private static StringToVersionMap BuildMinimumToolVersionsMap()
{
var result = new StringToVersionMap
{
[nameof(Language.C)] = new Version(17, 0, 65501, 17013),
[nameof(Language.Cxx)] = new Version(17, 0, 65501, 17013),
//[nameof(Language.MASM)] = new Version(12, 0, 0, 0),
//[nameof(Language.LINK)] = new Version(17, 0, 65501, 17013),
//[nameof(Language.CSharp)] = new Version(19, 0, 0, 0),
//[nameof(Language.CVTRES)] = new Version(12, 0, 0, 0),
[nameof(Language.Unknown)] = new Version(int.MaxValue, int.MaxValue, int.MaxValue, int.MaxValue),
[MIN_XBOX_COMPILER_VER] = new Version(16, 0, 11886, 0)
};
//foreach (string name in Enum.GetNames(typeof(Language)))
//{
// if (!result.ContainsKey(name))
// {
// // If we don't have entry for a language, fire on everything.
// result[name] = new Version(int.MaxValue, int.MaxValue);
// }
//}
return(result);
}
private static StringToVersionMap BuildDefaultVulnerableBinariesMap()
{
var result = new StringToVersionMap();
result["msxml6.dll"] = new Version(6, 30);
result["xmllite.dll"] = new Version(1, 3);
result["msidcrl.dll"] = new Version(7, 0);
return result;
}
private static StringToVersionMap BuildMinimumToolVersionsMap()
{
var result = new StringToVersionMap();
result[MIN_COMPILER_VER] = new Version(17, 0, 65501, 17013);
result[MIN_XBOX_COMPILER_VER] = new Version(16, 0, 11886, 0);
return(result);
}
private static StringToVersionMap BuildDefaultVulnerableBinariesMap()
{
var result = new StringToVersionMap();
result["msxml6.dll"] = new Version(6, 30);
result["xmllite.dll"] = new Version(1, 3);
result["msidcrl.dll"] = new Version(7, 0);
return(result);
}
private static StringToVersionMap BuildAllowedLibraries()
{
StringToVersionMap result = new StringToVersionMap();
// Example entries
// result["cExample.lib,c"] = new Version("1.0.0.0")
// result["cplusplusExample.lib,cxx"] = new Version("1.0.0.0")
// result["masmExample.lib,masm"] = new Version("1.0.0.0")
return(result);
}
private static StringToVersionMap BuildAllowedLibraries()
{
var result = new StringToVersionMap();
// Example entries
result["libeay32.lib,unknown"] = new Version("0.0.0.0");
// result["cplusplusExample.lib,cxx"] = new Version("1.0.0.0")
// result["masmExample.lib,masm"] = new Version("1.0.0.0")
return(result);
}
private static StringToVersionMap BuildMinimumToolVersionsMap()
{
var result = new StringToVersionMap();
result[MIN_LINKER_VER] = new Version(11, 0, 65501, 17016);
result[MIN_COMPILER_VER] = new Version(17, 0, 65501, 17016);
result[MIN_XBOX_LINKER_VER] = new Version("10.0.11886.0");
result[MIN_XBOX_COMPILER_VER] = new Version("16.0.11886.0");
return(result);
}
public void PropertiesDictionary_RoundTripEmptyStringToVersionMap()
{
const string MapKey = "MapKey";
const string ValueKey = "NewKey";
var properties = new PropertiesDictionary();
ValidateProperties(properties.GetProperty(PropertiesDictionaryProperty), PROPERTIES_DEFAULT);
var version = new Version(1, 2, 3, 4);
var nonDefaultValue = new StringToVersionMap();
properties[MapKey] = nonDefaultValue;
properties = RoundTripThroughXml(properties);
ValidateProperties(properties.GetProperty(PropertiesDictionaryProperty), PROPERTIES_DEFAULT);
((TypedPropertiesDictionary <Version>)properties[MapKey]).ContainsKey(ValueKey).Should().Be(false);
}
public override void AnalyzePortableExecutableAndPdb(BinaryAnalyzerContext context)
{
PEBinary target = context.PEBinary();
Pdb pdb = target.Pdb;
Version minCompilerVersion;
minCompilerVersion = (target.PE.IsXBox)
? context.Policy.GetProperty(MinimumToolVersions)[MIN_XBOX_COMPILER_VER]
: context.Policy.GetProperty(MinimumToolVersions)[MIN_COMPILER_VER];
TruncatedCompilandRecordList badModuleList = new TruncatedCompilandRecordList();
StringToVersionMap allowedLibraries = context.Policy.GetProperty(AllowedLibraries);
foreach (DisposableEnumerableView <Symbol> omView in pdb.CreateObjectModuleIterator())
{
Symbol om = omView.Value;
ObjectModuleDetails omDetails = om.GetObjectModuleDetails();
if (omDetails.WellKnownCompiler != WellKnownCompilers.MicrosoftNativeCompiler)
{
continue;
}
// See if the item is in our skip list
if (!string.IsNullOrEmpty(om.Lib))
{
string libFileName = string.Concat(System.IO.Path.GetFileName(om.Lib), ",", omDetails.Language.ToString()).ToLowerInvariant();
Version minAllowedVersion;
if (allowedLibraries.TryGetValue(libFileName, out minAllowedVersion) &&
omDetails.CompilerVersion >= minAllowedVersion)
{
continue;
}
}
Version actualVersion;
Version minimumVersion;
Language omLanguage = omDetails.Language;
switch (omLanguage)
{
case Language.C:
case Language.Cxx:
actualVersion = Minimum(omDetails.CompilerVersion, omDetails.CompilerFrontEndVersion);
minimumVersion = minCompilerVersion;
break;
default:
continue;
}
bool foundIssue = actualVersion < minimumVersion;
AdvancedMitigations advancedMitigations = context.Policy.GetProperty(AdvancedMitigationsEnforced);
if (!foundIssue &&
(advancedMitigations & AdvancedMitigations.Spectre) == AdvancedMitigations.Spectre)
{
ExtendedMachine machineType = (ExtendedMachine)target.PE.Machine;
// Current toolchain is within the version range to validate.
// Now we'll retrieve relevant compiler mitigation details to
// ensure this object module's build and revision meet
// expectations.
