What does the MsiVerifyPackage WinAPI function do to verify an MSI?

1
votes

The Windows documentation states that the MsiVerifyPackage function verifies that a file is an installation package. How much is verified here? If a byte in a content file is corrupted/incorrect, will this be caught? Or is it just a check that the MSI data is readable?

The MSDN page for the function is here: http://msdn.microsoft.com/en-us/library/windows/desktop/aa370508(v=vs.85).aspx

1
windowswinapiwindows-installer
This function doesn't check the package integrity. I've just tried to corrupt a package with a hex editor (from somewhere in the middle of the file to the end) and it returned ERROR_SUCCESS so it most probably check just something in the header of a file. - TLama
If you'd put that as an answer you'd have got some points! - Stephen Hewlett
@StephenHewlett: They didn't say what it did, just waht it didn't :) - Deanna

1 Answers

0
votes

I think you are missing the point of API's. The SDK doco tells you what it does:

The MsiVerifyPackage function verifies that the given file is an installation package.

But what you are really asking is "HOW" does it do what it does? The whole point of an API is to abstract you from implementation details. The question isn't answerable without access to the source code. Even then, I'm not sure it should be answered as you might then rely on that behavior.

As an aside, what's your real problem? I suspect this is more then idle curiosity and that there are some real questions in there somewhere.