Merge pull request #2679 from sepcnt/master

Update UpdUtil.cpp & Typo fix
This commit is contained in:
DavidXanatos 2023-02-12 08:58:29 +01:00 committed by GitHub
commit 14924c0b8c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 22 additions and 15 deletions

View File

@ -66,12 +66,12 @@ jobs:
echo 'isoaltion->isolation' >> dictionary.txt echo 'isoaltion->isolation' >> dictionary.txt
echo 'symbolicl->symbolic' >> dictionary.txt echo 'symbolicl->symbolic' >> dictionary.txt
echo 're enable->re-enable' >> dictionary.txt echo 're enable->re-enable' >> dictionary.txt
echo 'appcontainer->app container' >> dictionary.txt
echo 'foder->folder' >> dictionary.txt echo 'foder->folder' >> dictionary.txt
echo 'fodername1->foldername1' >> dictionary.txt echo 'fodername1->foldername1' >> dictionary.txt
echo 'fodler->folder' >> dictionary.txt echo 'fodler->folder' >> dictionary.txt
echo 'built in->built-in' >> dictionary.txt echo 'built in->built-in' >> dictionary.txt
echo 'tigether->together' >> dictionary.txt echo 'tigether->together' >> dictionary.txt
echo 'auxyliary->auxiliary' >> dictionary.txt
# Only lowercase letters are allowed in --ignore-words-list # Only lowercase letters are allowed in --ignore-words-list
codespell --dictionary=dictionary.txt --dictionary=dictionary_rare.txt --dictionary=dictionary_code.txt \ codespell --dictionary=dictionary.txt --dictionary=dictionary_rare.txt --dictionary=dictionary_code.txt \
--ignore-words-list="wil,unknwn,tolen,pevent,doubleclick,parm,parms,etcp,ois,ba,ptd,modell,namesd,stdio,uint,errorstring,ontext,atend,deque,ecounter,nmake,namess,inh,daa,varient,lite,uis,emai,ws,slanguage" \ --ignore-words-list="wil,unknwn,tolen,pevent,doubleclick,parm,parms,etcp,ois,ba,ptd,modell,namesd,stdio,uint,errorstring,ontext,atend,deque,ecounter,nmake,namess,inh,daa,varient,lite,uis,emai,ws,slanguage" \

View File

@ -10,13 +10,13 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.7.3 / 5.62.3] - 2023-02-?? ## [1.7.3 / 5.62.3] - 2023-02-??
### Added ### Added
- Run menu now supports folders, to be used by entering fodername1\foldername2\entryname in the name column of the UI - Run menu now supports folders, to be used by entering foldername1\foldername2\entryname in the name column of the UI
- added an tray indicator for pending updates - added an tray indicator for pending updates
- added virtualization for CreateDirectoryObject(Ex) and OpenDirectoryObject (improves security, prevents name squating) - added virtualization for CreateDirectoryObject(Ex) and OpenDirectoryObject (improves security, prevents name squating)
### Changed ### Changed
- 'OpenProtectedStorage=y' has been replaced with a template - 'OpenProtectedStorage=y' has been replaced with a template
- moved all built in access rules to a set of default templates - moved all built in access rules to a set of default templates
- moved WinInetCache control to a template OpenWinInetCache, 'CloseWinInetCache=y' is now obsolete - moved WinInetCache control to a template OpenWinInetCache, 'CloseWinInetCache=y' is now obsolete
- added hook for CreateAppContainerToken, should also improve compatibility with other apps [#1926](https://github.com/sandboxie-plus/Sandboxie/issues/1926) - added hook for CreateAppContainerToken, should also improve compatibility with other apps [#1926](https://github.com/sandboxie-plus/Sandboxie/issues/1926)
-- note: Template_Edge_Fix is no longer required -- note: Template_Edge_Fix is no longer required