CompilerMitigations newMitigationData =
EnableSpectreMitigations.GetAvailableMitigations(context, machineType, actualVersion);
// Current compiler version does not support Spectre mitigations.
foundIssue = !newMitigationData.HasFlag(CompilerMitigations.D2GuardSpecLoadAvailable) &&
!newMitigationData.HasFlag(CompilerMitigations.QSpectreAvailable);
if (foundIssue)
{
// Get the closest compiler version that has mitigations--i.e. if the user is using a 19.0 (VS2015) compiler, we should be recommending an upgrade to the
// 19.0 version that has the mitigations, not an upgrade to a 19.10+ (VS2017) compiler.
// Limitation--if there are multiple 'upgrade to' versions to recommend, this just going to give users the last one we see in the error.
minCompilerVersion = EnableSpectreMitigations.GetClosestCompilerVersionWithSpectreMitigations(context, machineType, actualVersion);
// Indicates Spectre mitigations are not supported on this platform. We won't flag this case.
if (minCompilerVersion == null)
{
foundIssue = false;
}
}
}
if (foundIssue)
{
// built with {0} compiler version {1} (Front end version: {2})
badModuleList.Add(
om.CreateCompilandRecordWithSuffix(
String.Format(CultureInfo.InvariantCulture,
RuleResources.BA2006_Error_BadModule,
omLanguage, omDetails.CompilerVersion, omDetails.CompilerFrontEndVersion)));
}
}
if (!badModuleList.Empty)
{
// '{0}' was compiled with one or more modules which were not built using
// minimum required tool versions (compiler version {1}). More recent toolchains
// contain mitigations that make it more difficult for an attacker to exploit
// vulnerabilities in programs they produce. To resolve this issue, compile
// and /or link your binary with more recent tools. If you are servicing a
// product where the tool chain cannot be modified (e.g. producing a hotfix
// for an already shipped version) ignore this warning. Modules built outside
// of policy: {2}
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultLevel.Error, context, null,
nameof(RuleResources.BA2006_Error),
context.TargetUri.GetFileName(),
minCompilerVersion.ToString(),
badModuleList.CreateSortedObjectList()));
return;
}
// All linked modules of '{0}' generated by the Microsoft front-end
// satisfy configured policy (compiler minimum version {1}).
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultLevel.Pass, context, null,
nameof(RuleResources.BA2006_Pass),
context.TargetUri.GetFileName(),
minCompilerVersion.ToString()));
}
public override void AnalyzePortableExecutableAndPdb(BinaryAnalyzerContext context)
{
PEBinary target = context.PEBinary();
Machine reflectionMachineType = target.PE.Machine;
// The current Machine enum does not have support for Arm64, so translate to our Machine enum
ExtendedMachine machineType = (ExtendedMachine)reflectionMachineType;
if (!machineType.CanBeMitigated())
{
// QUESTION:
// Machine HW is unsupported for mitigations...
// should this be in the CanAnalyze() method or here and issue a warning?
return;
}
Pdb pdb = target.Pdb;
TruncatedCompilandRecordList masmModules = new TruncatedCompilandRecordList();
TruncatedCompilandRecordList mitigationNotEnabledModules = new TruncatedCompilandRecordList();
TruncatedCompilandRecordList mitigationDisabledInDebugBuild = new TruncatedCompilandRecordList();
TruncatedCompilandRecordList mitigationExplicitlyDisabledModules = new TruncatedCompilandRecordList();
StringToVersionMap allowedLibraries = context.Policy.GetProperty(AllowedLibraries);
foreach (DisposableEnumerableView <Symbol> omView in pdb.CreateObjectModuleIterator())
{
Symbol om = omView.Value;
ObjectModuleDetails omDetails = om.GetObjectModuleDetails();
// See if the item is in our skip list.
if (!string.IsNullOrEmpty(om.Lib))
{
string libFileName = string.Concat(System.IO.Path.GetFileName(om.Lib), ",", omDetails.Language.ToString()).ToLowerInvariant();
Version minAllowedVersion;
if (allowedLibraries.TryGetValue(libFileName, out minAllowedVersion) &&
omDetails.CompilerVersion >= minAllowedVersion)
{
continue;
}
}
Version actualVersion;
Language omLanguage = omDetails.Language;
// We already opted-out of IL Only binaries, so only check for native languages
// or those that can appear in mixed binaries.
switch (omLanguage)
{
case Language.C:
case Language.Cxx:
{
if (omDetails.WellKnownCompiler != WellKnownCompilers.MicrosoftNativeCompiler)
{
// TODO: https://github.com/Microsoft/binskim/issues/114
continue;
}
else
{
actualVersion = omDetails.CompilerVersion;
}
break;
}
case Language.MASM:
{
masmModules.Add(om.CreateCompilandRecord());
continue;
}
case Language.LINK:
{
// Linker is not involved in the mitigations, so no need to check version or switches at this time.
continue;
}
case Language.CVTRES:
{
// Resource compiler is not involved in the mitigations, so no need to check version or switches at this time.
continue;
}
case Language.HLSL:
{
// HLSL compiler is not involved in the mitigations, so no need to check version or switches at this time.
continue;
}
// Mixed binaries (/clr) can contain non C++ compilands if they are linked in via netmodules
// .NET IL should be mitigated by the runtime if any mitigations are necessary
// At this point simply accept them as safe until this is disproven.
case Language.CSharp:
case Language.MSIL:
case Language.ILASM:
{
continue;
}
case Language.Unknown:
{
// The linker may emit debug information for modules from static libraries that do not contribute to actual code.
// do not contribute to actual code. Currently these come back as Language.Unknown :(
// TODO: https://github.com/Microsoft/binskim/issues/116
continue;
}
default:
{
// TODO: https://github.com/Microsoft/binskim/issues/117
// Review unknown languages for this and all checks
}
continue;
}
// Get the appropriate compiler version against which to check this compiland.
