How to use Application Verifier |
You should use Application Verifier throughout your Software Development Lifecycle (SDL also referred to as the Security Development Lifecycle):
- Requirements Phase
- AppVerifier should be planned and time allocated for its execution and follow up.
- Design Phase
- Plan for the use of Application Verifier and define which components (modules, DLLs or EXEs) will be tested.
- Implementation Phase
- Run Application Verifier on stable builds (from Alpha to RTM) of the different components under development (it is important to test the components individually and collectively).
- Verification Phase
- Testers should execute all of their tests (both manual and automatic) with Application Verifier since this will be the first time that the application will be pushed to the limits and unexpected behavior and data will be submitted. AppVerifier is also a powerful tool for security consultants doing audits (black box and white box) since it will allow the quick enumeration of real (or potential) attack/exploit vectors.
- Release Phase
- Clients and security consultants can use AppVerifier on the released binaries to identify potential security vulnerabilities.
- Support and Servicing Phase
- Use Application Verifier to ensure that code changes (e.g. updates, service packs) do not introduce regressions.
-
For more information, please see the published whitepaper on MSDN: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsecure/html/appverifier_sdl.asp.
Installing and configuring
-
Install: Download the latest version of Application Verifier from http://www.microsoft.com/technet/prodtechnol/windows/appcompatibility/appverifier.mspx where you will find setup binaries for the supported architectures: x86, ia64, amd64.
-
Debugger setup: The application being verified should run under a user-mode debugger or the system should run under a kernel debugger since it will break into a debugger when an error occurs. Please see the Application Verifier help contents for more debugger details.
-
Settings: Application Verifier cannot be enabled for a running process. As a result, you need to make settings as described below and then start the application. The settings are persistent until explicitly deleted. Therefore, no matter how many times you launch an application it will start with AppVerifier enabled until the settings are deleted.
Using Application Verifier with WOW64
In Windows 7, you can use either the 32-bit or the 64-bit version of Application Verifier to verify a 32-bit application running under WOW64.
In Windows Vista and earlier operating systems, you should use the 32-bit version of Application Verifier to verify 32-bit applications, and you should use the 64-bit version of Application Verifier to verify 64-bit applications.
In Windows Vista and earlier operating systems, be sure that 32-bit applications are enabled only in the 32-bit version of Application Verifier. That is, do not enable a given 32-bit application in both the 32-bit and 64-bit versions of Application Verifier.
Using Application Verifier Basics Test
The scenarios below showcase the recommended command line and user interface options. These should be run during all tests that exercise the code to ensure complete coverage. The expectation for these scenarios is that application does not break into debugger and all tests pass with the same pass rate as when run without AppVerifier enabled.
-
Enable verifier for the application(s) you wish to test using. From the command line:
appverif /verify MyApp.exe.
From the user interface: Add your application by right clicking within the
Applications
area and selecting
Add Application
. Select the
Basics
from the
Tests
area. Click the
Save
button.
Notes:
-
/verify will enable the basics tests
-
If you are testing a DLL, Application Verifier has to be enabled for the test executable that is exercising the DLL.
-
Run the verification layers separately. For example, in one session enable all Basics and on another one enable all LuaPriv checks.
-
Run ALL your tests exercising the application.
-
Analyze any debugger break(s) encountered. If a break occurs you will need to understand it and fix it. NOTE: The help contents provide details on the breaks and how to investigate them.
-
When finished, delete all settings. From the command line:
appverif /n MyApp.exe.
From the user interface:
-
Remove your application by right clicking within the
Applications
area and selecting
Delete Application
-
Click the
Save
button.
Using AppVerifier Low Resource Simulation (fault injection)
The expectation for this scenario is that the application does not break into debugger. By not breaking into the debugger means that you have no errors that need to be addressed.
The pass rate for the tests may decrease significantly since random fault injections are introduced into the normal operation.
-
Enable Application Verifier
Low Resource Simulation
(fault injection) for the application(s). From the command line:
Appverif /verify MyApp.exe /faults
. From the user interface: Add your application by right clicking within the
Applications
area and selecting
Add Application
. Select the
Low Resource Simulation
from the
Tests
area. Click the
Save
button.
Note: If you are testing a DLL, you can apply low resource simulation (fault injection) on a certain DLL instead of the whole process. The command line format would be: appverif /verify TARGET [/faults [PROBABILITY [TIMEOUT [DLL �]]]]
Example: appverif /verify mytest.exe /faults 50000 1000 d3d9.dll -
Run ALL your tests exercising the application
-
Analyze any debugger break(s) encountered. If a break occurs you will need to understand it and fix it.
-
When finished, delete all settings. From the command line:
appverif /n MyApp.exe.
From the user interface: remove your application by right clicking within the
Applications
area and selecting
Delete Application
, clicking the
Save
button.
-
Note: Running with and without fault injection exercises largely different code paths in an application and therefore both scenarios must be run in order to get the full benefit of AppVerifier.
Analyzing AppVerifier Data
-
All data created during AppVerifier analysis is stored in the %USERPROFILE%\AppVerifierLogs folder in a binary format. These logs can then be converted to XML via the user interface or command line for further analysis.
-
To view the XML files, you can use of one of the following techniques:
-
Web Browser � All modern web browsers are able to display XML files in a structured and color-coded format.
-
Using XSL Transformations � Create an XSLT which converts the raw XML content into reports containing only information relevant to you.
-
Import into Microsoft Excel - Import the XML file into Excel and use filters or Pivot Tables to reorganize and analyze the collected data.
-
Import into Database � Save the XML files and import them into a SQL, Access, etc. database.