Merge branch 'master' into master
This commit is contained in:
commit
2fd586a7d2
|
@ -6,3 +6,6 @@ contact_links:
|
|||
- name: LogApiDll (sandboxie-plus/LogApiDll)
|
||||
url: https://github.com/sandboxie-plus/LogApiDll
|
||||
about: API logging library that adds a verbose output to Sandboxie's trace log.
|
||||
- name: Sbiextra (sandboxie-plus/sbiextra)
|
||||
url: https://github.com/sandboxie-plus/sbiextra
|
||||
about: A DLL that adds additional user mode restrictions to sandboxed processes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
query-filters:
|
||||
- exclude:
|
||||
id: cpp/incorrect-string-type-conversion
|
|
@ -0,0 +1,103 @@
|
|||
name: "CodeQL"
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches: [ 'master' ]
|
||||
paths:
|
||||
- '**.c'
|
||||
- '**.cpp'
|
||||
- '**.h'
|
||||
pull_request:
|
||||
types:
|
||||
- opened
|
||||
# The branches below must be a subset of the branches above.
|
||||
branches: [ 'master' ]
|
||||
paths:
|
||||
- '**.c'
|
||||
- '**.cpp'
|
||||
- '**.h'
|
||||
schedule:
|
||||
- cron: '33 7 * * 6'
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: Analyze
|
||||
if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule'
|
||||
runs-on: windows-2019
|
||||
timeout-minutes: 45
|
||||
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
security-events: write
|
||||
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
language: [ 'cpp' ]
|
||||
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
|
||||
# Use only 'java' to analyze code written in Java, Kotlin or both.
|
||||
# Use only 'javascript' to analyze code written in JavaScript, TypeScript or both.
|
||||
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
|
||||
|
||||
steps:
|
||||
- name: Cleanup build folder
|
||||
run: |
|
||||
rm -r -Force ${{ github.workspace }}\*
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Setup msbuild
|
||||
uses: microsoft/setup-msbuild@v1
|
||||
|
||||
# Qt 6 is only required for ARM64 build currently.
|
||||
# - name: Install Qt6 x64
|
||||
# uses: jurplel/install-qt-action@v3
|
||||
# with:
|
||||
# version: '6.3.1'
|
||||
# arch: 'win64_msvc2019_64'
|
||||
|
||||
- name: Install Qt5 x64
|
||||
uses: jurplel/install-qt-action@v3
|
||||
with:
|
||||
version: '5.15.2'
|
||||
arch: 'win64_msvc2019_64'
|
||||
cache: true
|
||||
|
||||
- name: Installing Jom
|
||||
run: SandboxiePlus\install_jom.cmd
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
config-file: ./.github/codeql/codeql-config.yml
|
||||
# If you wish to specify custom queries, you can do so here or in a config file.
|
||||
# By default, queries listed here will override any specified in a config file.
|
||||
# Prefix the list here with "+" to use these queries and those in the config file.
|
||||
|
||||
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
|
||||
# queries: security-extended,security-and-quality
|
||||
|
||||
- name: Build Sandboxie x86
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie x64
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=x64 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie-Plus x64
|
||||
run: SandboxiePlus\qmake_plus.cmd x64
|
||||
|
||||
- name: Build SbieShell x64
|
||||
run: msbuild /t:restore,build -p:RestorePackagesConfig=true SandboxiePlus\SbieShell\SbieShell.sln /p:Configuration="Release" /p:Platform=x64
|
||||
|
||||
- name: Build Sandboxie-Tools x64
|
||||
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=x64 -maxcpucount:8
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
with:
|
||||
category: "/language:${{matrix.language}}"
|
|
@ -46,6 +46,7 @@ jobs:
|
|||
echo 'linve->live' >> dictionary.txt
|
||||
echo 'actuallly->actually' >> dictionary.txt
|
||||
echo 'asynchroniusly->asynchronously' >> dictionary.txt
|
||||
echo 'synchroniusly->synchronously' >> dictionary.txt
|
||||
echo 'seams->seems' >> dictionary.txt
|
||||
echo 'selelction->selection' >> dictionary.txt
|
||||
echo 'injectted->injected' >> dictionary.txt
|
||||
|
@ -75,15 +76,25 @@ jobs:
|
|||
echo 'auxyliary->auxiliary' >> dictionary.txt
|
||||
echo 'squating->squatting' >> dictionary.txt
|
||||
echo 'suppoter->supporter' >> dictionary.txt
|
||||
echo 'crome->Chrome' >> dictionary.txt
|
||||
echo 'chromim->Chromium' >> dictionary.txt
|
||||
echo 'sandbocie->Sandboxie' >> dictionary.txt
|
||||
echo 'routime->routine' >> dictionary.txt
|
||||
echo 'explorere->explorer' >> dictionary.txt
|
||||
echo 'mein->main' >> dictionary.txt
|
||||
echo 'trigegred->triggered' >> dictionary.txt
|
||||
echo 'windoe->window' >> dictionary.txt
|
||||
echo 'hread->thread' >> dictionary.txt
|
||||
echo 'tamplete->template' >> dictionary.txt
|
||||
echo 'prising->praising' >> dictionary.txt
|
||||
echo 'wi->we, will' >> dictionary.txt
|
||||
echo 'dayly->daily' >> dictionary.txt
|
||||
echo 'erdinal->ordinal' >> dictionary.txt
|
||||
echo 'wizars->wizard' >> dictionary.txt
|
||||
echo 'crome->Chrome' >> dictionary_code.txt
|
||||
echo 'chromim->Chromium' >> dictionary_code.txt
|
||||
echo 'kmdutill->kmdutil' >> dictionary_code.txt
|
||||
echo 'sandbocie->Sandboxie' >> dictionary_code.txt
|
||||
echo 'sanboxie->Sandboxie' >> dictionary_code.txt
|
||||
echo "sandboxies->Sandboxie's, sandboxed" >> dictionary_code.txt
|
||||
# Only lowercase letters are allowed in --ignore-words-list
|
||||
codespell --dictionary=dictionary.txt --dictionary=dictionary_rare.txt --dictionary=dictionary_code.txt \
|
||||
--ignore-words-list="wil,unknwn,tolen,pevent,doubleclick,parm,parms,etcp,ois,ba,ptd,modell,namesd,stdio,uint,errorstring,ontext,atend,deque,ecounter,nmake,namess,inh,daa,varient,lite,uis,emai,ws,slanguage" \
|
||||
--ignore-words-list="wil,unknwn,tolen,pevent,doubleclick,parm,parms,etcp,ois,ba,ptd,modell,namesd,stdio,uint,errorstring,ontext,atend,deque,ecounter,nmake,namess,inh,daa,varient,lite,uis,emai,ws,slanguage,woh,tne,process'" \
|
||||
--skip="./.git,./.github/workflows/codespell.yml,./dictionary*.txt,./Sandboxie/msgs/Text-*-*.txt,./Sandboxie/msgs/report/Report-*.txt,./SandboxiePlus/SandMan/*.ts,./Installer/Languages.iss,./Installer/isl/*.isl,./Sandboxie/common/Detours/Makefile,./Sandboxie/common/Detours/disasm.cpp,./Sandboxie/install/build.bat"
|
||||
|
|
|
@ -62,10 +62,10 @@ jobs:
|
|||
- name: Setup msbuild
|
||||
uses: microsoft/setup-msbuild@v1.3
|
||||
|
||||
- name: Build Sandboxie 64 bit
|
||||
# This is needed to compile Parse.vcxproj
|
||||
- name: Build Sandboxie x86
|
||||
# This step is needed to compile Parse.vcxproj
|
||||
run: |
|
||||
msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=x64 -maxcpucount:8
|
||||
msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
cd Sandboxie/msgs/SbieRelease
|
||||
copy Parse.exe ../
|
||||
|
||||
|
|
|
@ -9,17 +9,7 @@ on:
|
|||
branches: [ master ]
|
||||
|
||||
jobs:
|
||||
Build:
|
||||
#strategy:
|
||||
# matrix:
|
||||
# #platform: [Win32, x64]
|
||||
# #qt-target: [win32_msvc2019, win64_msvc2019_64]
|
||||
# include:
|
||||
# - platform: Win32
|
||||
# qt-target: win32_msvc2019
|
||||
# - platform: x64
|
||||
# qt-target: win64_msvc2019_64
|
||||
|
||||
Build_x64:
|
||||
runs-on: windows-2019
|
||||
timeout-minutes: 45
|
||||
|
||||
|
@ -30,50 +20,123 @@ jobs:
|
|||
- name: Setup msbuild
|
||||
uses: microsoft/setup-msbuild@v1.3
|
||||
|
||||
# - name: Do Tests
|
||||
# run: .\TestCI.cmd
|
||||
|
||||
# - name: Build Sandboxie
|
||||
# run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=${{ matrix.platform }}
|
||||
|
||||
#
|
||||
# Compile Sandboxie Core
|
||||
#
|
||||
|
||||
- name: Build Sandboxie x86
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
- name: Build Sandboxie x86 (dll's & svc)
|
||||
run: msbuild /t:build Sandboxie\SandboxDll.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie x64
|
||||
- name: Build Sandboxie x64 (all)
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=x64 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie ARM64
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=ARM64 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie ARM64EC
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=ARM64EC -maxcpucount:8
|
||||
|
||||
#
|
||||
# Prepare Qt Framework
|
||||
#
|
||||
|
||||
#- name: Cache Qt
|
||||
# id: cache-qt
|
||||
# uses: actions/cache@v3
|
||||
# - name: Install Qt6 x64
|
||||
# uses: jurplel/install-qt-action@v3
|
||||
# with:
|
||||
# path: ${{ runner.workspace }}\Qt
|
||||
# key: Qt-6.3.1+5.15.2-QtCache
|
||||
# # version: '6.2.4'
|
||||
# version: '6.3.1'
|
||||
# # dir: ..
|
||||
# # arch: ${{ matrix.qt-target }}
|
||||
# arch: 'win64_msvc2019_64'
|
||||
# # tools: 'tools_qtcreator,4.14.0-0-202012170949,qt.tools.qtcreator'
|
||||
# cache: true
|
||||
|
||||
- name: Install Qt6 x64
|
||||
- name: Install Qt5 x64
|
||||
uses: jurplel/install-qt-action@v3
|
||||
with:
|
||||
# version: '6.2.4'
|
||||
version: '6.3.1'
|
||||
version: '5.15.2'
|
||||
# dir: ..
|
||||
# arch: ${{ matrix.qt-target }}
|
||||
arch: 'win64_msvc2019_64'
|
||||
# tools: 'tools_qtcreator,4.14.0-0-202012170949,qt.tools.qtcreator'
|
||||
# cached: ${{ steps.cache-qt.outputs.cache-hit }}
|
||||
cache: true
|
||||
|
||||
- name: Installing Jom
|
||||
# if: steps.cache-qt.outputs.cache-hit != 'true'
|
||||
run: SandboxiePlus\install_jom.cmd
|
||||
|
||||
#
|
||||
# Compile Sandboxie Plus
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Plus x64
|
||||
run: SandboxiePlus\qmake_plus.cmd x64
|
||||
|
||||
- name: Build SbieShell x64
|
||||
run: msbuild /t:restore,build -p:RestorePackagesConfig=true SandboxiePlus\SbieShell\SbieShell.sln /p:Configuration="Release" /p:Platform=x64
|
||||
|
||||
#
|
||||
# Compile Sandboxie Tools
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Tools x64
|
||||
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=x64 -maxcpucount:8
|
||||
|
||||
#
|
||||
# Merge everything together
|
||||
#
|
||||
|
||||
# - name: Add Windows 7 compatible Qt6 DLLs
|
||||
# run: Installer\fix_qt6_win7.cmd
|
||||
|
||||
- name: Merging Builds
|
||||
run: Installer\merge_builds.cmd
|
||||
|
||||
- name: Collect installer assets
|
||||
run: Installer\get_assets.cmd
|
||||
|
||||
- name: Upload installer assets
|
||||
if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request'
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: Assets
|
||||
path: |
|
||||
Installer/Assets/*
|
||||
retention-days: 60
|
||||
|
||||
- name: Upload Sandboxie x64
|
||||
if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request'
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: Sandboxie_x64
|
||||
path: |
|
||||
Installer/SbiePlus_x64/*
|
||||
retention-days: 60
|
||||
|
||||
|
||||
Build_ARM64:
|
||||
runs-on: windows-2019
|
||||
timeout-minutes: 45
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Setup msbuild
|
||||
uses: microsoft/setup-msbuild@v1.3
|
||||
|
||||
#
|
||||
# Compile Sandboxie Core
|
||||
#
|
||||
|
||||
- name: Build Sandboxie x86 (dll's & svc)
|
||||
run: msbuild /t:build Sandboxie\SandboxDll.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie ARM64 (all)
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=ARM64 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie ARM64EC (dll)
|
||||
run: msbuild /t:build Sandboxie\SandboxDll.sln /p:Configuration="SbieRelease" /p:Platform=ARM64EC -maxcpucount:8
|
||||
|
||||
#
|
||||
# Prepare Qt Framework
|
||||
#
|
||||
|
||||
- name: Install Qt6 ARM64
|
||||
uses: jurplel/install-qt-action@v3
|
||||
with:
|
||||
|
@ -85,16 +148,65 @@ jobs:
|
|||
# tools: 'tools_qtcreator,4.14.0-0-202012170949,qt.tools.qtcreator'
|
||||
cache: true
|
||||
|
||||
- name: Install Qt5 x64
|
||||
uses: jurplel/install-qt-action@v3
|
||||
- name: Installing Jom
|
||||
# if: steps.cache-qt.outputs.cache-hit != 'true'
|
||||
run: SandboxiePlus\install_jom.cmd
|
||||
|
||||
#
|
||||
# Compile Sandboxie Plus
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Plus ARM64
|
||||
run: SandboxiePlus\qmake_plus.cmd ARM64
|
||||
|
||||
- name: Build SbieShell ARM64
|
||||
run: msbuild /t:restore,build -p:RestorePackagesConfig=true SandboxiePlus\SbieShell\SbieShell.sln /p:Configuration="Release" /p:Platform=ARM64
|
||||
|
||||
#
|
||||
# Compile Sandboxie Tools
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Tools ARM64
|
||||
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=ARM64 -maxcpucount:8
|
||||
|
||||
#
|
||||
# Merge everything together
|
||||
#
|
||||
|
||||
- name: Merging Builds
|
||||
run: Installer\merge_builds.cmd
|
||||
|
||||
- name: Upload Sandboxie ARM64
|
||||
if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request'
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
version: '5.15.2'