// check that we are greater than or equal to the first fully supported release: 15.6 first
Version omVersion = omDetails.CompilerVersion;
CompilerMitigations availableMitigations = GetAvailableMitigations(context, machineType, omVersion);
if (availableMitigations == CompilerMitigations.None)
{
// Built with a compiler version {0} that does not support any Spectre
// mitigations. We do not report here. BA2006 will fire instead.
continue;
}
string[] mitigationSwitches = new string[] { "/Qspectre", "/guardspecload" };
SwitchState effectiveState;
// Go process the command line to check for switches
effectiveState = omDetails.GetSwitchState(mitigationSwitches, null, SwitchState.SwitchDisabled, OrderOfPrecedence.LastWins);
if (effectiveState == SwitchState.SwitchDisabled)
{
SwitchState QSpectreState = SwitchState.SwitchNotFound;
SwitchState d2guardspecloadState = SwitchState.SwitchNotFound;
if (availableMitigations.HasFlag(CompilerMitigations.QSpectreAvailable))
{
QSpectreState = omDetails.GetSwitchState(mitigationSwitches[0] /*"/Qspectre"*/, OrderOfPrecedence.LastWins);
}
if (availableMitigations.HasFlag(CompilerMitigations.D2GuardSpecLoadAvailable))
{
// /d2xxxx options show up in the PDB without the d2 string
// So search for just /guardspecload
d2guardspecloadState = omDetails.GetSwitchState(mitigationSwitches[1] /*"/guardspecload"*/, OrderOfPrecedence.LastWins);
}
// TODO: https://github.com/Microsoft/binskim/issues/119
// We should flag cases where /d2guardspecload is enabled but the
// toolset supports /qSpectre (which should be preferred).
if (QSpectreState == SwitchState.SwitchNotFound && d2guardspecloadState == SwitchState.SwitchNotFound)
{
// Built with tools that support the Spectre mitigations but these have not been enabled.
mitigationNotEnabledModules.Add(om.CreateCompilandRecord());
}
else
{
// Built with the Spectre mitigations explicitly disabled.
mitigationExplicitlyDisabledModules.Add(om.CreateCompilandRecord());
}
continue;
}
if (!availableMitigations.HasFlag(CompilerMitigations.NonoptimizedCodeMitigated))
{
string[] OdSwitches = { "/Od" };
// These switches override /Od - there is no one place to find this information on msdn at this time.
string[] OptimizeSwitches = { "/O1", "/O2", "/Ox", "/Og" };
bool debugEnabled = false;
if (omDetails.GetSwitchState(OdSwitches, OptimizeSwitches, SwitchState.SwitchEnabled, OrderOfPrecedence.LastWins) == SwitchState.SwitchEnabled)
{
debugEnabled = true;
}
if (debugEnabled)
{
// Built with /Od which disables Spectre mitigations.
mitigationDisabledInDebugBuild.Add(om.CreateCompilandRecord());
continue;
}
}
}
string line;
var sb = new StringBuilder();
if (!mitigationExplicitlyDisabledModules.Empty)
{
// The following modules were compiled with Spectre
// mitigations explicitly disabled: {0}
line = string.Format(
RuleResources.BA2024_Error_SpectreMitigationExplicitlyDisabled,
mitigationExplicitlyDisabledModules.CreateSortedObjectList());
sb.AppendLine(line);
}
if (!mitigationNotEnabledModules.Empty)
{
// The following modules were compiled with a toolset that supports
// /Qspectre but the switch was not enabled on the command-line: {0}
line = string.Format(
RuleResources.BA2024_Error_SpectreMitigationNotEnabled,
mitigationNotEnabledModules.CreateSortedObjectList());
sb.AppendLine(line);
}
if (!mitigationDisabledInDebugBuild.Empty)
{
// The following modules were compiled with optimizations disabled(/ Od),
// a condition that disables Spectre mitigations: {0}
line = string.Format(
RuleResources.BA2024_Error_OptimizationsDisabled,
mitigationDisabledInDebugBuild.CreateSortedObjectList());
sb.AppendLine(line);
}
if ((context.Policy.GetProperty(Reporting) & ReportingOptions.WarnIfMasmModulesPresent) == ReportingOptions.WarnIfMasmModulesPresent &&
!masmModules.Empty)
{
line = string.Format(
RuleResources.BA2024_Error_MasmModulesDetected,
masmModules.CreateSortedObjectList());
sb.AppendLine(line);
}
if (sb.Length > 0)
{
// '{0}' was compiled with one or more modules that do not properly enable code
// generation mitigations for speculative execution side-channel attack (Spectre)
// vulnerabilities. Spectre attacks can compromise hardware-based isolation,
// allowing non-privileged users to retrieve potentially sensitive data from the
// CPU cache. To resolve the issue, provide the /Qspectre switch on the compiler
// command-line (or /d2guardspecload in cases where your compiler supports this
// switch and it is not possible to update to a toolset that supports /Qspectre).
// The following modules are out of policy: {1}
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultLevel.Error, context, null,
nameof(RuleResources.BA2024_Error),
context.TargetUri.GetFileName(),
sb.ToString()));
return;
}
// All linked modules ‘{0}’ were compiled with mitigations enabled that help prevent Spectre (speculative execution side-channel attack) vulnerabilities.
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultLevel.Pass, context, null,
nameof(RuleResources.BA2024_Pass),
context.TargetUri.GetFileName()));
}
public override void AnalyzePortableExecutableAndPdb(BinaryAnalyzerContext context)
{
PEBinary target = context.PEBinary();
Pdb pdb = target.Pdb;
/*
* This is disabled for now. It's not clear that we can
* actually detect when a binary is compiled with a version
* of csc.exe that is too stale. The reasons are twofold:
* 1) Older versions of csc.exe did not version the version
* data that is persisted to the PE. i.e., '48.0' was
* emitted for numerous versions of the compiler.
* 2) Our PDB reader does not current appear able to crack
* PDBs generated by the older C# compilers. Needs to
* be investigated.
