From 29f3230afd1fa7304bf0435a3f8ee8ad761c7369 Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Sat, 8 Jun 2024 19:32:31 +0800
Subject: [PATCH] #3975

---
 CHANGELOG.md             | 21 ++++++++++++++-------
 Sandboxie/core/dll/gui.c | 33 +++++++++++++++++++++++++++++++--
 2 files changed, 45 insertions(+), 9 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e33ba93d..cad833d0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,19 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## [1.14.2 / 5.69.2] - 2024-??-??
+
+### Added
+- Add option "HideNonSystemProcesses" to hide processes other than some system services from processes lists for sandboxed processes.
+- Add option "HideSbieProcesses" to hide Sandboxie Work Process(SbieSvc,SandboxieRpcSs,etc.).
+- When "HideFirmwareInfo" is set,the programs which try getting fireware info will get false data from HKEY_CURRENT_USER\\SOFTWARE\\SandboxieHide\\FalseFirmwareValue
+- Add template "BlockAccessWMI" to prevent sandboxed processes from accessing system information through WMI.
+- Add template "BlockLocalConnect" to prevent sandboxed processes from sending network packs to loaclhost to breakout sandbox.
+- Add new box type "Maximize Isolation Sandbox".
+- Add new option "AllowCoverTaskbar" for #3975.
+
+### Changed
+- Extend "Temp Template" to make it could delete local template section.
 
 ## [1.14.1 / 5.69.1] - 2024-06-06
 
@@ -14,17 +27,11 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 - Add UI option to start unsandboxed process but force child processes in SelectBoxWindow.
 - Add option "AlertBeforeStart".When it is set,a prompt pops up before launching a new program into the sandbox using "Start.exe" and checks if the program that started "Start.exe" is a Sandboxie component itself,if it is not, a warning pops up.
 - Add option for EditAdminOnly in SetupWizard.
-- Add option "HideNonSystemProcesses" to hide processes other than some system services from processes lists for sandboxed processes.
-- Add option "HideSbieProcesses" to hide Sandboxie Work Process(SbieSvc,SandboxieRpcSs,etc.).
-- When "HideFirmwareInfo" is set,the programs which try getting fireware info will get false data from HKEY_CURRENT_USER\\SOFTWARE\\SandboxieHide\\FalseFirmwareValue
-- Add template "BlockAccessWMI" to prevent sandboxed processes from accessing system information through WMI.
-- Add template "BlockLocalConnect" to prevent sandboxed processes from sending network packs to loaclhost to breakout sandbox.
-- Add new box type "Maximize Isolation Sandbox".
+
 
 ### Changed
 - split the advanced new box wizard page in two
 - reorganized box options a bit
-- Extend "Temp Template" to make it could delete local template section.
 
 ### Fixed
 - fixed issue with proxy authentication setting
diff --git a/Sandboxie/core/dll/gui.c b/Sandboxie/core/dll/gui.c
index b94a1026..8e2aca6d 100644
--- a/Sandboxie/core/dll/gui.c
+++ b/Sandboxie/core/dll/gui.c
@@ -1356,6 +1356,35 @@ _FX HWND Gui_CreateWindowExW(
     // replace parent
     //
 
+	if (Gui_BlockInterferenceControl && !SbieApi_QueryConfBool(NULL, L"AllowCoverTaskbar", FALSE)) {
+
+		typedef BOOL(*P_SystemParametersInfoA)(UINT uiAction, UINT uiParam, PVOID pvParam, UINT fWinIni);
+		static P_SystemParametersInfoA SystemParametersInfoA = NULL;
+		if (!SystemParametersInfoA) SystemParametersInfoA = Ldr_GetProcAddrNew(L"user32.dll", L"SystemParametersInfoA", "SystemParametersInfoA");
+
+		typedef int (*P_GetSystemMetrics)(int nIndex);
+		static P_GetSystemMetrics GetSystemMetrics = NULL;
+		if (!GetSystemMetrics) GetSystemMetrics = Ldr_GetProcAddrNew(L"user32.dll", L"GetSystemMetrics", "GetSystemMetrics");
+
+		if (SystemParametersInfoA && GetSystemMetrics) {
+
+			RECT rt;
+			SystemParametersInfoA(SPI_GETWORKAREA, 0, &rt, 0);
+			int y1 = GetSystemMetrics(SM_CYSCREEN) - rt.bottom;
+			int x1 = GetSystemMetrics(SM_CXSCREEN) - rt.right;
+			int y2 = GetSystemMetrics(SM_CYSCREEN) - rt.top;
+			int x2 = GetSystemMetrics(SM_CXSCREEN) - rt.left;
+			if (y + nHeight > y1)
+				nHeight = y1 - y - 2;
+			if (y < y2)
+				y = y2 + 2;
+			if (x + nWidth > x1)
+				nWidth = x1 - x;
+			if (x < x2)
+				x = x2 + 2;
+		}
+	}
+
     if ((! Gui_DisableTitle) &&
             lpWindowName && (dwStyle & WS_CAPTION) == WS_CAPTION &&
             ((! hWndParent) || (dwStyle & WS_CHILD) == 0))
@@ -1946,7 +1975,7 @@ _FX BOOL Gui_MoveWindow(
         return FALSE;
     }
 	
-    if (Gui_BlockInterferenceControl) {
+    if (Gui_BlockInterferenceControl && !SbieApi_QueryConfBool(NULL, L"AllowCoverTaskbar", FALSE)) {
 
         typedef BOOL (*P_SystemParametersInfoA)(UINT uiAction, UINT uiParam, PVOID pvParam, UINT fWinIni);
         static P_SystemParametersInfoA SystemParametersInfoA = NULL;
@@ -1998,7 +2027,7 @@ _FX BOOL Gui_SetWindowPos(
     // use SbieSvc GUI Proxy if hWnd is accessible but outside the sandbox
     //
 	
-    if (Gui_BlockInterferenceControl) {
+    if (Gui_BlockInterferenceControl&&!SbieApi_QueryConfBool(NULL,L"AllowCoverTaskbar",FALSE)) {
 
         if (hWndInsertAfter == HWND_TOPMOST || hWndInsertAfter == HWND_TOP)
             hWndInsertAfter = HWND_DESKTOP;