|
||||
# dir: ..
|
||||
# arch: ${{ matrix.qt-target }}
|
||||
arch: 'win64_msvc2019_64'
|
||||
# tools: 'tools_qtcreator,4.14.0-0-202012170949,qt.tools.qtcreator'
|
||||
# cached: ${{ steps.cache-qt.outputs.cache-hit }}
|
||||
cache: true
|
||||
name: Sandboxie_ARM64
|
||||
path: |
|
||||
Installer/SbiePlus_a64/*
|
||||
retention-days: 60
|
||||
|
||||
|
||||
Build_x86:
|
||||
runs-on: windows-2019
|
||||
timeout-minutes: 45
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Setup msbuild
|
||||
uses: microsoft/setup-msbuild@v1.3
|
||||
|
||||
#
|
||||
# Compile Sandboxie Core
|
||||
#
|
||||
|
||||
- name: Build Sandboxie x86 (all)
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
|
||||
#
|
||||
# Prepare Qt Framework
|
||||
#
|
||||
|
||||
- name: Install Qt5 x86
|
||||
uses: jurplel/install-qt-action@v3
|
||||
|
@ -115,18 +227,6 @@ jobs:
|
|||
# Compile Sandboxie Plus
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Plus x64
|
||||
run: SandboxiePlus\qmake_plus.cmd x64
|
||||
|
||||
- name: Build SbieShell x64
|
||||
run: msbuild /t:restore,build -p:RestorePackagesConfig=true SandboxiePlus\SbieShell\SbieShell.sln /p:Configuration="Release" /p:Platform=x64
|
||||
|
||||
- name: Build Sandboxie-Plus ARM64
|
||||
run: SandboxiePlus\qmake_plus.cmd ARM64
|
||||
|
||||
- name: Build SbieShell ARM64
|
||||
run: msbuild /t:restore,build -p:RestorePackagesConfig=true SandboxiePlus\SbieShell\SbieShell.sln /p:Configuration="Release" /p:Platform=ARM64
|
||||
|
||||
- name: Build Sandboxie-Plus x86
|
||||
run: SandboxiePlus\qmake_plus.cmd Win32
|
||||
|
||||
|
@ -137,13 +237,6 @@ jobs:
|
|||
- name: Build Sandboxie-Tools x86
|
||||
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=x86 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie-Tools x64
|
||||
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=x64 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie-Tools ARM64
|
||||
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=ARM64 -maxcpucount:8
|
||||
|
||||
|
||||
#
|
||||
# Merge everything together
|
||||
#
|
||||
|
@ -151,40 +244,11 @@ jobs:
|
|||
- name: Add missing languages for Qt5 x86 (issue 1528)
|
||||
run: Installer\fix_qt5_languages.cmd Win32
|
||||
|
||||
- name: Add Windows 7 compatible Qt6 DLLs
|
||||
run: Installer\fix_qt6_win7.cmd
|
||||
|
||||
- name: Merging Builds
|
||||
run: Installer\merge_builds.cmd
|
||||
|
||||
- name: Collect installer assets
|
||||
run: Installer\get_assets.cmd
|
||||
|
||||
- name: Upload installer assets
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: Assets
|
||||
path: |
|
||||
Installer/Assets/*
|
||||
retention-days: 60
|
||||
|
||||
- name: Upload Sandboxie x64
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: Sandboxie_x64
|
||||
path: |
|
||||
Installer/SbiePlus_x64/*
|
||||
retention-days: 60
|
||||
|
||||
- name: Upload Sandboxie ARM64
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: Sandboxie_ARM64
|
||||
path: |
|
||||
Installer/SbiePlus_a64/*
|
||||
retention-days: 60
|
||||
|
||||
- name: Upload Sandboxie x86
|
||||
if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request'
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: Sandboxie_x86
|
||||
|
|
|
@ -3,10 +3,13 @@ name: TEST
|
|||
on:
|
||||
workflow_dispatch:
|
||||
|
||||
|
||||
# push:
|
||||
# branches: [ master ]
|
||||
# pull_request:
|
||||
# branches: [ master ]
|
||||
|
||||
jobs:
|
||||
Build:
|
||||
Build_x64:
|
||||
runs-on: windows-2019
|
||||
timeout-minutes: 45
|
||||
|
||||
|
@ -17,8 +20,72 @@ jobs:
|
|||
- name: Setup msbuild
|
||||
uses: microsoft/setup-msbuild@v1.3
|
||||
|
||||
- name: Build Sandboxie x86
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
#
|
||||
# Compile Sandboxie Core
|
||||
#
|
||||
|
||||
- name: Build Sandboxie x86 (dll's & svc)
|
||||
run: msbuild /t:build Sandboxie\SandboxDll.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie x64 (all)
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=x64 -maxcpucount:8
|
||||
|
||||
#
|
||||
# Prepare Qt Framework
|
||||
#
|
||||
|
||||
# - name: Install Qt6 x64
|
||||
# uses: jurplel/install-qt-action@v3
|
||||
# with:
|
||||
# # version: '6.2.4'
|
||||
# version: '6.3.1'
|
||||
# # dir: ..
|
||||
# # arch: ${{ matrix.qt-target }}
|
||||
# arch: 'win64_msvc2019_64'
|
||||
# # tools: 'tools_qtcreator,4.14.0-0-202012170949,qt.tools.qtcreator'
|
||||
# cache: true
|
||||
|
||||
- name: Install Qt5 x64
|
||||
uses: jurplel/install-qt-action@v3
|
||||
with:
|
||||
version: '5.15.2'
|
||||
# dir: ..
|
||||
# arch: ${{ matrix.qt-target }}
|
||||
arch: 'win64_msvc2019_64'
|
||||
# tools: 'tools_qtcreator,4.14.0-0-202012170949,qt.tools.qtcreator'
|
||||
# cached: ${{ steps.cache-qt.outputs.cache-hit }}
|
||||
cache: true
|
||||
|
||||
- name: Installing Jom
|
||||
# if: steps.cache-qt.outputs.cache-hit != 'true'
|
||||
run: SandboxiePlus\install_jom.cmd
|
||||
|
||||
#
|
||||
# Compile Sandboxie Plus
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Plus x64
|
||||
run: SandboxiePlus\qmake_plus.cmd x64
|
||||
|
||||
- name: Build SbieShell x64
|
||||
run: msbuild /t:restore,build -p:RestorePackagesConfig=true SandboxiePlus\SbieShell\SbieShell.sln /p:Configuration="Release" /p:Platform=x64
|
||||
|
||||
#
|
||||
# Compile Sandboxie Tools
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Tools x64
|
||||
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=x64 -maxcpucount:8
|
||||
|
||||
#
|
||||
# Merge everything together
|
||||
#
|
||||
|
||||
# - name: Add Windows 7 compatible Qt6 DLLs
|
||||
# run: Installer\fix_qt6_win7.cmd
|
||||
|
||||
- name: Merging Builds
|
||||
run: Installer\merge_builds.cmd
|
||||
|
||||
- name: Collect installer assets
|
||||
run: Installer\get_assets.cmd
|
||||
|
@ -30,3 +97,158 @@ jobs:
|
|||
path: |
|
||||
Installer/Assets/*
|
||||
retention-days: 60
|
||||
|
||||
- name: Upload Sandboxie x64
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: Sandboxie_x64
|
||||
path: |
|
||||
Installer/SbiePlus_x64/*
|
||||
retention-days: 60
|
||||
|
||||
|
||||
Build_ARM64:
|
||||
runs-on: windows-2019
|
||||
timeout-minutes: 45
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Setup msbuild
|
||||
uses: microsoft/setup-msbuild@v1.3
|
||||
|
||||
#
|
||||
# Compile Sandboxie Core
|
||||
#
|
||||
|
||||
- name: Build Sandboxie x86 (dll's & svc)
|
||||
run: msbuild /t:build Sandboxie\SandboxDll.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie ARM64 (all)
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=ARM64 -maxcpucount:8
|
||||
|
||||
- name: Build Sandboxie ARM64EC (dll)
|
||||
run: msbuild /t:build Sandboxie\SandboxDll.sln /p:Configuration="SbieRelease" /p:Platform=ARM64EC -maxcpucount:8
|
||||
|
||||
#
|
||||
# Prepare Qt Framework
|
||||
#
|
||||
|
||||
- name: Install Qt6 ARM64
|
||||
uses: jurplel/install-qt-action@v3
|
||||
with:
|
||||
# version: '6.2.4'
|
||||
version: '6.3.1'
|
||||
# dir: ..
|
||||
# arch: ${{ matrix.qt-target }}
|
||||
arch: 'win64_msvc2019_arm64'
|
||||
# tools: 'tools_qtcreator,4.14.0-0-202012170949,qt.tools.qtcreator'
|
||||
cache: true
|
||||
|
||||
- name: Installing Jom
|
||||
# if: steps.cache-qt.outputs.cache-hit != 'true'
|
||||
run: SandboxiePlus\install_jom.cmd
|
||||
|
||||
#
|
||||
# Compile Sandboxie Plus
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Plus ARM64
|
||||
run: SandboxiePlus\qmake_plus.cmd ARM64
|
||||
|
||||
- name: Build SbieShell ARM64
|
||||
run: msbuild /t:restore,build -p:RestorePackagesConfig=true SandboxiePlus\SbieShell\SbieShell.sln /p:Configuration="Release" /p:Platform=ARM64
|
||||
|
||||
#
|
||||
# Compile Sandboxie Tools
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Tools ARM64
|
||||
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=ARM64 -maxcpucount:8
|
||||
|
||||
#
|
||||
# Merge everything together
|
||||
#
|
||||
|
||||
- name: Merging Builds
|
||||
run: Installer\merge_builds.cmd
|
||||
|
||||
- name: Upload Sandboxie ARM64
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: Sandboxie_ARM64
|
||||
path: |
|
||||
Installer/SbiePlus_a64/*
|
||||
retention-days: 60
|
||||
|
||||
|
||||
|
||||
Build_x86:
|
||||
runs-on: windows-2019
|
||||
timeout-minutes: 45
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Setup msbuild
|
||||
uses: microsoft/setup-msbuild@v1.3
|
||||
|
||||
#
|
||||
# Compile Sandboxie Core
|
||||
#
|
||||
|
||||
- name: Build Sandboxie x86 (all)
|
||||
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
|
||||
|
||||
#
|
||||
# Prepare Qt Framework
|
||||
#
|
||||
|
||||
- name: Install Qt5 x86
|
||||
uses: jurplel/install-qt-action@v3
|
||||
with:
|
||||
version: '5.15.2'
|
||||
# dir: ..
|
||||
# arch: ${{ matrix.qt-target }}
|
||||
arch: 'win32_msvc2019'
|
||||
# tools: 'tools_qtcreator,4.14.0-0-202012170949,qt.tools.qtcreator'
|
||||
# cached: ${{ steps.cache-qt.outputs.cache-hit }}
|
||||
cache: true
|
||||
|
||||
- name: Installing Jom
|
||||
# if: steps.cache-qt.outputs.cache-hit != 'true'
|
||||
run: SandboxiePlus\install_jom.cmd
|
||||
|
||||
#
|
||||
# Compile Sandboxie Plus
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Plus x86
|
||||
run: SandboxiePlus\qmake_plus.cmd Win32
|
||||
|
||||
#
|
||||
# Compile Sandboxie Tools
|
||||
#
|
||||
|
||||
- name: Build Sandboxie-Tools x86
|
||||
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=x86 -maxcpucount:8
|
||||
|
||||
#
|
||||
# Merge everything together
|
||||
#
|
||||
|
||||
- name: Add missing languages for Qt5 x86 (issue 1528)