* if (target.PE.IsManaged && !target.PE.IsMixedMode)
* {
* AnalyzeManagedPE(context);
* }
*/
Version minCompilerVersion;
var goodCompilers = new HashSet <string>();
var badModules = new List <ObjectModuleDetails>();
StringToVersionMap allowedLibraries = context.Policy.GetProperty(AllowedLibraries);
var languageToBadModules = new Dictionary <Language, List <ObjectModuleDetails> >();
foreach (DisposableEnumerableView <Symbol> omView in pdb.CreateObjectModuleIterator())
{
Symbol om = omView.Value;
ObjectModuleDetails omDetails = om.GetObjectModuleDetails();
switch (omDetails.Language)
{
case Language.LINK:
{
continue;
}
case Language.C:
case Language.Cxx:
{
minCompilerVersion = (target.PE.IsXBox)
? context.Policy.GetProperty(MinimumToolVersions)[MIN_XBOX_COMPILER_VER]
: context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.C)];
break;
}
//case Language.MASM:
//{
// minCompilerVersion =
// context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.MASM)];
// break;
//}
//case Language.CVTRES:
//{
// minCompilerVersion =
// context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.CVTRES)];
// break;
//}
//case Language.CSharp:
//{
// minCompilerVersion =
// context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.CSharp)];
// break;
//}
case Language.Unknown:
{
minCompilerVersion =
context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.Unknown)];
break;
}
default:
{
continue;
}
}
// See if the item is in our skip list
if (!string.IsNullOrEmpty(om.Lib))
{
string libFileName = string.Concat(System.IO.Path.GetFileName(om.Lib), ",", omDetails.Language.ToString()).ToLowerInvariant();
if (allowedLibraries.TryGetValue(libFileName, out Version minAllowedVersion) &&
omDetails.CompilerBackEndVersion >= minAllowedVersion)
{
continue;
}
}
Version actualVersion;
Version minimumVersion = minCompilerVersion;
Language omLanguage = omDetails.Language;
switch (omLanguage)
{
case Language.C:
case Language.Cxx:
{
actualVersion = Minimum(omDetails.CompilerBackEndVersion, omDetails.CompilerFrontEndVersion);
break;
}
case Language.LINK:
case Language.MASM:
case Language.CVTRES:
{
actualVersion = omDetails.CompilerBackEndVersion;
break;
}
default:
continue;
}
bool foundIssue = actualVersion < minimumVersion;
AdvancedMitigations advancedMitigations = context.Policy.GetProperty(AdvancedMitigationsEnforced);
if (!foundIssue &&
(advancedMitigations & AdvancedMitigations.Spectre) == AdvancedMitigations.Spectre)
{
var machineType = (ExtendedMachine)target.PE.Machine;
// Current toolchain is within the version range to validate.
// Now we'll retrieve relevant compiler mitigation details to
// ensure this object module's build and revision meet
// expectations.
CompilerMitigations newMitigationData =
EnableSpectreMitigations.GetAvailableMitigations(context, machineType, actualVersion);
// Current compiler version does not support Spectre mitigations.
foundIssue = !newMitigationData.HasFlag(CompilerMitigations.D2GuardSpecLoadAvailable) &&
!newMitigationData.HasFlag(CompilerMitigations.QSpectreAvailable);
if (foundIssue)
{
// Get the closest compiler version that has mitigations--i.e. if the user is using a 19.0 (VS2015) compiler, we should be recommending an upgrade to the
// 19.0 version that has the mitigations, not an upgrade to a 19.10+ (VS2017) compiler.
// Limitation--if there are multiple 'upgrade to' versions to recommend, this just going to give users the last one we see in the error.
minCompilerVersion = EnableSpectreMitigations.GetClosestCompilerVersionWithSpectreMitigations(context, machineType, actualVersion);
// Indicates Spectre mitigations are not supported on this platform. We won't flag this case.
if (minCompilerVersion == null)
{
foundIssue = false;
}
}
}
if (foundIssue)
{
badModules.Add(omDetails);
}
else
{
goodCompilers.Add(BuildCompilerIdentifier(omDetails));
}
}
if (badModules.Count != 0)
{
string badModulesText = badModules.CreateOutputCoalescedByCompiler();
string minimumRequiredCompilers = BuildMinimumCompilersList(context, languageToBadModules);
// '{0}' was compiled with one or more modules which were not built using
// minimum required tool versions ({1}). More recent toolchains
// contain mitigations that make it more difficult for an attacker to exploit
// vulnerabilities in programs they produce. To resolve this issue, compile
// and /or link your binary with more recent tools. If you are servicing a
// product where the tool chain cannot be modified (e.g. producing a hotfix
// for an already shipped version) ignore this warning. Modules built outside
// of policy: {2}
context.Logger.Log(this,
RuleUtilities.BuildResult(FailureLevel.Error, context, null,
nameof(RuleResources.BA2006_Error),
context.TargetUri.GetFileName(),
minimumRequiredCompilers,
badModulesText));
return;
}
string[] sorted = goodCompilers.ToArray();
Array.Sort(sorted);
// All linked modules of '{0}' satisfy configured policy (observed compilers: {1}).
