
at Microsoft.CodeAnalysis.IL.Rules.EnableSafeSEH.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2018.EnableSafeSEH.cs:line 50
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2019 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'DoNotMarkWritableSectionsAsShared' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsXBox() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 670
at Microsoft.CodeAnalysis.IL.Rules.DoNotMarkWritableSectionsAsShared.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2019.DoNotMarkWritableSectionsAsShared.cs:line 45
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2024 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableSpectreMitigations' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.EnableSpectreMitigations.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2024.EnableSpectreMitigations.cs:line 97
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 63
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2025 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableShadowStack' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.EnableShadowStack.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2025.EnableShadowStack.cs:line 51
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 63
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInCanAnalyze : BA2026 : An exception was raised attempting to determine whether 'compat.pdb' is a valid analysis target for check 'EnableAdditionalSdlSecurityChecks' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.BinaryParsers.PortableExecutable.PE.get_IsResourceOnly() in C:\i\binskim\src\BinaryParsers\PEBinary\PortableExecutable\PE.cs:line 457
at Microsoft.CodeAnalysis.IL.Rules.EnableAdditionalSdlSecurityChecks.CanAnalyzePE(PEBinary target, PropertiesDictionary policy, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2026.EnableAdditionalSdlSecurityChecks.cs:line 51
at Microsoft.CodeAnalysis.IL.Rules.PEBinarySkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\PEBinarySkimmerBase.cs:line 16
at Microsoft.CodeAnalysis.IL.Rules.WindowsBinaryAndPdbSkimmerBase.CanAnalyze(BinaryAnalyzerContext context, String& reasonForNotAnalyzing) in C:\i\binskim\src\BinSkim.Rules\PERules\WindowsBinaryAndPdbSkimmerBase.cs:line 63
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.DetermineApplicabilityForTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInAnalyze : BA2010 : An exception of type 'NullReferenceException' was raised analyzing 'compat.pdb' for check 'DoNotMarkImportsSectionAsExecutable' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target, and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.IL.Rules.DoNotMarkImportsSectionAsExecutable.Analyze(BinaryAnalyzerContext context) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2010.DoNotMarkImportsSectionAsExecutable.cs:line 62
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.AnalyzeTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb : error ERR998.ExceptionInAnalyze : BA2021 : An exception of type 'NullReferenceException' was raised analyzing 'compat.pdb' for check 'DoNotMarkWritableSectionsAsExecutable' (which has been disabled). The exception may have resulted from a problem related to parsing the analysis target, and not specific to the rule, however.
NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.CodeAnalysis.IL.Rules.DoNotMarkWritableSectionsAsExecutable.Analyze(BinaryAnalyzerContext context) in C:\i\binskim\src\BinSkim.Rules\PERules\BA2021.DoNotMarkWritableSectionsAsExecutable.cs:line 59
at Microsoft.CodeAnalysis.Sarif.Driver.AnalyzeCommandBase`2.AnalyzeTarget(IEnumerable`1 skimmers, TContext context, ISet`1 disabledSkimmers)
C:\i\openvpn-pipeline-artifacts\compat.pdb: error BA2022: 'compat.pdb' signing was flagged as insecure by WinTrustVerify with error code 'TRUST_E_SUBJECT_FORM_UNKNOWN' (The form specified for the subject is not one supported or known by the specified trust provider.)
Analyzing 'libcrypto-1_1-x64.dll'...
Analyzing 'libopenvpnmsica.dll'...
Analyzing 'libopenvpnmsica.pdb'...
C:\i\openvpn-pipeline-artifacts\libopenvpnmsica.pdb: error BA2022: 'libopenvpnmsica.pdb' signing was flagged as insecure by WinTrustVerify with error code 'TRUST_E_SUBJECT_FORM_UNKNOWN' (The form specified for the subject is not one supported or known by the specified trust provider.)
Analyzing 'libpkcs11-helper-1.dll'...
Analyzing 'libssl-1_1-x64.dll'...
Analyzing 'lzo2.dll'...
Analyzing 'openvpn.exe'...
Analyzing 'openvpn.pdb'...
C:\i\openvpn-pipeline-artifacts\openvpn.pdb: error BA2022: 'openvpn.pdb' signing was flagged as insecure by WinTrustVerify with error code 'TRUST_E_SUBJECT_FORM_UNKNOWN' (The form specified for the subject is not one supported or known by the specified trust provider.)
Analyzing 'openvpnserv.exe'...
Analyzing 'openvpnserv.pdb'...
C:\i\openvpn-pipeline-artifacts\openvpnserv.pdb: error BA2022: 'openvpnserv.pdb' signing was flagged as insecure by WinTrustVerify with error code 'TRUST_E_SUBJECT_FORM_UNKNOWN' (The form specified for the subject is not one supported or known by the specified trust provider.)
Analyzing 'tapctl.exe'...
Analyzing 'tapctl.pdb'...
C:\i\openvpn-pipeline-artifacts\tapctl.pdb: error BA2022: 'tapctl.pdb' signing was flagged as insecure by WinTrustVerify with error code 'TRUST_E_SUBJECT_FORM_UNKNOWN' (The form specified for the subject is not one supported or known by the specified trust provider.)
One or more rules was disabled for an analysis target, as it was determined not to be applicable to it (this is a common condition). Pass --verbose on the command-line for more information.
Analysis did not complete due to one or more unrecoverable execution conditions.
Unexpected fatal runtime condition(s) observed: ExceptionRaisedInSkimmerCanAnalyze, ExceptionInSkimmerAnalyze
Hi @chipitsine,
can you try using .dll instead of .*?
right now binskim can analyze only the pdb if needed and it might be generating those issues.
I left only 2 files openvpn.exe
and openvpn.pdb
if I run BinSkim with *.*
- it fails, for *.exe
- no exception
To unlock you, keep using .dll, .exe, instead of .
@shaopeng-gh @yongyan-gh , can you take a look as well?
Will take a look.
using current master branch of BinSkim.
nightly binaries of SoftEtherVPN