View File

@ -1065,7 +1065,7 @@ int Program_Start(void)
ExpandEnvironmentStrings(cmdline, expanded, 8192); ExpandEnvironmentStrings(cmdline, expanded, 8192);
// //
// When the service proces has a manifest which requires elevated privileges, // When the service process has a manifest which requires elevated privileges,
// CreateProcess will fail if we did not start with a elevated token. // CreateProcess will fail if we did not start with a elevated token.
// To fix this issue we always fake being elevated when starting a service. // To fix this issue we always fake being elevated when starting a service.
// //

View File

@ -3231,7 +3231,7 @@ ReparseLoop:
status = STATUS_OBJECT_PATH_NOT_FOUND; status = STATUS_OBJECT_PATH_NOT_FOUND;
// //
// if this is a create operation check if the parent fodler is ok and if so clear the error // if this is a create operation check if the parent folder is ok and if so clear the error
// //
if (CreateDisposition != FILE_OPEN && CreateDisposition != FILE_OVERWRITE) { if (CreateDisposition != FILE_OPEN && CreateDisposition != FILE_OVERWRITE) {

View File

@ -444,7 +444,7 @@ _FX BOOLEAN Proc_Init(void)
// When not in Compartment mode, windows AppContainer isolation is not supported // When not in Compartment mode, windows AppContainer isolation is not supported
// hook the CreateAppContainerToken and return a regular token // hook the CreateAppContainerToken and return a regular token
// we hook CreateAppContainerToken rather then NtCreateLowBoxToken // we hook CreateAppContainerToken rather then NtCreateLowBoxToken
// as we dont waht CreateAppContainerToken to fail when // as we dont what CreateAppContainerToken to fail when
// \Sessions\*\AppContainerNamedObjects\* is not open // \Sessions\*\AppContainerNamedObjects\* is not open
// //

View File

@ -264,7 +264,7 @@ _FX NTSTATUS Process_Low_Api_InjectComplete(PROCESS *proc, ULONG64 *parms)
// //
// the service synamically allocates a per box SID to be used, // the service synamically allocates a per box SID to be used,
// if no SID is provided this feature is eider disabled or failed // if no SID is provided this feature is either disabled or failed
// then we fall back to using the default anonymous SID // then we fall back to using the default anonymous SID
// //

View File

@ -275,7 +275,7 @@ _FX NTSTATUS Syscall_OpenHandle(
// //
// During early process initializarion stage OpenDirectoryObject is invoked with DIRECTORY_ALL_ACCESS // During early process initializarion stage OpenDirectoryObject is invoked with DIRECTORY_ALL_ACCESS
// so we strip the "write" permissions here untill the sbiedll finishes loading // so we strip the "write" permissions here until the SbieDll finishes loading
// //
if (strcmp(syscall_entry->name, "OpenDirectoryObject") == 0 && !proc->sbiedll_loaded){ if (strcmp(syscall_entry->name, "OpenDirectoryObject") == 0 && !proc->sbiedll_loaded){

View File

@ -353,7 +353,7 @@ OpenWinClass=devldr
# #
# Network access rules # Network access rules
# depanding on preset eider the "Open" or the "Close" directives are applied # depending on preset either the "Open" or the "Close" directives are applied
# #
[TemplateNetworkPaths] [TemplateNetworkPaths]

