1.1.1

2022-06-01 19:40:51 +02:00 · 2022-06-01 19:40:51 +02:00 · 1b1342c426
parent 8aea232b39
commit 1b1342c426
7 changed files with 138 additions and 55 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -20,11 +20,12 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 - fixed issues with the new delete V2 mechanism when using "SeparateUserFolders=y" [#1885](https://github.com/sandboxie-plus/Sandboxie/issues/1885)
 - fixed credential issue [#1770](https://github.com/sandboxie-plus/Sandboxie/pull/1770)
 - fixed force process priorities [#1883](https://github.com/sandboxie-plus/Sandboxie/issues/1883)
 - fixed issues with the new delete V2 mechanism
 - fixed issue with the Windows 11 menu on older Windows builds [1877](https://github.com/sandboxie-plus/Sandboxie/issues/1877)
 - refresh now works without WatchBoxSize option [#1885](https://github.com/sandboxie-plus/Sandboxie/issues/1885)
 - fixed crash issue with WatchBoxSize=true [#1885](https://github.com/sandboxie-plus/Sandboxie/issues/1885)
 - fixed issue with recovery folder paths [#1840](https://github.com/sandboxie-plus/Sandboxie/issues/1840)
-
+- fixed issues with sbie desktop and wndStation affecting acrobat reader [#1863](https://github.com/sandboxie-plus/Sandboxie/issues/1863)
--- a/Sandboxie/core/dll/advapi.c
+++ b/Sandboxie/core/dll/advapi.c
@ -112,8 +112,11 @@ typedef BOOL (*P_SaferComputeTokenFromLevel)(
 typedef ULONG (*P_GetEffectiveRightsFromAcl)(
    PACL pacl, void *pTrustee, PACCESS_MASK pAccessRights);
-typedef BOOL (*P_EnumWindowStations) (_In_ WINSTAENUMPROC lpEnumFunc, _In_ LPARAM lParam);
+//typedef BOOL (*P_EnumWindowStations) (WINSTAENUMPROC lpEnumFunc, LPARAM lParam);
-typedef HANDLE (*P_OpenWindowStationW) (LPCWSTR lpszWinSta, BOOL fInherit, ACCESS_MASK dwDesiredAccess);
+//typedef HANDLE (*P_OpenWindowStationW) (LPCWSTR lpszWinSta, BOOL fInherit, ACCESS_MASK dwDesiredAccess);
 //
 //typedef BOOL (*P_EnumDesktopsW) (HWINSTA hwinsta, DESKTOPENUMPROCW lpEnumFunc, LPARAM lParam);
 //typedef HANDLE (*P_OpenDesktopW) (LPCWSTR lpszDesktop, DWORD dwFlags, BOOL fInherit, ACCESS_MASK dwDesiredAccess);
 //---------------------------------------------------------------------------
@ -155,8 +158,12 @@ typedef HANDLE (*P_OpenWindowStationW) (LPCWSTR lpszWinSta, BOOL fInherit, ACCES
       P_SaferComputeTokenFromLevel __sys_SaferComputeTokenFromLevel = NULL;
       P_GetEffectiveRightsFromAcl __sys_GetEffectiveRightsFromAclW = NULL;
-       P_EnumWindowStations     __sys_EnumWindowStationsW       = NULL;
+
-       P_OpenWindowStationW     __sys_OpenWindowStationW        = NULL;
+       //P_EnumWindowStations     __sys_EnumWindowStationsW       = NULL;
       //P_OpenWindowStationW     __sys_OpenWindowStationW        = NULL;
 //extern P_EnumDesktopsW          __sys_EnumDesktopsW;
 //extern P_OpenDesktopW           __sys_OpenDesktopW;
 static HMODULE AdvApi_Module = NULL;
@ -240,7 +247,7 @@ _FX BOOLEAN AdvApi_Init(HMODULE module)
    // only hook SetSecurityInfo if this is Chrome.  Outlook 2013 uses delayed loading and will cause infinite callbacks
    // Starting with Win 10, we only want to hook ntmarta!SetSecurityInfo. Do NOT hook advapi!SetSecurityInfo. Delay loading for advapi will cause infinite recursion.