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultKind.Pass, context, null,
nameof(RuleResources.BA2006_Pass),
context.TargetUri.GetFileName(),
string.Join(", ", sorted)));
}
private static StringToVersionMap BuildAllowedLibraries()
{
StringToVersionMap result = new StringToVersionMap();
result["xboxkrnl.lib,C"] = new Version("1.0.0.0");
result["xboxkrnl.lib,Cxx"] = new Version("1.0.0.0");
result["xboxkrnl.lib,MASM"] = new Version("1.0.0.0");
result["adsiid.lib,C"] = new Version("15.0.30729.207");
result["ahadmin.lib,Cxx"] = new Version("15.0.30729.165");
result["amstrmid.lib,C"] = new Version("15.0.30729.207");
result["aux_ulib.lib,C"] = new Version("15.0.30729.207");
result["bits.lib,C"] = new Version("15.0.30729.207");
result["certidl.lib,C"] = new Version("15.0.30729.207");
result["clfsmgmt.lib,Cxx"] = new Version("15.0.30729.207");
result["corguids.lib,C"] = new Version("16.0.30311.1");
result["dinput8.lib,C"] = new Version("15.0.30729.165");
result["dmoguids.lib,C"] = new Version("15.0.30729.207");
result["dtchelp.lib,Cxx"] = new Version("15.0.30729.165");
result["ehstorguids.lib,Cxx"] = new Version("15.0.30729.207");
result["fci.lib,C"] = new Version("15.0.30729.165");
result["fdi.lib,C"] = new Version("15.0.30729.165");
result["fileextd.lib,MASM"] = new Version("9.0.30729.165");
result["fileextd.lib,C"] = new Version("15.0.30729.165");
result["format.lib,Cxx"] = new Version("16.0.30311.1");
result["gdiplus.lib,Cxx"] = new Version("15.0.30729.165");
result["gpmuuid.lib,C"] = new Version("15.0.30729.165");
result["htmlhelp.lib,Cxx"] = new Version("15.0.30729.165");
result["iepmapi.lib,Cxx"] = new Version("15.0.30729.165");
result["ksguid.lib,C"] = new Version("15.0.30729.207");
result["ksuser.lib,C"] = new Version("15.0.30729.207");
result["locationapi.lib,Cxx"] = new Version("15.0.30729.207");
result["mbnapi_uuid.lib,C"] = new Version("15.0.30729.165");
result["mfuuid.lib,Cxx"] = new Version("15.0.30729.207");
result["mfuuid.lib,C"] = new Version("15.0.30729.207");
result["mmc.lib,Cxx"] = new Version("15.0.30729.165");
result["mmc.lib,C"] = new Version("15.0.30729.165");
result["mqoa.lib,C"] = new Version("15.0.30729.165");
result["msdasc.lib,C"] = new Version("15.0.30729.165");
result["mstask.lib,Cxx"] = new Version("15.0.30729.165");
result["msxml2.lib,C"] = new Version("15.0.30729.165");
result["msxml6.lib,C"] = new Version("15.0.30729.165");
result["muiload.lib,Cxx"] = new Version("15.0.30729.207");
result["muiload.lib,C"] = new Version("15.0.30729.207");
result["odbccp32.lib,C"] = new Version("15.0.30729.165");
result["oledb.lib,C"] = new Version("15.0.30729.165");
result["osptk.lib,C"] = new Version("15.0.30729.165");
result["photoacquireuid.lib,Cxx"] = new Version("15.0.30729.207");
result["portabledeviceguids.lib,Cxx"] = new Version("15.0.30729.207");
result["sapi.lib,C"] = new Version("15.0.30729.165");
result["sbtsv.lib,C"] = new Version("15.0.30729.207");
result["scrnsave.lib,C"] = new Version("15.0.30729.165");
result["scrnsavw.lib,C"] = new Version("15.0.30729.165");
result["searchsdk.lib,C"] = new Version("15.0.30729.207");
result["sensorsapi.lib,Cxx"] = new Version("15.0.30729.207");
result["shell32.lib,C"] = new Version("15.0.30729.207");
result["srclient.lib,Cxx"] = new Version("15.0.30729.165");
result["strmiids.lib,C"] = new Version("15.0.30729.207");
result["strsafe.lib,C"] = new Version("15.0.30729.165");
result["structuredquery.lib,C"] = new Version("15.0.30729.165");
result["svcguid.lib,C"] = new Version("15.0.30729.165");
result["taskschd.lib,C"] = new Version("15.0.30729.165");
result["transcodeimageuid.lib,Cxx"] = new Version("15.0.30729.165");
result["tspubplugincom.lib,C"] = new Version("15.0.30729.207");
result["unicows.lib,C"] = new Version("15.0.30729.165");
result["uuid.lib,C"] = new Version("15.0.30729.165");
result["uuid.lib,Cxx"] = new Version("15.0.30729.207");
result["vds_uuid.lib,C"] = new Version("15.0.30729.207");
result["vpccominterfaces.lib,C"] = new Version("15.0.30729.207");
result["vss_uuid.lib,C"] = new Version("15.0.30729.207");
result["wbemuuid.lib,C"] = new Version("15.0.30729.165");
result["wcmguid.lib,C"] = new Version("15.0.30729.165");
result["wiaguid.lib,C"] = new Version("15.0.30729.207");
result["windowscodecs.lib,Cxx"] = new Version("15.0.30729.207");
result["windowssideshowguids.lib,Cxx"] = new Version("15.0.30729.207");
result["winstrm.lib,C"] = new Version("15.0.30729.165");
result["wmcodecdspuuid.lib,C"] = new Version("15.0.30729.207");
result["workspaceax.lib,C"] = new Version("15.0.30729.207");
result["ws2_32.lib,C"] = new Version("15.0.30729.165");
result["wsbapp_uuid.lib,C"] = new Version("15.0.30729.165");
result["wuguid.lib,C"] = new Version("15.0.30729.165");
result["xaswitch.lib,Cxx"] = new Version("15.0.30729.165");
result["comsupp.lib,Cxx"] = new Version("16.0.30319.1");
result["comsuppd.lib,Cxx"] = new Version("16.0.30319.1");
result["comsuppw.lib,Cxx"] = new Version("16.0.30319.1");
result["comsuppwd.lib,Cxx"] = new Version("16.0.30319.1");
result["delayimp.lib,Cxx"] = new Version("16.0.30319.1");
result["libcmt.lib,Cxx"] = new Version("16.0.40219.1");
result["libcmt.lib,C"] = new Version("16.0.40219.1");
result["libcmt.lib,MASM"] = new Version("10.0.40219.1");
result["libcmtd.lib,Cxx"] = new Version("16.0.40219.1");
result["libcmtd.lib,C"] = new Version("16.0.40219.1");
result["libcmtd.lib,MASM"] = new Version("10.0.40219.1");
result["libcpmt.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmt.lib,C"] = new Version("16.0.40219.1");
result["libcpmt1.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmt1.lib,C"] = new Version("16.0.40219.1");
result["libcpmtd.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmtd.lib,C"] = new Version("16.0.40219.1");
result["libcpmtd0.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmtd0.lib,C"] = new Version("16.0.40219.1");
result["libcpmtd1.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmtd1.lib,C"] = new Version("16.0.40219.1");
