Yoshimasa Niwa

Yoshimasa Niwa on MCL-21089 2022-03-11T01:36:38Z

@pine1needle I just downloaded new one from https://www.minecraft.net/en-us/download and confirmed that the problem is fixed now.

$ codesign --test-requirement="=notarized" --verify --verbose Minecraft.app 
Minecraft.app: valid on disk
Minecraft.app: satisfies its Designated Requirement
Minecraft.app: explicit requirement satisfied

The app bundle short version is 1125.
The dmg file downloaded that contains the binary is SHA256(Minecraft.dmg)= 55b3d8ce87cca4e4ee8bddace10868b116e0781049a2edd8203f17cd00a3b04a

Yoshimasa Niwa on MCL-19830 2022-01-29T01:21:18Z

Created MCL-21089, I think distributed binary is not notarized, somehow.

Yoshimasa Niwa on MCL-19830 2021-12-10T04:55:47Z

@Lucas Garron I believe skipUpdate is only for launcher, which is not JVM application, not Minecraft app itself which is JVM application, so still after launcher launched, and I think it cab download newer version.
But this severe log4j 0-day is mostly for much critical for Minecraft server I think for the client, it's probably more difficult to inject something in the log? – well, anyways, I hope just the launcher get fixed quickly and works without patching to workaround the issue.

Yoshimasa Niwa on MCL-19830 2021-11-18T07:31:43Z

@Glyph Lefkowitz Sure thing, here it is. Created a simple patcher script https://gist.github.com/niw/21160b97b1cd30cae322f768aba73573

Usage:
1. Download Minecraft.dmg, open it and drag Minecraft.app to /Applications.
2. Open Terminal, then run following command. It's long oneline, just simply download previous script and run. If you're worrying what it is doing, read script first.

curl -fsSL 'https://gist.githubusercontent.com/niw/21160b97b1cd30cae322f768aba73573/raw/f598803b8143badd7b01c32e657cd2644477f289/minecraft_nativeupdater_patcher.sh'|sh

3. It should say "Patched." if it's not saying so, probably they updated the binary, so this script will no longer work.

4. Open Minecraft once. It will update updater itself and crash.
5. Run previous command again in Terminal.
6. It should say "Patched." if it's not saying so, probably they updated binary, so this script will no longer work.
7. Open Minecraft once again.
8. It will download ~/Application Support/minecraft.
9. To play Minecraft, use following command on Terminal to not update updater again.

open -a /Applications/Minecraft.app --args --skipUpdate

Yoshimasa Niwa on MCL-19830 2021-11-18T03:17:56Z

I have very detailed workaround for this problem, but only for those who can understand what following instructions mean.

The problem is the nativeUpdater is calling AppKit API from non main thread.
However, we can bypass that problematic AppKit API call, which is not essential for updater behavior.

First, current distributed Minecraft.app contains nativeUpdater which SHA256 is 85e795049588f459ee4fe573a3080aed52bb524de12d82340cd0a861bca1cf8e.

Run codesign --remove-signature nativeUpdater, then rewrite je instruction 0x74 at 0x572f to jmp instruction 0xeb.

Run xattr -r -d com.apple.quarantine /Applications/Minecraft.app to bypass GateKeeper.
Then run Minecraft.app once.

It will no longer crash and download the latest nativeUpdater, but then crash because it runs updated nativeUpdater, which is still problemetic.

The latest nativeUpdater which SHA256 is c25ed91f224073c52d276118505fd9d0110815c8f63776a4da2d336ffd595e04.

Do same workaround for it, run codesign --remove-signature nativeUpdater, then rewrite je instruction 0x74 at 0x54af (position is changed) to jmp instruction 0xeb.

Now we have non crash-able Minecraft.app to download initial ~/Application Support/minecraft. Simply run Minecraft.app then good to go!

Form now, you can use open -a /Applications/Minecraft.app --args --skipUpdate to play Minecraft until we have official nativeUpdater binary which doesn't call AppKit API from non main thread.

Yoshimasa Niwa on MCL-19830 2021-11-05T22:40:02Z

@pine1needle I probably found better workaround. Open Terminal.app and use following command:

open -a /Applications/Minecraft.app --args --skipUpdate

In this way, we can skip problematic updater without disconnecting from the internet.

But still, it requires original ~/Library/Application Support/minecraft.

Yoshimasa Niwa on MC-240408 2021-11-03T03:00:32Z

It seems same as MCL-19830

Yoshimasa Niwa on MCL-19830 2021-10-30T23:37:08Z

@JoiningToast I solved the issue by installing launcher on the other machine running macOS 11. and transfer ~/Library/Application Support/minecraft (where anyways previous my offline worlds exist, so... I wanted to copy it.) No workaround exists if you don't have such environment without using probably 3rd party launcher for now.

Yoshimasa Niwa on MCL-19830 2021-10-30T07:49:11Z

I experienced same issue on macOS 12.0.1.
https://gist.github.com/niw/fac5be3449878ce49b9031028f535940 is backtrace of crashed thread.
Looks like updater is using AppKit NSImageView API from background thread, which is violating API rule, since all AppKit UI API must be used from main thread.
Please fix all UI code are called on main thread, or AppKit API may assert such call and crash.

Current workaround is just disconnect from the internet to not launcher trigger updater while it is launching, and once it's launched, connect to the internet and login again, then continue.

Yoshimasa Niwa

Assigned

Reported

Comments