|
||||
run: Installer\fix_qt5_languages.cmd Win32
|
||||
|
||||
- name: Merging Builds
|
||||
run: Installer\merge_builds.cmd
|
||||
|
||||
- name: Upload Sandboxie x86
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: Sandboxie_x86
|
||||
path: |
|
||||
Installer/SbiePlus_x86/*
|
||||
retention-days: 60
|
||||
|
|
55
CHANGELOG.md
55
CHANGELOG.md
|
@ -7,11 +7,44 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
|||
|
||||
|
||||
|
||||
|
||||
|
||||
## [1.10.0 / 5.65.0] - 2023-07-??
|
||||
## [1.10.1 / 5.65.1] - 2023-07-??
|
||||
|
||||
### Added
|
||||
- added UI option to change ini editor [#3116](https://github.com/sandboxie-plus/Sandboxie/issues/3116)
|
||||
- added Separate protection against box removal and content deletion [#3104] (https://github.com/sandboxie-plus/Sandboxie/issues/3104)
|
||||
- added Add "auto scroll" in sbie messages, resource monitor, api call log context menu [#393](https://github.com/sandboxie-plus/Sandboxie/issues/393)
|
||||
|
||||
### Changed
|
||||
- reworked Nt Object Handle handling
|
||||
- "OpenClipboard=n" now is also implemented in user mode, making it work for green boxes
|
||||
- changed Delete V2 scheme to use drive letters in FilePaths.dat (remains backwards compatible with using NT Paths) [#3053](https://github.com/sandboxie-plus/Sandboxie/issues/3053)
|
||||
|
||||
### Fixed
|
||||
- fixed "Disable Security Isolation" causes a game to stop playing audio [#2893](https://github.com/sandboxie-plus/Sandboxie/issues/2893)
|
||||
- fixed NtQueryDirectoryObject not implemented [#2734](https://github.com/sandboxie-plus/Sandboxie/issues/2734)
|
||||
- fixed issue with working directory for run menu entries
|
||||
- fixed inpoper global symlink in sandboxed namespace [#3112](https://github.com/sandboxie-plus/Sandboxie/issues/3112)
|
||||
- fixed 'Addon already installed!' error when clicking 'Show Stack Trace' [#3114](https://github.com/sandboxie-plus/Sandboxie/issues/3114)
|
||||
- fixed existing BoxNameTitle=process.exe,- removed when toggling other options [#3106](https://github.com/sandboxie-plus/Sandboxie/issues/3106)
|
||||
- fixed asynchroniusly assigned PCA job not being properly detected [#1919](https://github.com/sandboxie-plus/Sandboxie/issues/1919)
|
||||
- fixed incompatybility with first windows 10 release [#3117](https://github.com/sandboxie-plus/Sandboxie/issues/3117)
|
||||
- fixed Remove Sandbox only deletes the contents of the sandbox when an application is running in the sandbox [#3118](https://github.com/sandboxie-plus/Sandboxie/issues/3118)
|
||||
- fixed crash issue with not peroeprly termianted script engine [#3120](https://github.com/sandboxie-plus/Sandboxie/issues/3120)
|
||||
- fixed ImDisk under Sandboxie supervision causes SBIE2337 and sometimes BSoD [#1092)(https://github.com/sandboxie-plus/Sandboxie/issues/1092)
|
||||
- fixed Snapshots don't merge duplicate directory junctions [#3016](https://github.com/sandboxie-plus/Sandboxie/issues/3016)
|
||||
- fixed Snapshot related issue when using Delete V2 rename functionality
|
||||
- fixed issue with Delete V2 when using network shares
|
||||
- fixed issue when using "UseVolumeSerialNumbers=y" with accessing drive roots
|
||||
- fixed Remove-Snapshot resurrects deleted files when using Delete V2 [#3015](https://github.com/sandboxie-plus/Sandboxie/issues/3015)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## [1.10.0 / 5.65.0] - 2023-07-12
|
||||
|
||||
### Added
|
||||
- added box scripting engine to make SandMan more flexible
|
||||
- added scriptable troubleshooting wizard [#1875](https://github.com/sandboxie-plus/Sandboxie/issues/1875)
|
||||
- added addon manager which helps to install additional and third-party components, available addons:
|
||||
- [ImDisk Toolkit](https://sourceforge.net/projects/imdisk-toolkit/) - used to create RAM Disks and other virtual drives
|
||||
|
@ -21,15 +54,31 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
|||
- [SbieHide.dll](https://github.com/VeroFess/SbieHide) - a third-party DLL to hide SbieDll.dll
|
||||
- [LogAPI.dll](https://bsa.isoftware.nl/) - an API logging library used for Buster Sandbox Analyzer
|
||||
- added option to set the update interval to 1, 7, 14 and 30 days
|
||||
- added `What's new in Sandboxie-Plus` dialog in SbieCtrl.exe to praise the new features of the Plus UI
|
||||
- Note: this is shown after the installation of Sandboxie Classic
|
||||
- added "fixdacls" command to KmdUtil.exe, it repairs broken DACL entries on the Sandboxie folder to fix issues where SbieDll.dll fails to load
|
||||
- added option to hide Sandboxie's own processes [#3054](https://github.com/sandboxie-plus/Sandboxie/issues/3054)
|
||||
- added functionality to cache Sandboxie messages within the Plus UI [#2920](https://github.com/sandboxie-plus/Sandboxie/issues/2920)
|
||||
- added button to invoke troubleshooting wizard directly from the SBIE message popup
|
||||
|
||||
### Changed
|
||||
- setup wizard has now a dedicated update configuration page
|
||||
- this page will be shown once for all users who do not have updates enabled
|
||||
- split the support page into Sandboxie Support and Sandboxie Updater tabs
|
||||
- when the troubleshooting.7z file is available, the script engine will be used to match compatibility templates
|
||||
- this allows a better granularity in template selection by using the AppCompatibility.js script
|
||||
- reworked low level code injection mechanism to improve flexibility and debugging
|
||||
- the main injection detour code is now written in C instead of Assembler and can properly report SbieDll.dll loading errors as SBIE2181
|
||||
- improved session agent startup to be more flexible
|
||||
- improved SBIEMSG help handling, the link now contains message details allowing to point to a more exact document (if available)
|
||||
- updated certificate validation code
|
||||
|
||||
### Fixed
|
||||
- fixed uninstall issue in the Sandboxie Classic installer [d1863ff](https://github.com/sandboxie-plus/Sandboxie/commit/d1863ffadfe105c695de71c9e841c2fd568116fe)
|
||||
- added workaround for Chrome not starting on Windows 11 with KB5027231 [#3040](https://github.com/sandboxie-plus/Sandboxie/issues/3040)
|
||||
- improved compatibility with procmon/stack traces for debug builds
|
||||
- fixed issue with non-standard command lines
|
||||
- fixed online updater not checking every 7 days, but daily
|
||||
|
||||
### Removed
|
||||
- cleaned up duplicate code (thanks lmou523) [#3067](https://github.com/sandboxie-plus/Sandboxie/pull/3067)
|
||||
|
|
|
@ -30,6 +30,7 @@ copy %~dp0..\sandboxie\install\ParseVersion.bat %~dp0\Assets\Classic\install\
|
|||
copy %~dp0..\sandboxie\install\Registry.nsh %~dp0\Assets\Classic\install\
|
||||
copy %~dp0..\sandboxie\install\SandboxieVS.nsi %~dp0\Assets\Classic\install\
|
||||
copy %~dp0..\sandboxie\install\Warning.ini %~dp0\Assets\Classic\install\
|
||||
copy %~dp0..\sandboxie\install\whatsnew.html %~dp0\Assets\Classic\install\
|
||||
mkdir %~dp0\Assets\Classic\msgs
|
||||
mkdir %~dp0\Assets\Classic\msgs\SbieRelease
|
||||
copy %~dp0..\sandboxie\msgs\SbieRelease\NsisText_Albanian.txt %~dp0\Assets\Classic\msgs\SbieRelease\
|
||||
|
|
|
@ -59,6 +59,7 @@ Sandboxie's functionality can be enhanced with specialized tools like the follow
|
|||
* [LogApiDll](https://github.com/sandboxie-plus/LogApiDll) - adds a verbose output to Sandboxie's trace log, listing invocations of relevant Windows API functions
|
||||
* [SbieHide](https://github.com/VeroFess/SbieHide) - attempts to hide the presence of SbieDll.dll from the application being sandboxed
|
||||
* [SandboxToys2](https://github.com/blap/SandboxToys2) - allows to monitor files and registry changes in a sandbox
|
||||
* [Sbiextra](https://github.com/sandboxie-plus/sbiextra) - adds additional user mode restrictions to sandboxed processes
|
||||
|
||||
|
||||
## 📌 Project history
|
||||
|
@ -107,8 +108,9 @@ If you find Sandboxie useful, then feel free to contribute through our [Contribu
|
|||
- lmou523 - Code fixes
|
||||
- sredna - Code fixes for Classic installer
|
||||
- weihongx9315 - Code fix
|
||||
- yfdyh000 - Localization support for Plus installer
|
||||
- jorgectf - CodeQL workflow
|
||||
- stephtr - CI / Certification
|
||||
- yfdyh000 - Localization support for Plus installer
|
||||
- Dyras - Templates additions
|
||||
- cricri-pingouin - UI fixes
|
||||
- Valinwolf - UI / Icons
|
||||
|
@ -135,7 +137,7 @@ If you find Sandboxie useful, then feel free to contribute through our [Contribu
|
|||
- JNylson - Portuguese and Brazilian Portuguese
|
||||
- lufog - Russian
|
||||
- sebadamus - Spanish
|
||||
- pb1 - Swedish (provided by email)
|
||||
- 1FF - Swedish (provided by email)
|
||||
- xorcan, fmbxnary, offhub - Turkish
|
||||
- SuperMaxusa, lufog - Ukrainian
|
||||
- GunGunGun - Vietnamese
|
||||
|
|
|
@ -0,0 +1,146 @@
|
|||
|
||||
Microsoft Visual Studio Solution File, Format Version 12.00
|
||||
# Visual Studio Version 16
|
||||
VisualStudioVersion = 16.0.30804.86
|
||||
MinimumVisualStudioVersion = 10.0.40219.1
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxSvc", "core\svc\SboxSvc.vcxproj", "{2D3DBCAE-883E-54A6-F8F6-11228D989033}"
|
||||
ProjectSection(ProjectDependencies) = postProject
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4} = {8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}
|
||||
EndProjectSection
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxMsg", "msgs\SboxMsg.vcxproj", "{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}"
|
||||
ProjectSection(ProjectDependencies) = postProject
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776} = {7BA01954-12F1-4CEE-BA97-FAD3250D9776}
|
||||
EndProjectSection
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxDll", "core\dll\SboxDll.vcxproj", "{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}"
|
||||
ProjectSection(ProjectDependencies) = postProject
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3} = {63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D} = {255002EC-9FC7-422E-B497-BE2CC5012B2D}
|
||||
EndProjectSection
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "LowLevel", "core\low\LowLevel.vcxproj", "{255002EC-9FC7-422E-B497-BE2CC5012B2D}"
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Parse", "msgs\Parse.vcxproj", "{7BA01954-12F1-4CEE-BA97-FAD3250D9776}"
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxHostDll", "SboxHostDll\SboxHostDll.vcxproj", "{3A42A9F3-E0C7-4633-9570-381802D6647D}"
|
||||
ProjectSection(ProjectDependencies) = postProject
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4} = {8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}
|
||||
EndProjectSection
|
||||
EndProject
|
||||
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "core", "core", "{E9D1318A-FAF0-4EF8-8561-FCB03862AC99}"
|
||||
EndProject
|
||||
Global
|
||||
GlobalSection(SolutionConfigurationPlatforms) = preSolution
|
||||
SbieDebug|ARM64 = SbieDebug|ARM64
|
||||
SbieDebug|ARM64EC = SbieDebug|ARM64EC
|
||||
SbieDebug|Win32 = SbieDebug|Win32
|
||||
SbieDebug|x64 = SbieDebug|x64
|
||||
SbieRelease|ARM64 = SbieRelease|ARM64
|
||||
SbieRelease|ARM64EC = SbieRelease|ARM64EC
|
||||
SbieRelease|Win32 = SbieRelease|Win32
|
||||
SbieRelease|x64 = SbieRelease|x64
|
||||
EndGlobalSection
|
||||
GlobalSection(ProjectConfigurationPlatforms) = postSolution
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieDebug|ARM64.ActiveCfg = SbieDebug|ARM64
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieDebug|ARM64.Build.0 = SbieDebug|ARM64
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieDebug|ARM64EC.ActiveCfg = SbieDebug|ARM64EC
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieDebug|ARM64EC.Build.0 = SbieDebug|ARM64EC
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieDebug|Win32.ActiveCfg = SbieDebug|Win32
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieDebug|Win32.Build.0 = SbieDebug|Win32
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieDebug|x64.ActiveCfg = SbieDebug|x64
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieDebug|x64.Build.0 = SbieDebug|x64
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieRelease|ARM64.ActiveCfg = SbieRelease|ARM64
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieRelease|ARM64.Build.0 = SbieRelease|ARM64
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieRelease|ARM64EC.ActiveCfg = SbieRelease|ARM64EC
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieRelease|ARM64EC.Build.0 = SbieRelease|ARM64EC
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieRelease|Win32.ActiveCfg = SbieRelease|Win32