result["msvcmrt.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcmrtd.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcprt.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcprtd.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcrt.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcrt.lib,MASM"] = new Version("10.0.40219.1");
result["msvcrt.lib,C"] = new Version("16.0.40219.1");
result["msvcrtd.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcrtd.lib,MASM"] = new Version("10.0.40219.1");
result["msvcrtd.lib,C"] = new Version("16.0.40219.1");
result["msvcurt.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcurtd.lib,Cxx"] = new Version("16.0.40219.1");
result["pgobootrun.lib,Cxx"] = new Version("16.0.30319.1");
result["pgort.lib,Cxx"] = new Version("16.0.30319.1");
result["ptrustm.lib,Cxx"] = new Version("16.0.40219.1");
result["ptrustmd.lib,Cxx"] = new Version("16.0.40219.1");
result["ptrustu.lib,Cxx"] = new Version("16.0.40219.1");
result["ptrustud.lib,Cxx"] = new Version("16.0.40219.1");
result["runtmchk.lib,Cxx"] = new Version("16.0.30319.1");
result["runtmchk.lib,C"] = new Version("16.0.30319.1");
result["runtmchk.lib,MASM"] = new Version("10.0.30319.1");
result["vcomp.lib,MASM"] = new Version("10.0.40219.1");
result["vcompd.lib,MASM"] = new Version("10.0.40219.1");
result["pgort.lib,MASM"] = new Version("10.0.30319.1");
result["atl.lib,C"] = new Version("16.0.30319.1");
result["atls.lib,C"] = new Version("16.0.30319.1");
result["atlsd.lib,C"] = new Version("16.0.30319.1");
result["mfc100.lib,C"] = new Version("16.0.30319.1");
result["mfc100u.lib,C"] = new Version("16.0.30319.1");
result["mfc100d.lib,C"] = new Version("16.0.30319.1");
result["mfc100ud.lib,C"] = new Version("16.0.30319.1");
result["mfcm100.lib,C"] = new Version("16.0.30319.1");
result["mfcm100d.lib,C"] = new Version("16.0.30319.1");
result["mfcm100u.lib,C"] = new Version("16.0.30319.1");
result["mfcm100ud.lib,C"] = new Version("16.0.30319.1");
result["mfcs100.lib,C"] = new Version("16.0.30319.1");
result["mfcs100d.lib,C"] = new Version("16.0.30319.1");
result["mfcs100u.lib,C"] = new Version("16.0.30319.1");
result["mfcs100ud.lib,C"] = new Version("16.0.30319.1");
result["nafxcw.lib,C"] = new Version("16.0.30319.1");
result["nafxcwd.lib,C"] = new Version("16.0.30319.1");
result["uafxcw.lib,C"] = new Version("16.0.30319.1");
result["uafxcwd.lib,C"] = new Version("16.0.30319.1");
result["atl.lib,Cxx"] = new Version("16.0.30319.1");
result["atls.lib,Cxx"] = new Version("16.0.30319.1");
result["atlsd.lib,Cxx"] = new Version("16.0.30319.1");
result["mfc100.lib,Cxx"] = new Version("16.0.30319.1");
result["mfc100u.lib,Cxx"] = new Version("16.0.30319.1");
result["mfc100d.lib,Cxx"] = new Version("16.0.30319.1");
result["mfc100ud.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcm100.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcm100d.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcm100u.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcm100ud.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcs100.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcs100d.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcs100u.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcs100ud.lib,Cxx"] = new Version("16.0.30319.1");
result["nafxcw.lib,Cxx"] = new Version("16.0.30319.1");
result["nafxcwd.lib,Cxx"] = new Version("16.0.30319.1");
result["uafxcw.lib,Cxx"] = new Version("16.0.30319.1");
result["uafxcwd.lib,Cxx"] = new Version("16.0.30319.1");
return(result);
}
public override void Analyze(BinaryAnalyzerContext context)
{
PEHeader peHeader = context.PE.PEHeaders.PEHeader;
Pdb pdb = context.Pdb;
if (pdb == null)
{
Errors.LogExceptionLoadingPdb(context, context.PdbParseException);
return;
}
Version minLinkVersion;
Version minCompilerVersion;
if (context.PE.IsXBox)
{
minCompilerVersion = context.Policy.GetProperty(MinimumToolVersions)[MIN_XBOX_COMPILER_VER];
minLinkVersion = context.Policy.GetProperty(MinimumToolVersions)[MIN_XBOX_LINKER_VER];
}
else
{
minCompilerVersion = context.Policy.GetProperty(MinimumToolVersions)[MIN_COMPILER_VER];
minLinkVersion = context.Policy.GetProperty(MinimumToolVersions)[MIN_LINKER_VER];
}
TruncatedCompilandRecordList badModuleList = new TruncatedCompilandRecordList();
StringToVersionMap allowedLibraries = context.Policy.GetProperty(AllowedLibraries);
foreach (DisposableEnumerableView <Symbol> omView in pdb.CreateObjectModuleIterator())
{
Symbol om = omView.Value;
ObjectModuleDetails omDetails = om.GetObjectModuleDetails();
// see if the item is in our skip list
if (!string.IsNullOrEmpty(om.Lib))
{
string libFileName = string.Concat(System.IO.Path.GetFileName(om.Lib), ",", omDetails.Language.ToString()).ToLowerInvariant();
Version minAllowedVersion;
if (allowedLibraries.TryGetValue(libFileName, out minAllowedVersion) &&
omDetails.CompilerVersion >= minAllowedVersion)
{
continue;
}
}
Version actualVersion;
Version minimumVersion;
Language omLanguage = omDetails.Language;
switch (omLanguage)
{
case Language.C:
case Language.Cxx:
actualVersion = Minimum(omDetails.CompilerVersion, omDetails.CompilerFrontEndVersion);
minimumVersion = minCompilerVersion;
break;
case Language.MASM:
// TODO verify this
actualVersion = omDetails.CompilerVersion;
minimumVersion = minLinkVersion;
break;
case Language.LINK:
continue;
default:
continue;
}
if (actualVersion < minimumVersion)
{
// built with {0} compiler version {1} (Front end version: {2})
badModuleList.Add(
om.CreateCompilandRecordWithSuffix(
String.Format(CultureInfo.InvariantCulture,
RuleResources.BA2006_Error_BadModule,
omLanguage, omDetails.CompilerVersion, omDetails.CompilerFrontEndVersion)));
}
}
if (!badModuleList.Empty)
{
// '{0}' was compiled with one or more modules which were not built using minimum
// required tool versions (compiler version {1}, linker version {2}). More recent
// tool chains contain mitigations that make it more difficult for an attacker to
// exploit vulnerabilities in programs they produce. To resolve this issue,
// compile and/or link your binary with more recent tools. If you are servicing a
// product where the tool chain cannot be modified (e.g. producing a hotfix for
// an already shipped version) ignore this warning.
