mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

1.0.7

This commit is contained in:
DavidXanatos 2022-01-05 12:40:19 +01:00
parent fd61ce01ca
commit 095e89934b
2 changed files with 9 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Sandboxie/core/drv/syscall.c
View File

@ -604,19 +604,11 @@ _FX void Syscall_ErrorForAsciiName(const UCHAR *name_a)
extern unsigned int g_TrapFrameOffset; extern unsigned int g_TrapFrameOffset;
#ifdef _WIN64 #ifdef _WIN64
//NTSTATUS Sbie_InvokeSyscall_jmp( NTSTATUS Sbie_InvokeSyscall_hack(void* func, ULONG_PTR count, void* args, ULONG_PTR arg04,
// ULONG_PTR arg01, ULONG_PTR arg02, ULONG_PTR arg03, ULONG_PTR arg04,
// ULONG_PTR arg05, ULONG_PTR arg06, ULONG_PTR arg07, ULONG_PTR arg08,
// ULONG_PTR arg09, ULONG_PTR arg10, ULONG_PTR arg11, ULONG_PTR arg12,
// ULONG_PTR arg13, ULONG_PTR arg14, ULONG_PTR arg15, ULONG_PTR arg16,
// ULONG_PTR arg17, ULONG_PTR arg18, ULONG_PTR arg19, void* func);
NTSTATUS Sbie_InvokeSyscall_hack(void* func, int count, void* args, ULONG_PTR arg04,
ULONG_PTR arg05, ULONG_PTR arg06, ULONG_PTR arg07, ULONG_PTR arg08, ULONG_PTR arg05, ULONG_PTR arg06, ULONG_PTR arg07, ULONG_PTR arg08,
ULONG_PTR arg09, ULONG_PTR arg10, ULONG_PTR arg11, ULONG_PTR arg12, ULONG_PTR arg09, ULONG_PTR arg10, ULONG_PTR arg11, ULONG_PTR arg12,
ULONG_PTR arg13, ULONG_PTR arg14, ULONG_PTR arg15, ULONG_PTR arg16, ULONG_PTR arg13, ULONG_PTR arg14, ULONG_PTR arg15, ULONG_PTR arg16,
ULONG_PTR arg17, ULONG_PTR arg18, ULONG_PTR arg19); ULONG_PTR arg17, ULONG_PTR arg18, ULONG_PTR arg19);
#else #else
NTSTATUS Sbie_InvokeSyscall_asm(void* func, int count, void* args); NTSTATUS Sbie_InvokeSyscall_asm(void* func, int count, void* args);
#endif #endif
@ -643,17 +635,9 @@ _FX NTSTATUS Syscall_Invoke(SYSCALL_ENTRY *entry, ULONG_PTR *stack)
// while working for 64 bit apps, makes 32 bit apps crash under wow64, // while working for 64 bit apps, makes 32 bit apps crash under wow64,
// this should not be possible yet it happens, hence we use a hacky workaround // this should not be possible yet it happens, hence we use a hacky workaround
// where our sys call invoker does not do a call but a jmp that seams to be fine. // where our sys call invoker does not do a call but a jmp that seams to be fine.
// Ther for that we need to use this functions stack, hence those many 0 args. // Therefore we need to re-use this functions stack, hence those many 0 args passed.
// //
// this also works but is less efficient
//#define ARG(idx) (entry->param_count > idx ? stack[idx] : 0)
//status = Sbie_InvokeSyscall_jmp(
// ARG(0), ARG(1), ARG(2), ARG(3), ARG(4), ARG(5), ARG(6), ARG(7), ARG(8), ARG(9),
// ARG(10), ARG(11), ARG(12), ARG(13), ARG(14), ARG(15), ARG(16), ARG(17), ARG(18),
// entry->ntos_func);
//#undef ARG
status = Sbie_InvokeSyscall_hack(entry->ntos_func, entry->param_count, stack, 0, // args 1-4 shadow space status = Sbie_InvokeSyscall_hack(entry->ntos_func, entry->param_count, stack, 0, // args 1-4 shadow space
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0); // reserve stack for args 5-19 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0); // reserve stack for args 5-19
#else #else

17
Sandboxie/core/drv/util_asm.asm
View File

@ -271,17 +271,17 @@ endif
ifdef _WIN64 ifdef _WIN64
; NTSTATUS Sbie_InvokeSyscall_hack(ULONG_PTR arg01, ... , ULONG_PTR arg19, void* func);
Sbie_InvokeSyscall_jmp PROC Sbie_InvokeSyscall_jmp PROC
jmp qword ptr [rsp+0A0h] ; 20th argument jmp qword ptr [rsp+0A0h] ; 20th argument
Sbie_InvokeSyscall_jmp ENDP Sbie_InvokeSyscall_jmp ENDP
; NTSTATUS Sbie_InvokeSyscall_asm(void* func, ULONG_PTR count, void* args, ULONG_PTR dummy1, ..., ULONG_PTR dummy16);
Sbie_InvokeSyscall_hack PROC Sbie_InvokeSyscall_hack PROC
;mov qword ptr [rsp+20h], r9 ; WARNING: when calling this function after the 3 used arguments 16 more dummy's must be passed
;mov qword ptr [rsp+18h], r8 ; to reserve the required stack space at the caller's stack which we will use
;mov qword ptr [rsp+10h], rdx
;mov qword ptr [rsp+8], rcx
; note: (count & 0x0F) + 4 = 19 arguments are the absolute maximum ; note: (count & 0x0F) + 4 = 19 arguments are the absolute maximum
@ -300,11 +300,11 @@ arg_count_ok:
; check if we have higher arguments and if not skip ; check if we have higher arguments and if not skip
cmp r10, 4 cmp r10, 4
jle copy_reg_args jle copy_reg_args
; copy arguments 5-19
push rsi push rsi
push rdi push rdi
; copy arguments 5-19
mov rsi, r11 ; source mov rsi, r11 ; source
add rsi, 20h add rsi, 20h
mov rdi, rsp ; destination mov rdi, rsp ; destination
@ -329,13 +329,9 @@ copy_reg_args:
Sbie_InvokeSyscall_hack ENDP Sbie_InvokeSyscall_hack ENDP
; NTSTATUS Sbie_InvokeSyscall_asm(void* func, int count, void* args);
Sbie_InvokeSyscall_asm PROC Sbie_InvokeSyscall_asm PROC
;mov qword ptr [rsp+20h], r9
;mov qword ptr [rsp+18h], r8
;mov qword ptr [rsp+10h], rdx
;mov qword ptr [rsp+8], rcx
; note: (count & 0x0F) + 4 = 19 arguments are the absolute maximum ; note: (count & 0x0F) + 4 = 19 arguments are the absolute maximum
; quick sanity check ; quick sanity check
@ -388,6 +384,7 @@ Sbie_InvokeSyscall_asm ENDP
else else
; NTSTATUS Sbie_InvokeSyscall_asm(void* func, int count, void* args);
_Sbie_InvokeSyscall_asm@12 PROC _Sbie_InvokeSyscall_asm@12 PROC
; NTSTATUS Sbie_InvokeSyscall_asm(void* func, int count, void* args); ; NTSTATUS Sbie_InvokeSyscall_asm(void* func, int count, void* args);