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033}.SbieRelease|x64.Build.0 = SbieRelease|x64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|ARM64.ActiveCfg = SbieRelease|ARM64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|ARM64.Build.0 = SbieRelease|ARM64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|ARM64EC.ActiveCfg = SbieRelease|x64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|Win32.ActiveCfg = SbieRelease|Win32
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|Win32.Build.0 = SbieRelease|Win32
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|x64.ActiveCfg = SbieRelease|x64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|x64.Build.0 = SbieRelease|x64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|ARM64.ActiveCfg = SbieRelease|ARM64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|ARM64.Build.0 = SbieRelease|ARM64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|ARM64EC.ActiveCfg = SbieRelease|x64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|Win32.ActiveCfg = SbieRelease|Win32
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
|
||||
{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|x64.Build.0 = SbieRelease|x64
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieDebug|ARM64.ActiveCfg = SbieDebug|ARM64
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieDebug|ARM64.Build.0 = SbieDebug|ARM64
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieDebug|ARM64EC.ActiveCfg = SbieDebug|ARM64EC
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieDebug|ARM64EC.Build.0 = SbieDebug|ARM64EC
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieDebug|Win32.ActiveCfg = SbieDebug|Win32
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieDebug|Win32.Build.0 = SbieDebug|Win32
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieDebug|x64.ActiveCfg = SbieDebug|x64
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieDebug|x64.Build.0 = SbieDebug|x64
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieRelease|ARM64.ActiveCfg = SbieRelease|ARM64
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieRelease|ARM64.Build.0 = SbieRelease|ARM64
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieRelease|ARM64EC.ActiveCfg = SbieRelease|ARM64EC
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieRelease|ARM64EC.Build.0 = SbieRelease|ARM64EC
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieRelease|Win32.ActiveCfg = SbieRelease|Win32
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}.SbieRelease|x64.Build.0 = SbieRelease|x64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieDebug|ARM64.ActiveCfg = SbieRelease|ARM64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieDebug|ARM64.Build.0 = SbieRelease|ARM64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieDebug|ARM64EC.ActiveCfg = SbieRelease|ARM64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieDebug|ARM64EC.Build.0 = SbieRelease|ARM64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieDebug|Win32.ActiveCfg = SbieRelease|Win32
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieDebug|Win32.Build.0 = SbieRelease|Win32
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieDebug|x64.ActiveCfg = SbieRelease|x64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieDebug|x64.Build.0 = SbieRelease|x64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieRelease|ARM64.ActiveCfg = SbieRelease|ARM64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieRelease|ARM64.Build.0 = SbieRelease|ARM64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieRelease|ARM64EC.ActiveCfg = SbieRelease|ARM64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieRelease|ARM64EC.Build.0 = SbieRelease|ARM64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieRelease|Win32.ActiveCfg = SbieRelease|Win32
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D}.SbieRelease|x64.Build.0 = SbieRelease|x64
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|ARM64.ActiveCfg = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|ARM64.Build.0 = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|ARM64EC.ActiveCfg = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|Win32.ActiveCfg = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|Win32.Build.0 = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|x64.ActiveCfg = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieRelease|ARM64.ActiveCfg = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieRelease|ARM64EC.ActiveCfg = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieRelease|Win32.ActiveCfg = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieRelease|x64.ActiveCfg = SbieRelease|Win32
|
||||
{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieRelease|x64.Build.0 = SbieRelease|Win32
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieDebug|ARM64.ActiveCfg = SbieDebug|ARM64
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieDebug|ARM64.Build.0 = SbieDebug|ARM64
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieDebug|ARM64EC.ActiveCfg = SbieDebug|x64
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieDebug|Win32.ActiveCfg = SbieDebug|Win32
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieDebug|Win32.Build.0 = SbieDebug|Win32
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieDebug|x64.ActiveCfg = SbieDebug|x64
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieDebug|x64.Build.0 = SbieDebug|x64
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|ARM64.ActiveCfg = SbieRelease|ARM64
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|ARM64.Build.0 = SbieRelease|ARM64
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|ARM64EC.ActiveCfg = SbieRelease|x64
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|Win32.ActiveCfg = SbieRelease|Win32
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|x64.Build.0 = SbieRelease|x64
|
||||
EndGlobalSection
|
||||
GlobalSection(SolutionProperties) = preSolution
|
||||
HideSolutionNode = FALSE
|
||||
EndGlobalSection
|
||||
GlobalSection(NestedProjects) = preSolution
|
||||
{2D3DBCAE-883E-54A6-F8F6-11228D989033} = {E9D1318A-FAF0-4EF8-8561-FCB03862AC99}
|
||||
{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4} = {E9D1318A-FAF0-4EF8-8561-FCB03862AC99}
|
||||
{255002EC-9FC7-422E-B497-BE2CC5012B2D} = {E9D1318A-FAF0-4EF8-8561-FCB03862AC99}
|
||||
{3A42A9F3-E0C7-4633-9570-381802D6647D} = {E9D1318A-FAF0-4EF8-8561-FCB03862AC99}
|
||||
EndGlobalSection
|
||||
GlobalSection(ExtensibilityGlobals) = postSolution
|
||||
SolutionGuid = {8CC68B2E-A32E-409D-8D3F-F68AF524E29C}
|
||||
EndGlobalSection
|
||||
EndGlobal
|
|
@ -150,12 +150,22 @@ void CRunBrowser::OpenHelp(CWnd *pParentWnd, const CString &topic)
|
|||
CRunBrowser x(pParentWnd, GetTopicUrl(topic));
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// OpenForum
|
||||
// EscapeForURL
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
void CRunBrowser::OpenForum(CWnd *pParentWnd)
|
||||
CString CRunBrowser::EscapeForURL(const CString& value)
|
||||
{
|
||||
CRunBrowser x(pParentWnd, L"https://sandboxie-plus.com/go.php?to=sbie-forum");
|
||||
CString escapedValue;
|
||||
DWORD bufferSize = (DWORD)(value.GetLength() * 3 + 1);
|
||||
LPWSTR escapedBuffer = new WCHAR[bufferSize];
|
||||
|
||||
HRESULT hr = UrlEscapeW(value, escapedBuffer, &bufferSize, URL_ESCAPE_PERCENT | URL_ESCAPE_SEGMENT_ONLY);
|
||||
if (hr == S_OK)
|
||||
escapedValue = CString(escapedBuffer, bufferSize);
|
||||
|
||||
delete[] escapedBuffer;
|
||||
return escapedValue;
|
||||
}
|
|
@ -65,8 +65,8 @@ public:
|
|||
static CString GetTopicUrl(const CString &topic);
|
||||
|
||||
static void OpenHelp(CWnd *pParentWnd, const CString &topic);
|
||||
static void OpenForum(CWnd *pParentWnd);
|
||||
|
||||
static CString EscapeForURL(const CString& value);
|
||||
};
|
||||
|
||||
|
||||
|
|
|
@ -813,7 +813,7 @@ long DisplayHTMLStr(HWND hwnd, LPCTSTR string)
|
|||
|
||||
// We want to get the base address (ie, a pointer) to the IWebBrowser2 object embedded within the browser
|
||||
// object, so we can call some of the functions in the former's table.
|
||||
if (!browserObject->lpVtbl->QueryInterface(browserObject, &IID_IWebBrowser2, (void**)&webBrowser2))
|
||||
if (SUCCEEDED(browserObject->lpVtbl->QueryInterface(browserObject, &IID_IWebBrowser2, (void**)&webBrowser2)))
|
||||
{
|
||||
// Ok, now the pointer to our IWebBrowser2 object is in 'webBrowser2', and so its VTable is
|
||||
// webBrowser2->lpVtbl.
|
||||
|
@ -833,11 +833,11 @@ long DisplayHTMLStr(HWND hwnd, LPCTSTR string)
|
|||
|
||||
// Call the IWebBrowser2 object's get_Document so we can get its DISPATCH object. I don't know why you
|
||||
// don't get the DISPATCH object via the browser object's QueryInterface(), but you don't.
|
||||
if (!webBrowser2->lpVtbl->get_Document(webBrowser2, &lpDispatch))
|
||||
if (SUCCEEDED(webBrowser2->lpVtbl->get_Document(webBrowser2, &lpDispatch)))
|
||||
{
|
||||
// We want to get a pointer to the IHTMLDocument2 object embedded within the DISPATCH
|
||||
// object, so we can call some of the functions in the former's table.
|
||||
if (!lpDispatch->lpVtbl->QueryInterface(lpDispatch, &IID_IHTMLDocument2, (void**)&htmlDoc2))
|
||||
if (SUCCEEDED(lpDispatch->lpVtbl->QueryInterface(lpDispatch, &IID_IHTMLDocument2, (void**)&htmlDoc2)))
|
||||
{
|
||||
// Ok, now the pointer to our IHTMLDocument2 object is in 'htmlDoc2', and so its VTable is
|
||||
// htmlDoc2->lpVtbl.
|
||||
|
@ -846,7 +846,7 @@ long DisplayHTMLStr(HWND hwnd, LPCTSTR string)
|
|||
// array of "VARIENT" structs. So let's create all that.
|
||||
if ((sfArray = SafeArrayCreate(VT_VARIANT, 1, (SAFEARRAYBOUND *)&ArrayBound)))
|
||||
{
|
||||
if (!SafeArrayAccessData(sfArray, (void**)&pVar))
|
||||
if (SUCCEEDED(SafeArrayAccessData(sfArray, (void**)&pVar)))
|
||||
{
|
||||
pVar->vt = VT_BSTR;
|
||||
#ifndef UNICODE
|
||||
|
@ -933,7 +933,7 @@ long DisplayHTMLPage(HWND hwnd, LPTSTR webPageName)
|
|||
|
||||
// We want to get the base address (ie, a pointer) to the IWebBrowser2 object embedded within the browser
|
||||
// object, so we can call some of the functions in the former's table.
|
||||
if (!browserObject->lpVtbl->QueryInterface(browserObject, &IID_IWebBrowser2, (void**)&webBrowser2))
|
||||
if (SUCCEEDED(browserObject->lpVtbl->QueryInterface(browserObject, &IID_IWebBrowser2, (void**)&webBrowser2)))
|
||||
{
|
||||
// Ok, now the pointer to our IWebBrowser2 object is in 'webBrowser2', and so its VTable is
|
||||
// webBrowser2->lpVtbl.
|
||||
|
@ -1093,7 +1093,7 @@ long EmbedBrowserObject(HWND hwnd)
|
|||
// _IOleClientSiteEx struct starts with an embedded IOleClientSite. So the browser won't care, and we want
|
||||
// this extended struct passed to our IOleClientSite functions.
|
||||
|
||||
if (!OleCreate(&CLSID_WebBrowser, &IID_IOleObject, OLERENDER_DRAW, 0, (IOleClientSite *)_iOleClientSiteEx, &MyIStorage, (void**)&browserObject))
|
||||
if (SUCCEEDED(OleCreate(&CLSID_WebBrowser, &IID_IOleObject, OLERENDER_DRAW, 0, (IOleClientSite *)_iOleClientSiteEx, &MyIStorage, (void**)&browserObject)))
|
||||
{
|
||||
// Ok, we now have the pointer to the browser object in 'browserObject'. Let's save this in the
|
||||
// memory block we allocated above, and then save the pointer to that whole thing in our window's
|
||||
|
@ -1133,11 +1133,11 @@ long EmbedBrowserObject(HWND hwnd)
|
|||
GetClientRect(hwnd, &rect);
|
||||
|
||||
// Let browser object know that it is embedded in an OLE container.
|
||||
if (!OleSetContainedObject((struct IUnknown *)browserObject, TRUE) &&
|
||||
if (SUCCEEDED(OleSetContainedObject((struct IUnknown *)browserObject, TRUE)) &&
|
||||
|
||||
// Set the display area of our browser control the same as our window's size
|
||||
// and actually put the browser object into our window.
|
||||
!browserObject->lpVtbl->DoVerb(browserObject, OLEIVERB_SHOW, NULL, (IOleClientSite *)_iOleClientSiteEx, -1, hwnd, &rect) &&
|
||||
SUCCEEDED(browserObject->lpVtbl->DoVerb(browserObject, OLEIVERB_SHOW, NULL, (IOleClientSite *)_iOleClientSiteEx, -1, hwnd, &rect)) &&
|
||||
|
||||
// Ok, now things may seem to get even trickier, One of those function pointers in the browser's VTable is
|
||||
// to the QueryInterface() function. What does this function do? It lets us grab the base address of any
|
||||
|
@ -1148,7 +1148,7 @@ long EmbedBrowserObject(HWND hwnd)
|
|||
// object, so we can call some of the functions in the former's table. For example, one IWebBrowser2 function
|
||||
// we intend to call below will be Navigate2(). So we call the browser object's QueryInterface to get our
|
||||
// pointer to the IWebBrowser2 object.