    // Note: the infinite recursion issue has been resolved int 5.43
-    if (((Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_ACROBAT_READER)) && (Dll_Windows < 10)) {
+    if ((Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_ACROBAT_READER)) {
        SetSecurityInfo = __sys_SetSecurityInfo;
        GetSecurityInfo = __sys_GetSecurityInfo;
        SBIEDLL_HOOK(AdvApi_, SetSecurityInfo);
@ -489,12 +496,8 @@ _FX ULONG AdvApi_CreateRestrictedToken(
 }
-
+/*HANDLE Sandboxie_WinSta = 0;
-HANDLE Sandboxie_WinSta = 0;
+HANDLE Sandboxie_Desktop = 0;
 BOOL CALLBACK myEnumWindowStationProc(
    _In_ LPTSTR lpszWindowStation,
    _In_ LPARAM lParam);
 // Get Sandbox Dummy WindowStation Handle
 BOOL CALLBACK myEnumWindowStationProc(
@ -511,6 +514,37 @@ BOOL CALLBACK myEnumWindowStationProc(
    return TRUE;
 }
 BOOL CALLBACK myEnumDesktopsProc(
    _In_ LPTSTR lpszDesktop,
    _In_ LPARAM lParam)
 {
    if ((!lpszDesktop) || (!__sys_OpenDesktopW)) {
        return FALSE;
    }
    if (!_wcsnicmp(lpszDesktop, L"Sandbox", 7)) {
        const ACCESS_MASK DESKTOP_ALL_ACCESS = 0x1FF; // see WinUser.h
        Sandboxie_Desktop = __sys_OpenDesktopW(lpszDesktop, 0, FALSE, DESKTOP_ALL_ACCESS);
        return FALSE;
    }
    return TRUE;
 }
 _FX VOID OpenWinSta()
 {
    if (!Sandboxie_WinSta) {
        __sys_EnumWindowStationsW = (P_EnumWindowStations)Ldr_GetProcAddrNew(L"User32.dll", L"EnumWindowStationsW", "EnumWindowStationsW");
        __sys_OpenWindowStationW = (P_OpenWindowStationW)Ldr_GetProcAddrNew(L"User32.dll", L"OpenWindowStationW", "OpenWindowStationW");
        if (__sys_EnumWindowStationsW) {
            __sys_EnumWindowStationsW(myEnumWindowStationProc, 0);
            if (Sandboxie_WinSta) {
                if (__sys_EnumDesktopsW)
                    __sys_EnumDesktopsW(Sandboxie_WinSta, myEnumDesktopsProc, 0);
            }
        }
    }
 }*/
 // Chrome 52+ now needs to be able to create a WindowStation and Desktop for its sandbox
 // GetSecurityInfo will fail when chrome tries to do a DACL read on the default WindowStation.
@ -518,6 +552,8 @@ BOOL CALLBACK myEnumWindowStationProc(
 // this will allow chrome to create the required WindowStation and Desktop.  See comment in 
 // GuiServer.cpp: GuiServer::GetWindowStationAndDesktopName.
 extern HANDLE Sandboxie_WinSta;
 _FX DWORD AdvApi_GetSecurityInfo(
    HANDLE handle,
    SE_OBJECT_TYPE ObjectType,
@ -532,13 +568,7 @@ _FX DWORD AdvApi_GetSecurityInfo(
    rc = __sys_GetSecurityInfo(handle, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
    if (rc && ObjectType == SE_WINDOW_OBJECT && SecurityInfo == DACL_SECURITY_INFORMATION) {
-        __sys_EnumWindowStationsW = (P_EnumWindowStations)Ldr_GetProcAddrNew(L"User32.dll", L"EnumWindowStationsW", "EnumWindowStationsW");
+        //OpenWinSta();
        __sys_OpenWindowStationW = (P_OpenWindowStationW)Ldr_GetProcAddrNew(L"User32.dll", L"OpenWindowStationW", "OpenWindowStationW");
        if (!Sandboxie_WinSta) {
            if (__sys_EnumWindowStationsW) {
                rc = __sys_EnumWindowStationsW(myEnumWindowStationProc, 0);
            }
        }
        rc = __sys_GetSecurityInfo(Sandboxie_WinSta, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
    }
    return rc;
@ -753,13 +783,7 @@ _FX DWORD Ntmarta_GetSecurityInfo(
    rc = __sys_Ntmarta_GetSecurityInfo(handle, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
    if (rc && ObjectType == SE_WINDOW_OBJECT && SecurityInfo == DACL_SECURITY_INFORMATION) {
-        __sys_EnumWindowStationsW = (P_EnumWindowStations)Ldr_GetProcAddrNew(L"User32.dll", L"EnumWindowStationsW", "EnumWindowStationsW");
+        //OpenWinSta();
        __sys_OpenWindowStationW = (P_OpenWindowStationW)Ldr_GetProcAddrNew(L"User32.dll", L"OpenWindowStationW", "OpenWindowStationW");
        if (!Sandboxie_WinSta) {
            if (__sys_EnumWindowStationsW) {