View File

@ -471,9 +471,10 @@ int ApplyUpdate(std::wstring base_dir, std::wstring temp_dir, std::shared_ptr<SF
return Count; return Count;
} }
void Execute(std::wstring wFile, std::wstring wParams) DWORD Execute(std::wstring wFile, std::wstring wParams)
{ {
SHELLEXECUTEINFO si = { sizeof(SHELLEXECUTEINFO) }; SHELLEXECUTEINFO si = { sizeof(SHELLEXECUTEINFO) };
DWORD ret = 1;
si.fMask = SEE_MASK_NOCLOSEPROCESS; si.fMask = SEE_MASK_NOCLOSEPROCESS;
si.lpVerb = L"runas"; si.lpVerb = L"runas";
si.lpFile = wFile.c_str(); si.lpFile = wFile.c_str();
@ -483,8 +484,11 @@ void Execute(std::wstring wFile, std::wstring wParams)
std::wcout << L"KmdUtil.exe " << si.lpParameters << std::endl; std::wcout << L"KmdUtil.exe " << si.lpParameters << std::endl;
if (ShellExecuteEx(&si)) { if (ShellExecuteEx(&si)) {
WaitForSingleObject(si.hProcess, INFINITE); WaitForSingleObject(si.hProcess, INFINITE);
GetExitCodeProcess(si.hProcess, &ret);
CloseHandle(si.hProcess); CloseHandle(si.hProcess);
} }
return ret;
} }
int ProcessUpdate(std::shared_ptr<SFileMap>& pFiles, const std::wstring& step, const std::wstring& temp_dir, const std::wstring& base_dir, const std::wstring& scope) int ProcessUpdate(std::shared_ptr<SFileMap>& pFiles, const std::wstring& step, const std::wstring& temp_dir, const std::wstring& base_dir, const std::wstring& scope)
@ -633,7 +637,7 @@ int APIENTRY wWinMain(_In_ HINSTANCE hInstance,
freopen("CONOUT$", "w", stdout); freopen("CONOUT$", "w", stdout);
freopen("CONOUT$", "w", stderr); freopen("CONOUT$", "w", stderr);
if (HasFlag(arguments, L"pause")) { if (HasFlag(arguments, L"pause")) {
std::cout << "Sandboxie Updater Utility" << std::endl; std::cout << "Sandboxie Update Utility" << std::endl;
std::wcout << lpCmdLine << std::endl; std::wcout << lpCmdLine << std::endl;
std::cout << std::endl << "Press enter to continue..." << std::endl; std::cout << std::endl << "Press enter to continue..." << std::endl;
std::cin.get(); std::cin.get();
@ -812,9 +816,12 @@ int APIENTRY wWinMain(_In_ HINSTANCE hInstance,
if (bRestart) { if (bRestart) {
Execute(base_dir + L"\\KmdUtil.exe", L"scandll_silent"); Execute(base_dir + L"\\KmdUtil.exe", L"scandll_silent");
Execute(base_dir + L"\\KmdUtil.exe", L"stop SbieSvc"); Execute(base_dir + L"\\KmdUtil.exe", L"stop SbieSvc");
Execute(base_dir + L"\\KmdUtil.exe", L"stop SbieDrv");
Sleep(3000); if (Execute(base_dir + L"\\KmdUtil.exe", L"stop SbieDrv"))
Execute(base_dir + L"\\KmdUtil.exe", L"stop SbieDrv"); {
Sleep(3000);
Execute(base_dir + L"\\KmdUtil.exe", L"stop SbieDrv");
}
} }
ret = ApplyUpdate(base_dir, temp_dir, pFiles); ret = ApplyUpdate(base_dir, temp_dir, pFiles);

View File

@ -192,7 +192,7 @@ NTSTATUS NtIo_RenameFileOrFolder(POBJECT_ATTRIBUTES src_objattrs, POBJECT_ATTRIB
if (!NT_SUCCESS(status)) if (!NT_SUCCESS(status))
return status; return status;
HANDLE dst_handle = NULL; // open destination fodler HANDLE dst_handle = NULL; // open destination folder
status = NtCreateFile(&dst_handle, FILE_GENERIC_READ, dest_objattrs, &IoStatusBlock, NULL, status = NtCreateFile(&dst_handle, FILE_GENERIC_READ, dest_objattrs, &IoStatusBlock, NULL,
0, // for dir? FILE_ATTRIBUTE_NORMAL 0, // for dir? FILE_ATTRIBUTE_NORMAL
FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,