|
||||
!browserObject->lpVtbl->QueryInterface(browserObject, &IID_IWebBrowser2, (void**)&webBrowser2))
|
||||
SUCCEEDED(browserObject->lpVtbl->QueryInterface(browserObject, &IID_IWebBrowser2, (void**)&webBrowser2)))
|
||||
{
|
||||
// Ok, now the pointer to our IWebBrowser2 object is in 'webBrowser2', and so its VTable is
|
||||
// webBrowser2->lpVtbl.
|
||||
|
@ -1226,7 +1226,7 @@ LRESULT CALLBACK WindowProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
|
|||
IOleObject *browserObject = *((IOleObject **)GetWindowLongPtr(hwnd, GWL_USERDATA));
|
||||
|
||||
IOleWindow *oleWindow;
|
||||
if (!browserObject->lpVtbl->QueryInterface(browserObject, &IID_IOleWindow, (void**)&oleWindow))
|
||||
if (SUCCEEDED(browserObject->lpVtbl->QueryInterface(browserObject, &IID_IOleWindow, (void**)&oleWindow)))
|
||||
{
|
||||
HWND hwndBrowser = NULL;
|
||||
oleWindow->lpVtbl->GetWindow(oleWindow, &hwndBrowser);
|
||||
|
|
|
@ -644,9 +644,13 @@ void CMessageDialog::DiscardMessages(
|
|||
|
||||
void CMessageDialog::OnHelp()
|
||||
{
|
||||
CString sbie = GetSBIExxxx(NULL, NULL);
|
||||
if (! sbie.IsEmpty())
|
||||
CRunBrowser::OpenHelp(this, sbie);
|
||||
CString Detail;
|
||||
CString sbie = GetSBIExxxx(NULL, &Detail);
|
||||
if (!sbie.IsEmpty()) {
|
||||
CString url = L"https://sandboxie-plus.com/go.php?to=sbie-" + sbie + "&detail=" + CRunBrowser::EscapeForURL(Detail);
|
||||
CRunBrowser x(this, url);
|
||||
//CRunBrowser::OpenHelp(this, sbie);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -83,12 +83,15 @@ BOOL CMyApp::InitInstance()
|
|||
|
||||
BOOL ForceVisible = FALSE;
|
||||
BOOL ForceSync = FALSE;
|
||||
BOOL PostSetup = FALSE;
|
||||
WCHAR *CommandLine = GetCommandLine();
|
||||
if (CommandLine) {
|
||||
if (wcsstr(CommandLine, L"/open"))
|
||||
ForceVisible = TRUE;
|
||||
if (wcsstr(CommandLine, L"/sync"))
|
||||
ForceSync = TRUE;
|
||||
if (wcsstr(CommandLine, L"/postsetup"))
|
||||
PostSetup = TRUE;
|
||||
if (wcsstr(CommandLine, L"/uninstall")) {
|
||||
CShellDialog::Sync(TRUE);
|
||||
return TRUE;
|
||||
|
@ -259,7 +262,7 @@ BOOL CMyApp::InitInstance()
|
|||
// create main window
|
||||
//
|
||||
|
||||
m_pMainWnd = new CMyFrame(ForceVisible, ForceSync);
|
||||
m_pMainWnd = new CMyFrame(ForceVisible, ForceSync, PostSetup);
|
||||
m_pMainWnd->UpdateWindow();
|
||||
|
||||
return TRUE;
|
||||
|
|
|
@ -147,6 +147,7 @@ BEGIN_MESSAGE_MAP(CMyFrame, CFrameWnd)
|
|||
ON_COMMAND(ID_HELP_FORUM, OnCmdHelpForum)
|
||||
ON_COMMAND(ID_HELP_UPDATE, OnCmdHelpUpdate)
|
||||
ON_COMMAND(ID_HELP_UPGRADE, OnCmdHelpUpgrade)
|
||||
ON_COMMAND(ID_HELP_WHATSNEW, OnCmdHelpWhatsNew)
|
||||
ON_COMMAND(ID_HELP_MIGRATION, OnCmdHelpMigrate)
|
||||
ON_COMMAND(ID_HELP_GET_CERT, OnCmdHelpGetCert)
|
||||
ON_COMMAND(ID_HELP_SET_CERT, OnCmdHelpSetCert)
|
||||
|
@ -196,7 +197,7 @@ IMPLEMENT_MENUXP(CMyFrame, CFrameWnd)
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
CMyFrame::CMyFrame(BOOL ForceVisible, BOOL ForceSync)
|
||||
CMyFrame::CMyFrame(BOOL ForceVisible, BOOL ForceSync, BOOL PostSetup)
|
||||
{
|
||||
m_mondlg = NULL;
|
||||
m_msgdlg = NULL;
|
||||
|
@ -204,6 +205,7 @@ CMyFrame::CMyFrame(BOOL ForceVisible, BOOL ForceSync)
|
|||
m_view = m_view_old = 0;
|
||||
m_hidden = FALSE;
|
||||
|
||||
m_ShowWhatsNew = PostSetup;
|
||||
//CUserSettings::GetInstance().GetBool(_ShowWelcome, m_ShowWelcome, TRUE);
|
||||
CUserSettings::GetInstance().GetBool(_AlwaysOnTop, m_AlwaysOnTop, FALSE);
|
||||
|
||||
|
@ -998,6 +1000,7 @@ void CMyFrame::OnCmdHelpSupport()
|
|||
CRunBrowser x(this, L"https://sandboxie-plus.com/go.php?to=donate");
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// OnCmdHelpContribution
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -1008,6 +1011,7 @@ void CMyFrame::OnCmdHelpContribution()
|
|||
CRunBrowser x(this, L"https://sandboxie-plus.com/go.php?to=sbie-contribute");
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// OnCmdHelpTopics
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -1018,6 +1022,7 @@ void CMyFrame::OnCmdHelpTopics()
|
|||
CRunBrowser::OpenHelp(this, L"HelpTopics");
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// OnCmdHelpTutorial
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -1039,7 +1044,7 @@ void CMyFrame::OnCmdHelpTutorial()
|
|||
|
||||
void CMyFrame::OnCmdHelpForum()
|
||||
{
|
||||
CRunBrowser::OpenForum(this);
|
||||
CRunBrowser x(this, L"https://sandboxie-plus.com/go.php?to=sbie-forum");
|
||||
}
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -1063,6 +1068,33 @@ void CMyFrame::OnCmdHelpUpgrade()
|
|||
CRunBrowser x(this, L"https://sandboxie-plus.com/go.php?to=sbie-plus&tip=upgrade");
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// OnCmdHelpWhatsNew
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
extern "C" void OpenWebView(const WCHAR * url, const WCHAR * title);
|
||||
|
||||
void CMyFrame::OnCmdHelpWhatsNew()
|
||||
{
|
||||
CString url;
|
||||
url.Format(L"https://sandboxie-plus.com/go.php?to=sbie-whatsnew&language=%d&version=%S", SbieDll_GetLanguage(NULL), MY_VERSION_STRING);
|
||||
|
||||
WCHAR path[MAX_PATH];
|
||||
GetModuleFileName(NULL, path, sizeof(path) / sizeof(WCHAR) - 4);
|
||||
WCHAR* ptr = wcsrchr(path, L'\\');
|
||||
if (ptr) ptr[1] = L'\0';
|
||||
CString file = CString(path) + L"whatsnew.html";
|
||||
if (PathFileExists(file)) {
|
||||
file.Replace(L"\\", L"/");
|
||||
url = L"file:///" + file;
|
||||
}
|
||||
|
||||
CMyMsg text(MSG_3469);
|
||||
OpenWebView(url, text);
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// OnCmdHelpMigrate
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -1073,6 +1105,15 @@ void CMyFrame::OnCmdHelpMigrate()
|
|||
{
|
||||
CString url;
|
||||
url.Format(L"https://sandboxie-plus.com/go.php?to=sbie-migration&language=%d", SbieDll_GetLanguage(NULL));
|
||||
|
||||
/*WCHAR path[MAX_PATH];
|
||||
GetModuleFileName(NULL, path, sizeof(path) / sizeof(WCHAR) - 4);
|
||||
WCHAR* ptr = wcsrchr(path, L'\\');
|
||||
if (ptr) ptr[1] = L'\0';
|
||||
CString url = L"file:///" + CString(path);
|
||||
url.Replace(L"\\", L"/");
|
||||
url.Append(L"static/plus-migration.html");*/
|
||||
|
||||
CMyMsg text(MSG_3468);
|
||||
OpenWebView(url, text);
|
||||
}
|
||||
|
@ -2105,6 +2146,18 @@ void CMyFrame::OnTimer(UINT_PTR nIDEvent)
|
|||
return;
|
||||
}*/
|
||||
|
||||
//
|
||||
// show what's new
|
||||
//
|
||||
|
||||
if (m_ShowWhatsNew && (! inModalState)) {
|
||||
|
||||
m_ShowWhatsNew = FALSE;
|
||||
|
||||
OnCmdHelpWhatsNew();
|
||||
return;
|
||||
}
|
||||
|
||||
//
|
||||
// resync shortcuts? usually Sandboxie Control does not resync
|
||||
// the Run Sandboxed shortcuts on startup, except when the
|
||||
|
|
|
@ -55,6 +55,7 @@ class CMyFrame : public CFrameWnd
|
|||
CPoint m_TrayPoint;
|
||||
|
||||
BOOL m_hidden;
|
||||
BOOL m_ShowWhatsNew;
|
||||
//BOOL m_ShowWelcome;
|
||||
BOOL m_ReSyncShortcuts;
|
||||
BOOL m_AutoRunSoftCompat;
|
||||
|
@ -126,6 +127,7 @@ class CMyFrame : public CFrameWnd
|
|||
afx_msg void OnCmdHelpForum();
|
||||
afx_msg void OnCmdHelpUpdate();
|
||||
afx_msg void OnCmdHelpUpgrade();
|
||||
afx_msg void OnCmdHelpWhatsNew();
|
||||
afx_msg void OnCmdHelpMigrate();
|
||||
afx_msg void OnCmdHelpGetCert();
|
||||
afx_msg void OnCmdHelpSetCert();
|
||||
|
@ -161,7 +163,7 @@ class CMyFrame : public CFrameWnd
|
|||
|
||||
public:
|
||||
|
||||
CMyFrame(BOOL ForceVisible, BOOL ForceSync);
|
||||
CMyFrame(BOOL ForceVisible, BOOL ForceSync, BOOL PostSetup);
|
||||
~CMyFrame();
|
||||
|
||||
static CWnd *m_GettingStartedWindow;
|
||||
|
|
|
@ -128,7 +128,8 @@ BEGIN
|
|||
MENUITEM SEPARATOR
|
||||
MENUITEM "3452", ID_HELP_TOPICS
|
||||
MENUITEM "3453", ID_HELP_TUTORIAL
|
||||
MENUITEM "3468", ID_HELP_MIGRATION
|
||||
MENUITEM "3469", ID_HELP_WHATSNEW
|
||||
//MENUITEM "3468", ID_HELP_MIGRATION
|
||||
MENUITEM "3457", ID_HELP_FORUM
|
||||
MENUITEM SEPARATOR
|
||||
MENUITEM "3454", ID_HELP_UPDATE
|
||||
|
|
|
@ -31,7 +31,9 @@
|
|||
#include "common/my_version.h"
|
||||
#include "common/json/JSON.h"
|
||||
#include "common/win32_ntddk.h"
|
||||
#include "core/drv/api_defs.h"
|
||||
|
||||
#define UPDATE_INTERVAL (7 * 24 * 60 * 60)
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Variables
|
||||
|
@ -269,9 +271,58 @@ BOOLEAN CUpdater::QueryUpdateData(UPDATER_DATA* Context)
|
|||
#endif
|
||||
StrLang, Context->Manual ? L"0" : L"1");
|
||||
|
||||
if (!Context->Manual)
|
||||
Path.AppendFormat(L"&interval=%d", UPDATE_INTERVAL);
|
||||
|
||||
CString update_key;
|
||||
CSbieIni::GetInstance().GetText(_GlobalSettings, L"UpdateKey", update_key);
|
||||
//CSbieIni::GetInstance().GetText(_GlobalSettings, L"UpdateKey", update_key);
|
||||
|
||||
WCHAR CertPath[MAX_PATH];
|
||||
SbieApi_GetHomePath(NULL, 0, CertPath, MAX_PATH);
|
||||
wcscat(CertPath, L"\\Certificate.dat");
|
||||
HANDLE hFile = CreateFile(CertPath, FILE_GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
|
||||
if (hFile != INVALID_HANDLE_VALUE) {
|
||||
char CertData[0x1000];
|
||||
DWORD bytesRead = 0;
|
||||
if (ReadFile(hFile, CertData, sizeof(CertData), &bytesRead, NULL)) {
|
||||
CertData[bytesRead] = 0;
|
||||
|
||||
CString sCertData = CString(CertData);
|
||||
int pos = sCertData.Find(L"UPDATEKEY:");
|
||||
if (pos != -1) {
|
||||
pos += 10;
|
||||
int end = sCertData.Find(L"\n", pos);
|
||||
if (end == -1) end = sCertData.GetLength();
|
||||
update_key = sCertData.Mid(pos, end - pos).Trim();
|
||||
}
|
||||
}
|
||||
CloseHandle(hFile);
|
||||
}
|
||||
|
||||
if (!update_key.IsEmpty())
|
||||
update_key += "-";
|
||||
|
||||
QWORD RandID = 0;
|
||||
SbieApi_Call(API_GET_SECURE_PARAM, 3, L"RandID", (ULONG_PTR)&RandID, sizeof(RandID));
|
||||
if (RandID == 0) {
|
||||
srand(GetTickCount());
|
||||
RandID = QWORD(rand() & 0xFFFF) | (QWORD(rand() & 0xFFFF) << 16) | (QWORD(rand() & 0xFFFF) << 32) | (QWORD(rand() & 0xFFFF) << 48);
|
||||
SbieApi_Call(API_SET_SECURE_PARAM, 3, L"RandID", (ULONG_PTR)&RandID, sizeof(RandID));