                rc = __sys_EnumWindowStationsW(myEnumWindowStationProc, 0);
            }
        }
        rc = __sys_Ntmarta_GetSecurityInfo(Sandboxie_WinSta, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
    }
    return rc;
--- a/Sandboxie/core/dll/gui.c
+++ b/Sandboxie/core/dll/gui.c
@ -821,6 +821,9 @@ _FX BOOL DisallowWin32kSystemCallsIsOn()
 extern P_NtSetInformationThread __sys_NtSetInformationThread;
 HANDLE Sandboxie_WinSta = NULL;
 HANDLE Sandboxie_Desktop = NULL;
 _FX BOOLEAN Gui_ConnectToWindowStationAndDesktop(HMODULE User32)
 {
    static HDESK _ProcessDesktop = NULL;
@ -900,6 +903,9 @@ _FX BOOLEAN Gui_ConnectToWindowStationAndDesktop(HMODULE User32)
            errlvl = 2;
        else {
            Sandboxie_WinSta = (HANDLE)rpl->hsbie_winsta;
            Sandboxie_Desktop = (HANDLE)rpl->hsbie_desk;
            //
            // locate windowstation and desktop functions in user32 dll
            //
--- a/Sandboxie/core/dll/guienum.c
+++ b/Sandboxie/core/dll/guienum.c
@ -175,6 +175,7 @@ static BOOLEAN Gui_D3D9_Loaded = FALSE;
 static ULONG64 Gui_GetShellWindow_LastTicks = 0;
 static BOOLEAN Winsta_Hack = FALSE;
 //---------------------------------------------------------------------------
 // Gui_InitEnum
@ -244,16 +245,11 @@ _FX BOOLEAN Gui_InitEnum(void)
    // raises an error when CreateDesktop is call.  This hook
    // is removed for chrome.  See advapi.c: AdvApi_GetSecurityInfo
-    if (!Config_GetSettingsForImageName_bool(L"UseSbieWndStation", TRUE) && 
+    SBIEDLL_HOOK_GUI(CreateDesktopW);
-        (Dll_ImageType != DLL_IMAGE_GOOGLE_CHROME) &&
+    SBIEDLL_HOOK_GUI(CreateDesktopA);
-        (Dll_ImageType != DLL_IMAGE_MOZILLA_FIREFOX)) {
+    
-        SBIEDLL_HOOK_GUI(CreateDesktopW);
+    SBIEDLL_HOOK_GUI(CreateWindowStationW);
-        SBIEDLL_HOOK_GUI(CreateDesktopA);
+    SBIEDLL_HOOK_GUI(CreateWindowStationA);
    }
    else {
        SBIEDLL_HOOK_GUI(CreateWindowStationW);
        SBIEDLL_HOOK_GUI(CreateWindowStationA);
    }    
    return TRUE;
 }
@ -582,49 +578,69 @@ _FX HDESK Gui_OpenDesktopA(
 //---------------------------------------------------------------------------
 //Gui_CreateWindowStationW
 //---------------------------------------------------------------------------
-extern HANDLE Sandboxie_WinSta ;
+extern HANDLE Sandboxie_WinSta;
 _FX HANDLE Gui_CreateWindowStationW (void *lpwinsta, DWORD dwFlags, ACCESS_MASK dwDesiredAccess, LPSECURITY_ATTRIBUTES lpsa) {
    HANDLE myHandle = 0;
    myHandle =  __sys_CreateWindowStationW(lpwinsta, dwFlags, dwDesiredAccess, lpsa);
    if (!myHandle) {
-        return Sandboxie_WinSta;
+        if(Sandboxie_WinSta)
            return Sandboxie_WinSta;
        SbieApi_Log(2205, L"CreateWindowStation");
    }
    return myHandle;
 }
 //---------------------------------------------------------------------------
 //Gui_CreateWindowStationA
 //---------------------------------------------------------------------------
 _FX HANDLE Gui_CreateWindowStationA (void *lpwinsta, DWORD dwFlags, ACCESS_MASK dwDesiredAccess, LPSECURITY_ATTRIBUTES lpsa) {
    HANDLE myHandle = 0;
    myHandle =  __sys_CreateWindowStationA(lpwinsta, dwFlags, dwDesiredAccess, lpsa);
    if (!myHandle) {
-        return Sandboxie_WinSta;
+        if(Sandboxie_WinSta)
            return Sandboxie_WinSta;
        SbieApi_Log(2205, L"CreateWindowStation");
    }
    return myHandle;
 }
 //---------------------------------------------------------------------------
 // Gui_CreateDesktopW
 //---------------------------------------------------------------------------
-
+extern HANDLE Sandboxie_Desktop;
 _FX HDESK Gui_CreateDesktopW(
    void *lpszDesktop, void *lpszDevice, void *DevMode, ULONG dwFlags,
    ACCESS_MASK dwDesiredAccess, void *SecurityAttributes)
 {
    HANDLE rc = 0;
-    //Call the system CreateDesktopW without a security context. 