// Modules built outside of policy: {3}
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultLevel.Error, context, null,
nameof(RuleResources.BA2006_Error),
context.TargetUri.GetFileName(),
minCompilerVersion.ToString(),
minLinkVersion.ToString(),
badModuleList.CreateSortedObjectList()));
return;
}
// '{0}' was built with a tool chain that satisfies configured policy
// (compiler minimum version {1}, linker minimum version {2}).
context.Logger.Log(this,
RuleUtilities.BuildResult(ResultLevel.Pass, context, null,
nameof(RuleResources.BA2006_Pass),
context.TargetUri.GetFileName(),
minCompilerVersion.ToString(),
minLinkVersion.ToString()));
}
private static StringToVersionMap BuildMinimumToolVersionsMap()
{
var result = new StringToVersionMap();
result[MIN_LINKER_VER] = new Version(11, 0, 65501, 17016);
result[MIN_COMPILER_VER] = new Version(17, 0, 65501, 17016);
result[MIN_XBOX_LINKER_VER] = new Version("10.0.11886.0");
result[MIN_XBOX_COMPILER_VER] = new Version("16.0.11886.0");
return result;
}
private static StringToVersionMap BuildAllowedLibraries()
{
StringToVersionMap result = new StringToVersionMap();
result["xboxkrnl.lib,C"] = new Version("1.0.0.0");
result["xboxkrnl.lib,Cxx"] = new Version("1.0.0.0");
result["xboxkrnl.lib,MASM"] = new Version("1.0.0.0");
result["adsiid.lib,C"] = new Version("15.0.30729.207");
result["ahadmin.lib,Cxx"] = new Version("15.0.30729.165");
result["amstrmid.lib,C"] = new Version("15.0.30729.207");
result["aux_ulib.lib,C"] = new Version("15.0.30729.207");
result["bits.lib,C"] = new Version("15.0.30729.207");
result["certidl.lib,C"] = new Version("15.0.30729.207");
result["clfsmgmt.lib,Cxx"] = new Version("15.0.30729.207");
result["corguids.lib,C"] = new Version("16.0.30311.1");
result["dinput8.lib,C"] = new Version("15.0.30729.165");
result["dmoguids.lib,C"] = new Version("15.0.30729.207");
result["dtchelp.lib,Cxx"] = new Version("15.0.30729.165");
result["ehstorguids.lib,Cxx"] = new Version("15.0.30729.207");
result["fci.lib,C"] = new Version("15.0.30729.165");
result["fdi.lib,C"] = new Version("15.0.30729.165");
result["fileextd.lib,MASM"] = new Version("9.0.30729.165");
result["fileextd.lib,C"] = new Version("15.0.30729.165");
result["format.lib,Cxx"] = new Version("16.0.30311.1");
result["gdiplus.lib,Cxx"] = new Version("15.0.30729.165");
result["gpmuuid.lib,C"] = new Version("15.0.30729.165");
result["htmlhelp.lib,Cxx"] = new Version("15.0.30729.165");
result["iepmapi.lib,Cxx"] = new Version("15.0.30729.165");
result["ksguid.lib,C"] = new Version("15.0.30729.207");
result["ksuser.lib,C"] = new Version("15.0.30729.207");
result["locationapi.lib,Cxx"] = new Version("15.0.30729.207");
result["mbnapi_uuid.lib,C"] = new Version("15.0.30729.165");
result["mfuuid.lib,Cxx"] = new Version("15.0.30729.207");
result["mfuuid.lib,C"] = new Version("15.0.30729.207");
result["mmc.lib,Cxx"] = new Version("15.0.30729.165");
result["mmc.lib,C"] = new Version("15.0.30729.165");
result["mqoa.lib,C"] = new Version("15.0.30729.165");
result["msdasc.lib,C"] = new Version("15.0.30729.165");
result["mstask.lib,Cxx"] = new Version("15.0.30729.165");
result["msxml2.lib,C"] = new Version("15.0.30729.165");
result["msxml6.lib,C"] = new Version("15.0.30729.165");
result["muiload.lib,Cxx"] = new Version("15.0.30729.207");
result["muiload.lib,C"] = new Version("15.0.30729.207");
result["odbccp32.lib,C"] = new Version("15.0.30729.165");
result["oledb.lib,C"] = new Version("15.0.30729.165");
result["osptk.lib,C"] = new Version("15.0.30729.165");
result["photoacquireuid.lib,Cxx"] = new Version("15.0.30729.207");
result["portabledeviceguids.lib,Cxx"] = new Version("15.0.30729.207");
result["sapi.lib,C"] = new Version("15.0.30729.165");
result["sbtsv.lib,C"] = new Version("15.0.30729.207");
result["scrnsave.lib,C"] = new Version("15.0.30729.165");
result["scrnsavw.lib,C"] = new Version("15.0.30729.165");
result["searchsdk.lib,C"] = new Version("15.0.30729.207");
result["sensorsapi.lib,Cxx"] = new Version("15.0.30729.207");
result["shell32.lib,C"] = new Version("15.0.30729.207");
result["srclient.lib,Cxx"] = new Version("15.0.30729.165");
result["strmiids.lib,C"] = new Version("15.0.30729.207");
result["strsafe.lib,C"] = new Version("15.0.30729.165");
result["structuredquery.lib,C"] = new Version("15.0.30729.165");
result["svcguid.lib,C"] = new Version("15.0.30729.165");
result["taskschd.lib,C"] = new Version("15.0.30729.165");
result["transcodeimageuid.lib,Cxx"] = new Version("15.0.30729.165");
result["tspubplugincom.lib,C"] = new Version("15.0.30729.207");
result["unicows.lib,C"] = new Version("15.0.30729.165");
result["uuid.lib,C"] = new Version("15.0.30729.165");
result["uuid.lib,Cxx"] = new Version("15.0.30729.207");
result["vds_uuid.lib,C"] = new Version("15.0.30729.207");
result["vpccominterfaces.lib,C"] = new Version("15.0.30729.207");
result["vss_uuid.lib,C"] = new Version("15.0.30729.207");
result["wbemuuid.lib,C"] = new Version("15.0.30729.165");
result["wcmguid.lib,C"] = new Version("15.0.30729.165");
result["wiaguid.lib,C"] = new Version("15.0.30729.207");
result["windowscodecs.lib,Cxx"] = new Version("15.0.30729.207");
result["windowssideshowguids.lib,Cxx"] = new Version("15.0.30729.207");