|
||||
}
|
||||
|
||||
CString Section;
|
||||
CString UserName;
|
||||
BOOL IsAdmin;
|
||||
CSbieIni::GetInstance().GetUser(Section, UserName, IsAdmin);
|
||||
DWORD Hash = wcstoul(Section.Mid(13), NULL, 16);
|
||||
|
||||
QWORD HashID = RandID ^ (QWORD((Hash & 0xFFFF) ^ ((Hash >> 16) & 0xFFFF)) << 48); // fold the hash in half and xor it with the first 16 bit of RandID
|
||||
|
||||
wchar_t sHash[17];
|
||||
wsprintf(sHash, L"%08X%08X", DWORD(HashID >> 32), DWORD(HashID));
|
||||
|
||||
update_key += sHash;
|
||||
|
||||
Path += L"&update_key=" + update_key;
|
||||
|
||||
if (!DownloadUpdateData(L"sandboxie-plus.com", Path, &jsonString, NULL)) {
|
||||
|
@ -507,7 +558,7 @@ ULONG CUpdater::UpdaterServiceThread(void *lpParameter)
|
|||
__int64 NextUpdateCheck;
|
||||
CUserSettings::GetInstance().GetNum64(_NextUpdateCheck, NextUpdateCheck, 0);
|
||||
if (NextUpdateCheck != -1)
|
||||
CUserSettings::GetInstance().SetNum64(_NextUpdateCheck, time(NULL) + 7 * 24 * 60 * 60);
|
||||
CUserSettings::GetInstance().SetNum64(_NextUpdateCheck, time(NULL) + UPDATE_INTERVAL);
|
||||
|
||||
if (pContext->Manual)
|
||||
CMyApp::MsgBox(NULL, MSG_3629, MB_OK);
|
||||
|
|
|
@ -54,6 +54,7 @@
|
|||
#define ID_HELP_UPDATE 40044
|
||||
#define ID_HELP_UPGRADE 40046
|
||||
#define ID_HELP_MIGRATION 40047
|
||||
#define ID_HELP_WHATSNEW 40049
|
||||
#define ID_HELP_CONTRIBUTION 40048
|
||||
#define ID_HELP_GET_CERT 40054
|
||||
#define ID_HELP_SET_CERT 40055
|
||||
|
|
|
@ -433,6 +433,10 @@ BOOL Parse_Command_Line(void)
|
|||
if (_wcsnicmp(cmd, L"open_agent:", 11) == 0) {
|
||||
cmd += 11;
|
||||
tmp = Eat_String(cmd);
|
||||
if (*cmd == L'\"') {
|
||||
cmd++;
|
||||
tmp--;
|
||||
}
|
||||
ULONG len = ULONG(tmp - cmd) * sizeof(WCHAR);
|
||||
memcpy((WCHAR*)&buffer[req.length], cmd, len);
|
||||
req.length += len;
|
||||
|
@ -1220,8 +1224,8 @@ int Program_Start(void)
|
|||
WCHAR *parms = Eat_String(cmdline);
|
||||
if (parms && *parms) {
|
||||
|
||||
WCHAR *cmd2 = MyHeapAlloc(cmdline_len * sizeof(WCHAR));
|
||||
WCHAR *arg2 = MyHeapAlloc(cmdline_len * sizeof(WCHAR));
|
||||
WCHAR *cmd2 = MyHeapAlloc((cmdline_len + 1) * sizeof(WCHAR));
|
||||
WCHAR *arg2 = MyHeapAlloc((cmdline_len + 1) * sizeof(WCHAR));
|
||||
|
||||
wcsncpy(cmd2, cmdline, parms - cmdline);
|
||||
cmd2[parms - cmdline] = L'\0';
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
#ifndef _MY_VERSION_H
|
||||
#define _MY_VERSION_H
|
||||
|
||||
#define MY_VERSION_BINARY 5,65,0
|
||||
#define MY_VERSION_STRING "5.65.0"
|
||||
#define MY_VERSION_BINARY 5,65,1
|
||||
#define MY_VERSION_STRING "5.65.1"
|
||||
#define MY_ABI_VERSION 0x56000
|
||||
|
||||
// These #defines are used by either Resource Compiler or NSIS installer
|
||||
|
|
|
@ -1197,12 +1197,12 @@ _FX HRESULT Com_CoUnmarshalInterface_Common(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Trace(TraceType, NULL, riid, 0, hr);
|
||||
if (hr == RPC_S_SERVER_UNAVAILABLE) {
|
||||
IStream_Seek(pStream, *seekpos, STREAM_SEEK_SET, &posu);
|
||||
|
@ -1278,11 +1278,11 @@ static HRESULT Com_CoMarshalInterface(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Trace(TraceType, NULL, riid, 0, hr);
|
||||
Com_RpcRaiseException(hr);
|
||||
return E_ABORT;
|
||||
|
@ -2106,7 +2106,7 @@ _FX void Com_IUnknown_Add_Ref_Release(COM_IUNKNOWN *This, UCHAR op)
|
|||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_RpcRaiseException(hr);
|
||||
}
|
||||
|
||||
|
@ -2244,12 +2244,12 @@ _FX HRESULT Com_IClassFactory_CreateInstance(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Trace(TraceType, &This->Guid, riid, 0, hr);
|
||||
Com_RpcRaiseException(hr);
|
||||
return E_ABORT;
|
||||
|
@ -2313,7 +2313,7 @@ _FX HRESULT Com_IClassFactory_New(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Free(rpl);
|
||||
if (hr == ERROR_ELEVATION_REQUIRED && StringGUID) {
|
||||
SbieApi_Log(2214, StringGUID);
|
||||
|
@ -2323,7 +2323,7 @@ _FX HRESULT Com_IClassFactory_New(
|
|||
}
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_RpcRaiseException(hr);
|
||||
return E_ABORT;
|
||||
}
|
||||
|
@ -2417,11 +2417,11 @@ _FX HRESULT Com_OuterIUnknown_QueryInterface(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Trace(TraceType, &This->Guid, riid, 0, hr);
|
||||
#ifndef REGHIVE_ALWAYS_MOUNT_NEVER_UNMOUNT // if not sbox build
|
||||
Com_RpcRaiseException(hr);
|
||||
|
@ -2588,13 +2588,13 @@ _FX HRESULT Com_IRpcChannelBuffer_SendReceive(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
if (pStatus)
|
||||
*pStatus = hr;
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Trace(TraceType, NULL, &This->Guid, ProcNum, hr);
|
||||
return E_ABORT;
|
||||
}
|
||||
|
@ -2731,11 +2731,11 @@ _FX HRESULT Com_IMarshal_MarshalInterface(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Trace(TraceType, NULL, &This->Guid, 0, hr);
|
||||
Com_RpcRaiseException(hr);
|
||||
return E_ABORT;
|
||||
|
@ -2873,11 +2873,11 @@ _FX HRESULT Com_IClientSecurity_QueryBlanket(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Trace(TraceType, NULL, &This->Guid, 0, hr);
|
||||
Com_RpcRaiseException(hr);
|
||||
return E_ABORT;
|
||||
|
@ -2958,11 +2958,11 @@ _FX HRESULT Com_IClientSecurity_SetBlanket(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Trace(TraceType, NULL, &This->Guid, 0, hr);
|
||||
Com_RpcRaiseException(hr);
|
||||
return E_ABORT;
|
||||
|
@ -2996,11 +2996,11 @@ _FX HRESULT Com_IClientSecurity_CopyProxy(
|
|||
|
||||
if (rpl) {
|
||||
hr = rpl->h.status;
|
||||
if (hr)
|
||||
if (hr != S_OK)
|
||||
Com_Free(rpl);
|
||||
} else
|
||||
hr = RPC_S_SERVER_UNAVAILABLE;
|
||||
if (hr) {
|
||||
if (hr != S_OK) {
|
||||
Com_Trace(TraceType, NULL, &This->Guid, 0, hr);
|
||||
Com_RpcRaiseException(hr);
|
||||
return E_ABORT;
|
||||
|
|
|
@ -48,9 +48,10 @@ extern __declspec(dllexport) int __CRTDECL Sbie_snprintf(char *_Buffer, size_t C
|
|||
#define TRUE_NAME_BUFFER 0
|
||||
#define COPY_NAME_BUFFER 1
|
||||
#define TMPL_NAME_BUFFER 2
|
||||
#define MISC_NAME_BUFFER 3 // 4, 5, 6, 7
|
||||
#define NAME_BUFFER_COUNT 8
|
||||
#define NAME_BUFFER_DEPTH 16 // 12
|
||||
#define NORM_NAME_BUFFER 3
|
||||
#define MISC_NAME_BUFFER 4 // 5 - 11
|
||||
#define NAME_BUFFER_COUNT 12
|
||||
#define NAME_BUFFER_DEPTH 16
|
||||
|
||||
|
||||
#ifdef _WIN64
|
||||
|
@ -281,10 +282,10 @@ extern ULONG64 Dll_ProcessFlags;
|
|||
#ifndef _WIN64
|
||||
extern BOOLEAN Dll_IsWow64;
|
||||
#endif
|
||||
#ifdef _M_X64
|
||||
#ifdef _M_ARM64EC
|
||||
extern BOOLEAN Dll_IsArm64ec;
|
||||
#endif
|
||||
#ifndef _M_ARM64
|
||||
#ifndef _WIN64
|
||||
extern BOOLEAN Dll_IsXtAjit;
|
||||
#endif
|
||||
extern BOOLEAN Dll_IsSystemSid;
|
||||
|
@ -506,7 +507,7 @@ BOOLEAN File_IsBlockedNetParam(const WCHAR *BoxName);
|
|||
|
||||
void File_GetSetDeviceMap(WCHAR *DeviceMap96);
|
||||
|
||||
void File_NotifyRecover(HANDLE FileHandle);
|
||||
void File_NotifyRecover(HANDLE FileHandle, void* CloseParams);
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Functions (key)
|
||||
|
@ -520,7 +521,7 @@ NTSTATUS Key_MarkDeletedAndClose(HANDLE KeyHandle);
|
|||
|
||||
void Key_DiscardMergeByPath(const WCHAR *TruePath, BOOLEAN Recurse);
|
||||
|
||||
void Key_NtClose(HANDLE KeyHandle);
|
||||
void Key_NtClose(HANDLE KeyHandle, void* CloseParams);
|
||||
|
||||
HANDLE Key_GetTrueHandle(HANDLE KeyHandle, BOOLEAN *pIsOpenPath);
|
||||
|
||||
|
|
|
@ -90,10 +90,10 @@ ULONG64 Dll_ProcessFlags = 0;
|
|||
#ifndef _WIN64
|
||||
BOOLEAN Dll_IsWow64 = FALSE;
|
||||
#endif
|
||||
#ifdef _M_X64
|
||||
#ifdef _M_ARM64EC
|
||||
BOOLEAN Dll_IsArm64ec = FALSE;
|
||||
#endif
|
||||
#ifndef _M_ARM64
|
||||
#ifndef _WIN64
|
||||
BOOLEAN Dll_IsXtAjit = FALSE;
|
||||
#endif
|
||||
BOOLEAN Dll_IsSystemSid = FALSE;
|
||||
|
@ -772,46 +772,20 @@ _FX void Dll_SelectImageType(void)
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX ULONG_PTR Dll_Ordinal1(
|
||||
ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3,
|
||||
ULONG_PTR arg4, ULONG_PTR arg5)
|
||||
_FX VOID Dll_Ordinal1(INJECT_DATA * inject)
|
||||
{
|
||||
typedef ULONG_PTR (*P_RtlFindActivationContextSectionString)(
|
||||
ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3,
|
||||
ULONG_PTR arg4, ULONG_PTR arg5);
|
||||
P_RtlFindActivationContextSectionString RtlFindActCtx;
|
||||
|
||||
#if defined(_M_ARM64) || defined(_M_ARM64EC)
|
||||
//
|
||||
// on ARM64 we hook LdrLoadDll instead, using the prototype for
|
||||
// RtlFindActCtx is fine though as arguments 1-8 are passed in registers
|
||||
// so if we set x4 or not does not matter in the least
|
||||
//
|
||||
#endif
|
||||
|
||||
INJECT_DATA *inject;
|
||||
SBIELOW_DATA *data;
|
||||
ULONG dummy_prot;
|
||||
SBIELOW_DATA *data = (SBIELOW_DATA *)inject->sbielow_data;
|
||||
BOOLEAN bHostInject = FALSE;
|
||||
|
||||
extern HANDLE SbieApi_DeviceHandle;
|
||||
|
||||
//
|
||||
// this code is invoked from our RtlFindActivationContextSectionString
|
||||
// hook in core/low/entry.asm, with a parameter that points to the
|
||||
// syscall/inject data area. the first ULONG64 in this data area
|
||||
// includes a pointer to the SbieLow data area
|
||||
//
|
||||
|
||||
inject = (struct _INJECT_DATA *)arg1;
|
||||
|
||||
data = (SBIELOW_DATA *)inject->sbielow_data;
|
||||
|
||||
SbieApi_data = data;
|
||||
#ifdef _M_ARM64EC
|
||||
// get the pointer to sys_call_list in the SYS_CALL_DATA struct
|
||||
SbieApi_SyscallPtr = (ULONG*)((ULONG64)data->syscall_data + sizeof(ULONG) + sizeof(ULONG) + (NATIVE_FUNCTION_SIZE * NATIVE_FUNCTION_COUNT));
|
||||
#endif
|
||||
|
||||
extern HANDLE SbieApi_DeviceHandle;
|
||||
SbieApi_DeviceHandle = (HANDLE)data->api_device_handle;
|
||||
|
||||
//
|
||||
// the SbieLow data area includes values that are useful to us
|
||||
// so we copy them into dedicated variables if we are going to use them more often
|
||||
|
@ -820,38 +794,15 @@ _FX ULONG_PTR Dll_Ordinal1(
|
|||
bHostInject = data->flags.bHostInject == 1;
|
||||
|
||||