+    
-    //This works in tandem with the Ntmarta_GetSecurityInfo hook (see in advapi.c).
+    rc = __sys_CreateDesktopW(lpszDesktop, lpszDevice, DevMode, dwFlags, dwDesiredAccess, SecurityAttributes);
-
+    if (rc)
    //Also see comment in Ntmarta_Init at SBIEDLL_HOOK2(Ntmarta_,GetSecurityInfo) for
    //Acrobat Reader.  This is needed to allow this process to create a desktop with
    //the sandboxie restricted token by dropping the security context.  This won't
    //work without the GetSecrityInfo hook.
    rc = __sys_CreateDesktopW(lpszDesktop, NULL, NULL, dwFlags, dwDesiredAccess, NULL);
    if (rc) {
        return rc;
    if (!Config_GetSettingsForImageName_bool(L"UseSbieWndStation", TRUE) && (Dll_ImageType != DLL_IMAGE_GOOGLE_CHROME) && (Dll_ImageType != DLL_IMAGE_MOZILLA_FIREFOX))
    {
        //Call the system CreateDesktopW without a security context. 
        //This works in tandem with the Ntmarta_GetSecurityInfo hook (see in advapi.c).
        //Also see comment in Ntmarta_Init at SBIEDLL_HOOK2(Ntmarta_,GetSecurityInfo) for
        //Acrobat Reader.  This is needed to allow this process to create a desktop with
        //the sandboxie restricted token by dropping the security context.  This won't
        //work without the GetSecurityInfo hook.
        rc = __sys_CreateDesktopW(lpszDesktop, NULL, NULL, dwFlags, dwDesiredAccess, NULL);
        if (rc)
            return rc;
    }
    if (Sandboxie_Desktop)
        return Sandboxie_Desktop;
    SbieApi_Log(2205, L"CreateDesktop");
    return CreateEvent(NULL, FALSE, FALSE, NULL);
 }
@ -640,11 +656,20 @@ _FX HDESK Gui_CreateDesktopA(
    ACCESS_MASK dwDesiredAccess, void *SecurityAttributes)
 {
    HANDLE rc = 0;
-    rc = __sys_CreateDesktopA(lpszDesktop, NULL, NULL, dwFlags, dwDesiredAccess, NULL);
+    
-    if (rc) {
+    rc = __sys_CreateDesktopA(lpszDesktop, lpszDevice, DevMode, dwFlags, dwDesiredAccess, SecurityAttributes);
    if (rc)
        return rc;
    if (!Config_GetSettingsForImageName_bool(L"UseSbieWndStation", TRUE) && (Dll_ImageType != DLL_IMAGE_GOOGLE_CHROME) && (Dll_ImageType != DLL_IMAGE_MOZILLA_FIREFOX))
    {
        rc = __sys_CreateDesktopA(lpszDesktop, NULL, NULL, dwFlags, dwDesiredAccess, NULL);
        if (rc)
            return rc;
    }
    if (Sandboxie_Desktop)
        return Sandboxie_Desktop;
    SbieApi_Log(2205, L"CreateDesktop");
    return CreateEvent(NULL, FALSE, FALSE, NULL);
 }
--- a/Sandboxie/core/svc/GuiServer.cpp
+++ b/Sandboxie/core/svc/GuiServer.cpp
@ -605,7 +605,7 @@ void GuiServer::RunSlave(const WCHAR *cmdline)
    // create window station
    //
-    if (! pThis->GetWindowStationAndDesktopName(NULL))
+    if (! pThis->GetWindowStationAndDesktopName(NULL, NULL, NULL))
        return;
    //
@ -1190,7 +1190,7 @@ HANDLE GuiServer::GetJobObject(const WCHAR *boxname)
 //---------------------------------------------------------------------------
-bool GuiServer::GetWindowStationAndDesktopName(WCHAR *out_name)
