Writing to cover an issue that has been occurring in the certifications recently.   The basic issue is the certification tool will attempt to do checks on the setup packages that are compressed files to ensure the files are compiled with security checks in place. When the path is exceeding 248 characters, the tool will automatically fail the Windows security features test.



The final certification report may show the following in the log:


Windows security features test


Binary analyzer

·         Error Found: The binary analyzer test detected the following errors:

·         Impact if not fixed: If the app doesn’t use the available Windows protections, it can increase the vulnerability of customer's computer to malware.

·         How to fix: Apply the required linker options - SAFESEH, DYNAMICBASE, NXCOMPAT, and APPCONTAINER - when you link the app. See links below for more information:
Fixing Binary Analyzer Errors


In further review, you may see something like the following in the BinScope_trace_post_process_xxx.log:

Program Information: 0 : Plugin of type MsiSplitter loaded.
Program Information: 0 : Plugin of type ZipSplitter loaded.
System.IO.InvalidDataException: The file could not be unpacked (the error returned was: The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters.). ---> System.IO.PathTooLongException: The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters.
   at System.IO.Path.NormalizePath(String path, Boolean fullCheck, Int32 maxPathLength)
   at System.IO.Path.GetDirectoryName(String path)
   at Microsoft.MSEC.BinScope.Plugins.ZipUnpackStreamContext.OpenFileWriteStream(String path, Int64 fileSize, DateTime lastWriteTime)
   at Microsoft.Deployment.Compression.Zip.ZipEngine.UnpackOneFile(IUnpackStreamContext streamContext, ZipFileHeader header, Stream& archiveStream)
   at Microsoft.Deployment.Compression.Zip.ZipEngine.Unpack(IUnpackStreamContext streamContext, Predicate`1 fileFilter)
   at Microsoft.MSEC.BinScope.Plugins.ZipSplitter.GetSubitems(String path)
   --- End of inner exception stack trace ---
   at Microsoft.MSEC.BinScope.Plugins.ZipSplitter.GetSubitems(String path)
   at Microsoft.MSEC.BinScope.BinScopeScanner.Traverse(String path, List`1 checks)
   at Microsoft.MSEC.BinScope.BinScopeScanner.ExecuteChecks(List`1 checkTypes, String path)
   at Microsoft.MSEC.BinScope.BinScopeScanner.ExecuteChecks(List`1 checkNames, String path)
   at Microsoft.Windows.SoftwareLogo.Tests.Msec.Binscope.ExecuteTestInternal(TaskData taskData)
   at Microsoft.Windows.SoftwareLogo.Tests.Msec.Binscope.ExecuteTest()


In order to resolve the issue, shorten the file paths that are in the embedded compressed files that are in the desktop setup program to prevent going beyond the 248 characters from being reached. When doing so, the Windows Application Certification Kit will be able to at least be able to complete the testing process for processing the setup to provide the opportunity for a passing result.

Thank you,

Nathan Manis