#ifndef _WIN64
|
||||
Dll_IsWow64 = data->flags.is_wow64 == 1;
|
||||
Dll_IsWow64 = data->flags.is_wow64 == 1; // x86 on x64 or arm64
|
||||
#endif
|
||||
#ifdef _M_X64
|
||||
Dll_IsArm64ec = data->flags.is_arm64ec == 1;
|
||||
#ifdef _M_ARM64EC
|
||||
Dll_IsArm64ec = data->flags.is_arm64ec == 1; // x64 on arm64
|
||||
#endif
|
||||
#ifndef _M_ARM64
|
||||
Dll_IsXtAjit = data->flags.is_xtajit == 1;
|
||||
#ifndef _WIN64
|
||||
Dll_IsXtAjit = data->flags.is_xtajit == 1; // x86 on arm64
|
||||
#endif
|
||||
|
||||
SbieApi_DeviceHandle = (HANDLE)data->api_device_handle;
|
||||
|
||||
//
|
||||
// our RtlFindActivationContextSectionString hook already restored
|
||||
// the original bytes, but we should still restore the page protection
|
||||
//
|
||||
|
||||
VirtualProtect((void *)(ULONG_PTR)inject->RtlFindActCtx, 5,
|
||||
inject->RtlFindActCtx_Protect, &dummy_prot);
|
||||
|
||||
arg1 = (ULONG_PTR)inject->RtlFindActCtx_SavedArg1;
|
||||
|
||||
RtlFindActCtx = (P_RtlFindActivationContextSectionString)
|
||||
inject->RtlFindActCtx;
|
||||
|
||||
//
|
||||
// make sbielow_data read only, as it contsins required
|
||||
// nt dll function copies it must stay executive
|
||||
//
|
||||
|
||||
VirtualProtect((void *)data, sizeof(SBIELOW_DATA),
|
||||
PAGE_EXECUTE_READ, &dummy_prot);
|
||||
|
||||
|
||||
if (!bHostInject)
|
||||
{
|
||||
|
@ -905,7 +856,7 @@ _FX ULONG_PTR Dll_Ordinal1(
|
|||
}
|
||||
|
||||
//
|
||||
// explorer needs sandboxed COM show warning and terminate when COM is not sandboxies
|
||||
// explorer needs sandboxed COM to show a warning and terminate when COM is not sandboxed
|
||||
//
|
||||
|
||||
if (Dll_ImageType == DLL_IMAGE_SHELL_EXPLORER && SbieDll_IsOpenCOM()) {
|
||||
|
@ -928,25 +879,6 @@ _FX ULONG_PTR Dll_Ordinal1(
|
|||
{
|
||||
Ldr_Inject_Init(TRUE);
|
||||
}
|
||||
|
||||
//
|
||||
// free the syscall/inject data area which is no longer needed
|
||||
//
|
||||
|
||||
#ifdef _M_ARM64EC
|
||||
SbieApi_SyscallPtr = NULL;
|
||||
#endif
|
||||
VirtualFree(inject, 0, MEM_RELEASE);
|
||||
|
||||
|
||||
//
|
||||
// conclude the detour by passing control back to the original
|
||||
// RtlFindActivationContextSectionString. the detour code used
|
||||
// jump rather than call to invoke this function (see entry.asm)
|
||||
// so RtlFindActivationContextSectionString returns to its caller
|
||||
//
|
||||
|
||||
return RtlFindActCtx(arg1, arg2, arg3, arg4, arg5);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -338,7 +338,7 @@ ALIGNED WCHAR *Dll_GetTlsNameBuffer(THREAD_DATA *data, ULONG which, ULONG size)
|
|||
DbgTrace("Dll_GetTlsNameBuffer, %s, %d\r\n", func, which);
|
||||
#endif
|
||||
|
||||
if (which >= NAME_BUFFER_COUNT - 4)
|
||||
if (which >= NAME_BUFFER_COUNT - 2)
|
||||
SbieApi_Log(2310, L"%d", which);
|
||||
if (which >= NAME_BUFFER_COUNT) {
|
||||
ExitProcess(-1);
|
||||
|
|
|
@ -189,6 +189,10 @@ static NTSTATUS File_MigrateFile(
|
|||
const WCHAR *TruePath, const WCHAR *CopyPath,
|
||||
BOOLEAN IsWritePath, BOOLEAN WithContents);
|
||||
|
||||
static NTSTATUS File_MigrateJunction(
|
||||
const WCHAR *TruePath, const WCHAR *CopyPath,
|
||||
BOOLEAN IsWritePath);
|
||||
|
||||
static NTSTATUS File_CopyShortName(
|
||||
const WCHAR *TruePath, const WCHAR *CopyPath);
|
||||
|
||||
|
@ -869,7 +873,7 @@ check_sandbox_prefix:
|
|||
// skip any suffix after the drive letter
|
||||
if (File_DriveAddSN) {
|
||||
WCHAR* ptr = wcschr(*OutTruePath + _DriveLen + 1, L'\\');
|
||||
if (ptr)
|
||||
if (!ptr) ptr = wcschr(*OutTruePath + _DriveLen + 1, L'\0');
|
||||
len = (ULONG)(ptr - *OutTruePath);
|
||||
}
|
||||
|
||||
|
@ -1255,8 +1259,8 @@ check_sandbox_prefix:
|
|||
*name = drive_letter;
|
||||
++name;
|
||||
|
||||
if (File_DriveAddSN && *drive->sn)
|
||||
{
|
||||
if (File_DriveAddSN && *drive->sn) {
|
||||
|
||||
*name = L'~';
|
||||
++name;
|
||||
wcscpy(name, drive->sn);
|
||||
|
@ -2534,6 +2538,7 @@ _FX NTSTATUS File_NtCreateFileImpl(
|
|||
// SbieDrv has removed privileges
|
||||
//
|
||||
|
||||
if (!Dll_CompartmentMode)
|
||||
CreateOptions &= ~FILE_OPEN_FOR_BACKUP_INTENT;
|
||||
|
||||
//
|
||||
|
@ -2912,8 +2917,7 @@ ReparseLoop:
|
|||
}
|
||||
|
||||
}
|
||||
else if (status == STATUS_OBJECT_NAME_NOT_FOUND ||
|
||||
status == STATUS_OBJECT_PATH_NOT_FOUND) {
|
||||
else if (status == STATUS_OBJECT_NAME_NOT_FOUND || status == STATUS_OBJECT_PATH_NOT_FOUND) {
|
||||
|
||||
//
|
||||
// the CopyPath file does not exist, but its parent path may exist
|
||||
|
@ -2965,7 +2969,7 @@ ReparseLoop:
|
|||
// When using Rule specificity we need to create some dummy directories
|
||||
//
|
||||
|
||||
File_CreateBoxedPath(TruePath);
|
||||
File_CreateBoxedPath(OriginalPath ? OriginalPath : TruePath);
|
||||
}
|
||||
else if (OriginalPath) {
|
||||
|
||||
|
@ -3382,7 +3386,12 @@ ReparseLoop:
|
|||
// write access, or else it would have been handled earlier already)
|
||||
//
|
||||
|
||||
if (CreateDisposition == FILE_OPEN ||
|
||||
if (FileType & TYPE_REPARSE_POINT) {
|
||||
|
||||
status = File_MigrateJunction(
|
||||
TruePath, CopyPath, IsWritePath);
|
||||
|
||||
} else if (CreateDisposition == FILE_OPEN ||
|
||||
CreateDisposition == FILE_OPEN_IF ||
|
||||
TruePathColon) {
|
||||
|
||||
|
|
|
@ -466,3 +466,112 @@ _FX NTSTATUS File_MigrateFile(
|
|||
|
||||
return status;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// File_MigrateJunction
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX NTSTATUS File_MigrateJunction(
|
||||
const WCHAR* TruePath, const WCHAR* CopyPath,
|
||||
BOOLEAN IsWritePath)
|
||||
{
|
||||
NTSTATUS status;
|
||||
HANDLE TrueHandle, CopyHandle;
|
||||
OBJECT_ATTRIBUTES objattrs;
|
||||
UNICODE_STRING objname;
|
||||
IO_STATUS_BLOCK IoStatusBlock;
|
||||
FILE_NETWORK_OPEN_INFORMATION open_info;
|
||||
|
||||
InitializeObjectAttributes(
|
||||
&objattrs, &objname, OBJ_CASE_INSENSITIVE, NULL, Secure_NormalSD);
|
||||
|
||||
//
|
||||
// open TruePath. if we get a sharing violation trying to open it,
|
||||
// try to get the driver to open it bypassing share access. if even
|
||||
// this fails, then we can't copy the data, but can still create an
|
||||
// empty file
|
||||
//
|
||||
|
||||
RtlInitUnicodeString(&objname, TruePath);
|
||||
|
||||
status = __sys_NtCreateFile(
|
||||
&TrueHandle, FILE_GENERIC_READ, &objattrs, &IoStatusBlock,
|
||||
NULL, 0, FILE_SHARE_VALID_FLAGS,
|
||||
FILE_OPEN, FILE_OPEN_REPARSE_POINT | FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0);
|
||||
|
||||
/*if (IsWritePath && status == STATUS_ACCESS_DENIED)
|
||||
status = STATUS_SHARING_VIOLATION;
|
||||
|
||||
if (status == STATUS_SHARING_VIOLATION) {
|
||||
|
||||
status = SbieApi_OpenFile(&TrueHandle, TruePath);
|
||||
}*/
|
||||
|
||||
if (!NT_SUCCESS(status))
|
||||
return status;
|
||||
|
||||
//
|
||||
// query attributes and size of the TruePath file
|
||||
//
|
||||
|
||||
status = __sys_NtQueryInformationFile(
|
||||
TrueHandle, &IoStatusBlock, &open_info,
|
||||
sizeof(FILE_NETWORK_OPEN_INFORMATION), FileNetworkOpenInformation);
|
||||
|
||||
//
|
||||
// Get the reparse point data from the source
|
||||
//
|
||||
|
||||
BYTE buf[MAXIMUM_REPARSE_DATA_BUFFER_SIZE]; // We need a large buffer
|
||||
REPARSE_DATA_BUFFER* reparseDataBuffer = (REPARSE_DATA_BUFFER*)buf;
|
||||
status = __sys_NtFsControlFile(TrueHandle, NULL, NULL, NULL, &IoStatusBlock, FSCTL_GET_REPARSE_POINT, NULL, 0, reparseDataBuffer, MAXIMUM_REPARSE_DATA_BUFFER_SIZE);
|
||||
|
||||
if (!NT_SUCCESS(status))
|
||||
return status;
|
||||
|
||||
//
|
||||
// Create the destination file with reparse point data
|
||||
//
|
||||
|
||||
RtlInitUnicodeString(&objname, CopyPath);
|
||||
|
||||
status = __sys_NtCreateFile(
|
||||
&CopyHandle, FILE_GENERIC_WRITE, &objattrs, &IoStatusBlock,
|
||||
NULL, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_VALID_FLAGS,
|
||||
FILE_CREATE, FILE_SYNCHRONOUS_IO_NONALERT | FILE_DIRECTORY_FILE | FILE_OPEN_REPARSE_POINT,
|
||||
NULL, 0);
|
||||
|
||||
if (!NT_SUCCESS(status))
|
||||
return status;
|
||||
|
||||
//
|
||||
// Set the reparse point data to the destination
|
||||
//
|
||||
|
||||
#define REPARSE_MOUNTPOINT_HEADER_SIZE 8
|
||||
status = __sys_NtFsControlFile(CopyHandle, NULL, NULL, NULL, &IoStatusBlock, FSCTL_SET_REPARSE_POINT, reparseDataBuffer, REPARSE_MOUNTPOINT_HEADER_SIZE + reparseDataBuffer->ReparseDataLength, NULL, 0);
|
||||
|
||||
//
|
||||
// set information on the CopyPath file
|
||||
//
|
||||
|
||||
if (NT_SUCCESS(status)) {
|
||||
|
||||
FILE_BASIC_INFORMATION info;
|
||||
|
||||
info.CreationTime.QuadPart = open_info.CreationTime.QuadPart;
|
||||
info.LastAccessTime.QuadPart = open_info.LastAccessTime.QuadPart;
|
||||
info.LastWriteTime.QuadPart = open_info.LastWriteTime.QuadPart;
|
||||
info.ChangeTime.QuadPart = open_info.ChangeTime.QuadPart;
|
||||
info.FileAttributes = open_info.FileAttributes;
|
||||
|
||||
status = File_SetAttributes(CopyHandle, CopyPath, &info);
|
||||
}
|
||||
|
||||
NtClose(TrueHandle);
|
||||
NtClose(CopyHandle);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
|
|
@ -314,6 +314,71 @@ _FX ULONG File_GetPathFlags_internal(LIST* Root, const WCHAR* Path, WCHAR** pRel
|
|||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// File_NormalizePath
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX const WCHAR* File_NormalizePath(const WCHAR* path, int slot)
|
||||
{
|
||||
//
|
||||
// if we have a path that looks like any of these
|
||||
// \Device\LanmanRedirector\server\shr\f1.txt
|
||||
// \Device\LanmanRedirector\;Q:000000000000b09f\server\shr\f1.txt
|
||||
// \Device\Mup\;LanmanRedirector\server\share\f1.txt
|
||||
// \Device\Mup\;LanmanRedirector\;Q:000000000000b09f\server\share\f1.txt
|
||||
// then translate to
|
||||
// \Device\Mup\server\shr\f1.txt
|
||||
// and test again. We do this because open/closed paths are
|
||||
// recorded in the \Device\Mup format. See File_TranslateShares.