+bool GuiServer::GetWindowStationAndDesktopName(WCHAR *out_name, HANDLE* out_winsta, HANDLE* out_desk)
 {
    static HWINSTA _hWinSta = NULL;
    static HDESK   _hDesk   = NULL;
@ -1205,6 +1205,8 @@ bool GuiServer::GetWindowStationAndDesktopName(WCHAR *out_name)
    if (out_name) {
        wcscpy(out_name, _CombinedName);
        if (out_winsta) *out_winsta = _hWinSta;
        if (out_desk) *out_desk = _hDesk;
        return true;
    }
@ -1273,6 +1275,8 @@ bool GuiServer::GetWindowStationAndDesktopName(WCHAR *out_name)
    else {
        if (out_winsta) *out_winsta = _hWinSta;
        if (! SetProcessWindowStation(_hWinSta))
            errlvl = 0x62;
        else {
@ -1285,6 +1289,9 @@ bool GuiServer::GetWindowStationAndDesktopName(WCHAR *out_name)
            const ACCESS_MASK DESKTOP_ALL_ACCESS = 0x1FF; // see WinUser.h
            _hDesk = CreateDesktop(desktop_name, NULL, NULL, 0,
                                   DESKTOP_ALL_ACCESS | WRITE_OWNER, &sa);
            if (out_desk) *out_desk = _hDesk;
            if (! _hDesk)
                errlvl = 0x63;
@ -1467,7 +1474,9 @@ ULONG GuiServer::GetWindowStationSlave(SlaveArgs *args)
        GUI_GET_WINDOW_STATION_RPL *rpl =
                        (GUI_GET_WINDOW_STATION_RPL *)args->rpl_buf;
-        if (! GetWindowStationAndDesktopName(rpl->name)) {
+        HANDLE sbie_winsta;
        HANDLE sbie_desk;
        if (! GetWindowStationAndDesktopName(rpl->name, &sbie_winsta, &sbie_desk)) {
            status = -1;
            errlvl = 0x73;
            goto finish;
@ -1524,6 +1533,22 @@ ULONG GuiServer::GetWindowStationSlave(SlaveArgs *args)
            goto finish;
        }
        if (! DuplicateHandle(NtCurrentProcess(), sbie_winsta,
                              hProcess, (HANDLE *)&rpl->hsbie_winsta,
                              WINSTA_ALL_ACCESS | STANDARD_RIGHTS_REQUIRED, FALSE, 0)) {
            status = GetLastError();
            errlvl = 0x85;
            goto finish;
        }
        if (! DuplicateHandle(NtCurrentProcess(), sbie_desk,
                              hProcess, (HANDLE *)&rpl->hsbie_desk,
                              0, FALSE, DUPLICATE_SAME_ACCESS)) {
            status = GetLastError();
            errlvl = 0x86;
            goto finish;
        }
 #ifdef _WIN64
        //
--- a/Sandboxie/core/svc/GuiServer.h
+++ b/Sandboxie/core/svc/GuiServer.h
@ -80,7 +80,7 @@ protected:
    HANDLE GetJobObject(const WCHAR *boxname);
-    bool GetWindowStationAndDesktopName(WCHAR *out_name);
+    bool GetWindowStationAndDesktopName(WCHAR *out_name, HANDLE* out_winsta, HANDLE* out_desk);
 protected:
--- a/Sandboxie/core/svc/GuiWire.h
+++ b/Sandboxie/core/svc/GuiWire.h
@ -94,6 +94,8 @@ struct tagGUI_GET_WINDOW_STATION_RPL
    ULONG64 hwinsta;
    ULONG64 hdesk;
    WCHAR name[96];
    ULONG64 hsbie_winsta;
    ULONG64 hsbie_desk;
 };
 typedef struct tagGUI_GET_WINDOW_STATION_RPL GUI_GET_WINDOW_STATION_RPL;