result["winstrm.lib,C"] = new Version("15.0.30729.165");
result["wmcodecdspuuid.lib,C"] = new Version("15.0.30729.207");
result["workspaceax.lib,C"] = new Version("15.0.30729.207");
result["ws2_32.lib,C"] = new Version("15.0.30729.165");
result["wsbapp_uuid.lib,C"] = new Version("15.0.30729.165");
result["wuguid.lib,C"] = new Version("15.0.30729.165");
result["xaswitch.lib,Cxx"] = new Version("15.0.30729.165");
result["comsupp.lib,Cxx"] = new Version("16.0.30319.1");
result["comsuppd.lib,Cxx"] = new Version("16.0.30319.1");
result["comsuppw.lib,Cxx"] = new Version("16.0.30319.1");
result["comsuppwd.lib,Cxx"] = new Version("16.0.30319.1");
result["delayimp.lib,Cxx"] = new Version("16.0.30319.1");
result["libcmt.lib,Cxx"] = new Version("16.0.40219.1");
result["libcmt.lib,C"] = new Version("16.0.40219.1");
result["libcmt.lib,MASM"] = new Version("10.0.40219.1");
result["libcmtd.lib,Cxx"] = new Version("16.0.40219.1");
result["libcmtd.lib,C"] = new Version("16.0.40219.1");
result["libcmtd.lib,MASM"] = new Version("10.0.40219.1");
result["libcpmt.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmt.lib,C"] = new Version("16.0.40219.1");
result["libcpmt1.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmt1.lib,C"] = new Version("16.0.40219.1");
result["libcpmtd.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmtd.lib,C"] = new Version("16.0.40219.1");
result["libcpmtd0.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmtd0.lib,C"] = new Version("16.0.40219.1");
result["libcpmtd1.lib,Cxx"] = new Version("16.0.40219.1");
result["libcpmtd1.lib,C"] = new Version("16.0.40219.1");
result["msvcmrt.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcmrtd.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcprt.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcprtd.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcrt.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcrt.lib,MASM"] = new Version("10.0.40219.1");
result["msvcrt.lib,C"] = new Version("16.0.40219.1");
result["msvcrtd.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcrtd.lib,MASM"] = new Version("10.0.40219.1");
result["msvcrtd.lib,C"] = new Version("16.0.40219.1");
result["msvcurt.lib,Cxx"] = new Version("16.0.40219.1");
result["msvcurtd.lib,Cxx"] = new Version("16.0.40219.1");
result["pgobootrun.lib,Cxx"] = new Version("16.0.30319.1");
result["pgort.lib,Cxx"] = new Version("16.0.30319.1");
result["ptrustm.lib,Cxx"] = new Version("16.0.40219.1");
result["ptrustmd.lib,Cxx"] = new Version("16.0.40219.1");
result["ptrustu.lib,Cxx"] = new Version("16.0.40219.1");
result["ptrustud.lib,Cxx"] = new Version("16.0.40219.1");
result["runtmchk.lib,Cxx"] = new Version("16.0.30319.1");
result["runtmchk.lib,C"] = new Version("16.0.30319.1");
result["runtmchk.lib,MASM"] = new Version("10.0.30319.1");
result["vcomp.lib,MASM"] = new Version("10.0.40219.1");
result["vcompd.lib,MASM"] = new Version("10.0.40219.1");
result["pgort.lib,MASM"] = new Version("10.0.30319.1");
result["atl.lib,C"] = new Version("16.0.30319.1");
result["atls.lib,C"] = new Version("16.0.30319.1");
result["atlsd.lib,C"] = new Version("16.0.30319.1");
result["mfc100.lib,C"] = new Version("16.0.30319.1");
result["mfc100u.lib,C"] = new Version("16.0.30319.1");
result["mfc100d.lib,C"] = new Version("16.0.30319.1");
result["mfc100ud.lib,C"] = new Version("16.0.30319.1");
result["mfcm100.lib,C"] = new Version("16.0.30319.1");
result["mfcm100d.lib,C"] = new Version("16.0.30319.1");
result["mfcm100u.lib,C"] = new Version("16.0.30319.1");
result["mfcm100ud.lib,C"] = new Version("16.0.30319.1");
result["mfcs100.lib,C"] = new Version("16.0.30319.1");
result["mfcs100d.lib,C"] = new Version("16.0.30319.1");
result["mfcs100u.lib,C"] = new Version("16.0.30319.1");
result["mfcs100ud.lib,C"] = new Version("16.0.30319.1");
result["nafxcw.lib,C"] = new Version("16.0.30319.1");
result["nafxcwd.lib,C"] = new Version("16.0.30319.1");
result["uafxcw.lib,C"] = new Version("16.0.30319.1");
result["uafxcwd.lib,C"] = new Version("16.0.30319.1");
result["atl.lib,Cxx"] = new Version("16.0.30319.1");
result["atls.lib,Cxx"] = new Version("16.0.30319.1");
result["atlsd.lib,Cxx"] = new Version("16.0.30319.1");
result["mfc100.lib,Cxx"] = new Version("16.0.30319.1");
result["mfc100u.lib,Cxx"] = new Version("16.0.30319.1");
result["mfc100d.lib,Cxx"] = new Version("16.0.30319.1");
result["mfc100ud.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcm100.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcm100d.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcm100u.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcm100ud.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcs100.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcs100d.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcs100u.lib,Cxx"] = new Version("16.0.30319.1");
result["mfcs100ud.lib,Cxx"] = new Version("16.0.30319.1");
result["nafxcw.lib,Cxx"] = new Version("16.0.30319.1");
result["nafxcwd.lib,Cxx"] = new Version("16.0.30319.1");
result["uafxcw.lib,Cxx"] = new Version("16.0.30319.1");
result["uafxcwd.lib,Cxx"] = new Version("16.0.30319.1");
return result;
}