|
||||
//
|
||||
|
||||
ULONG PrefixLen;
|
||||
if (_wcsnicmp(path, File_Redirector, File_RedirectorLen - 1) == 0)
|
||||
PrefixLen = File_RedirectorLen - 1;
|
||||
else if (_wcsnicmp(path, File_MupRedir, File_MupRedirLen - 1) == 0)
|
||||
PrefixLen = File_MupRedirLen - 1;
|
||||
else if (_wcsnicmp(path, File_DfsClientRedir, File_DfsClientRedirLen - 1) == 0)
|
||||
PrefixLen = File_DfsClientRedirLen - 1;
|
||||
else if (_wcsnicmp(path, File_HgfsRedir, File_HgfsRedirLen - 1) == 0)
|
||||
PrefixLen = File_HgfsRedirLen - 1;
|
||||
else if (_wcsnicmp(path, File_Mup, File_MupLen - 1) == 0)
|
||||
PrefixLen = File_MupLen - 1;
|
||||
else
|
||||
PrefixLen = 0;
|
||||
|
||||
if (PrefixLen && path[PrefixLen] == L'\\' &&
|
||||
path[PrefixLen + 1] != L'\0') {
|
||||
|
||||
const WCHAR* ptr = path + PrefixLen;
|
||||
if (ptr[1] == L';')
|
||||
ptr = wcschr(ptr + 2, L'\\');
|
||||
|
||||
if (ptr && ptr[0] && ptr[1]) {
|
||||
|
||||
//
|
||||
// the path represents a network share
|
||||
//
|
||||
|
||||
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
|
||||
|
||||
ULONG len1 = wcslen(ptr + 1);
|
||||
ULONG len2 = (File_MupLen + len1 + 8) * sizeof(WCHAR);
|
||||
WCHAR* path2 = Dll_GetTlsNameBuffer(TlsData, slot, len2);
|
||||
|
||||
wmemcpy(path2, File_Mup, File_MupLen);
|
||||
path2[File_MupLen] = L'\\';
|
||||
wmemcpy(path2 + File_MupLen + 1, ptr + 1, len1 + 1);
|
||||
len1 += File_MupLen + 1;
|
||||
|
||||
return path2;
|
||||
}
|
||||
}
|
||||
|
||||
return path;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// File_GetPathFlags
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -327,7 +392,7 @@ _FX ULONG File_GetPathFlags(const WCHAR* Path, WCHAR** pRelocation)
|
|||
|
||||
EnterCriticalSection(File_PathRoot_CritSec);
|
||||
|
||||
Flags = File_GetPathFlags_internal(&File_PathRoot, Path, pRelocation, TRUE);
|
||||
Flags = File_GetPathFlags_internal(&File_PathRoot, File_NormalizePath(Path, NORM_NAME_BUFFER), pRelocation, TRUE);
|
||||
|
||||
LeaveCriticalSection(File_PathRoot_CritSec);
|
||||
|
||||
|
@ -340,7 +405,7 @@ _FX ULONG File_GetPathFlags(const WCHAR* Path, WCHAR** pRelocation)
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX VOID File_SavePathNode_internal(HANDLE hPathsFile, LIST* parent, WCHAR* Path, ULONG Length, ULONG SetFlags)
|
||||
_FX VOID File_SavePathNode_internal(HANDLE hPathsFile, LIST* parent, WCHAR* Path, ULONG Length, ULONG SetFlags, WCHAR* (*TranslatePath)(const WCHAR *))
|
||||
{
|
||||
IO_STATUS_BLOCK IoStatusBlock;
|
||||
|
||||
|
@ -369,7 +434,9 @@ _FX VOID File_SavePathNode_internal(HANDLE hPathsFile, LIST* parent, WCHAR* Path
|
|||
if ((child->flags & ~SetFlags) != 0 || child->relocation != NULL) {
|
||||
|
||||
// write the path
|
||||
NtWriteFile(hPathsFile, NULL, NULL, NULL, &IoStatusBlock, Path, Path_Len * sizeof(WCHAR), NULL, NULL);
|
||||
WCHAR* PathEx = TranslatePath ? TranslatePath(Path) : NULL;
|
||||
NtWriteFile(hPathsFile, NULL, NULL, NULL, &IoStatusBlock, PathEx ? PathEx : Path, wcslen(PathEx ? PathEx : Path) * sizeof(WCHAR), NULL, NULL);
|
||||
if (PathEx) Dll_Free(PathEx);
|
||||
|
||||
// write the flags
|
||||
_ultow(child->flags, FlagStr + 1, 16);
|
||||
|
@ -377,15 +444,19 @@ _FX VOID File_SavePathNode_internal(HANDLE hPathsFile, LIST* parent, WCHAR* Path
|
|||
|
||||
// write the relocation
|
||||
if (child->relocation != NULL) {
|
||||
|
||||
NtWriteFile(hPathsFile, NULL, NULL, NULL, &IoStatusBlock, FlagStr, sizeof(WCHAR), NULL, NULL); // write |
|
||||
NtWriteFile(hPathsFile, NULL, NULL, NULL, &IoStatusBlock, child->relocation, wcslen(child->relocation) * sizeof(WCHAR), NULL, NULL);
|
||||
|
||||
WCHAR* RelocationEx = TranslatePath ? TranslatePath(child->relocation) : NULL;
|
||||
NtWriteFile(hPathsFile, NULL, NULL, NULL, &IoStatusBlock, RelocationEx ? RelocationEx : child->relocation, wcslen(RelocationEx ? RelocationEx : child->relocation) * sizeof(WCHAR), NULL, NULL);
|
||||
if (RelocationEx) Dll_Free(RelocationEx);
|
||||
}
|
||||
|
||||
// write line ending
|
||||
NtWriteFile(hPathsFile, NULL, NULL, NULL, &IoStatusBlock, (void*)CrLf, sizeof(CrLf) - sizeof(WCHAR), NULL, NULL);
|
||||
}
|
||||
|
||||
File_SavePathNode_internal(hPathsFile, &child->items, Path, Path_Len, SetFlags | child->flags);
|
||||
File_SavePathNode_internal(hPathsFile, &child->items, Path, Path_Len, SetFlags | child->flags, TranslatePath);
|
||||
|
||||
child = List_Next(child);
|
||||
}
|
||||
|
@ -397,7 +468,7 @@ _FX VOID File_SavePathNode_internal(HANDLE hPathsFile, LIST* parent, WCHAR* Path
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX VOID File_SavePathTree_internal(LIST* Root, const WCHAR* name)
|
||||
_FX VOID File_SavePathTree_internal(LIST* Root, const WCHAR* name, WCHAR* (*TranslatePath)(const WCHAR *))
|
||||
{
|
||||
WCHAR PathsFile[MAX_PATH] = { 0 };
|
||||
wcscpy(PathsFile, Dll_BoxFilePath);
|
||||
|
@ -417,7 +488,7 @@ _FX VOID File_SavePathTree_internal(LIST* Root, const WCHAR* name)
|
|||
|
||||
WCHAR* Path = (WCHAR *)Dll_Alloc((0x7FFF + 1)*sizeof(WCHAR)); // max nt path
|
||||
|
||||
File_SavePathNode_internal(hPathsFile, Root, Path, 0, 0);
|
||||
File_SavePathNode_internal(hPathsFile, Root, Path, 0, 0, TranslatePath);
|
||||
|
||||
Dll_Free(Path);
|
||||
|
||||
|
@ -425,6 +496,84 @@ _FX VOID File_SavePathTree_internal(LIST* Root, const WCHAR* name)
|
|||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// File_TranslateNtToDosPath2
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX WCHAR* File_TranslateNtToDosPath2(const WCHAR *NtPath)
|
||||
{
|
||||
WCHAR *DosPath = NULL;
|
||||
ULONG len_nt;
|
||||
|
||||
len_nt = wcslen(NtPath) + 11;
|
||||
DosPath = Dll_Alloc(len_nt * sizeof(WCHAR));
|
||||
wcscpy(DosPath, NtPath);
|
||||
|
||||
//
|
||||
// Hack Hack: when we load a drive which does not exist we create an entry like
|
||||
// L"\\C:\\path" in out tree to not forget it even though the NtPath is unknown
|
||||
// here we must handle that special case and strip the L'\\'
|
||||
//
|
||||
|
||||
const WCHAR* backslash = wcschr(DosPath+1, L'\\');
|
||||
if (!backslash) backslash = wcschr(DosPath, L'\0');
|
||||
if (*(backslash - 1) == L':') {
|
||||
wmemmove(DosPath, DosPath + 1, wcslen(DosPath)); // -1 (for '\\') + 1 (for '\0')
|
||||
return DosPath;
|
||||
}
|
||||
|
||||
|
||||
if (_wcsnicmp(DosPath, File_Mup, File_MupLen) == 0) {
|
||||
|
||||
WCHAR *ptr = DosPath + File_MupLen - 1;
|
||||
wmemmove(DosPath + 1, ptr, wcslen(ptr) + 1);
|
||||
|
||||
} else {
|
||||
|
||||
const FILE_DRIVE *drive;
|
||||
ULONG path_len, prefix_len;
|
||||
|
||||
path_len = wcslen(DosPath);
|
||||
|
||||
drive = File_GetDriveForPath(DosPath, path_len);
|
||||
if (drive)
|
||||
prefix_len = drive->len;
|
||||
else
|
||||
drive = File_GetDriveForUncPath(DosPath, path_len, &prefix_len);
|
||||
|
||||
if (drive) {
|
||||
|
||||
WCHAR drive_letter = drive->letter;
|
||||
WCHAR *ptr = DosPath + prefix_len;
|
||||
|
||||
LeaveCriticalSection(File_DrivesAndLinks_CritSec);
|
||||
|
||||
if (*ptr == L'\\' || *ptr == L'\0') {
|
||||
path_len = wcslen(ptr);
|
||||
wmemmove(DosPath + 2, ptr, path_len + 1);
|
||||
DosPath[0] = drive_letter;
|
||||
DosPath[1] = L':';
|
||||
|
||||
if (File_DriveAddSN && *drive->sn) {
|
||||
|
||||
wmemmove(DosPath + 11, DosPath + 1, path_len + 2);
|
||||
DosPath[1] = L'~';
|
||||
wmemcpy(DosPath + 2, drive->sn, 9);
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
Dll_Free(DosPath);
|
||||
DosPath = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
return DosPath;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// File_SavePathTree
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -434,7 +583,7 @@ _FX BOOLEAN File_SavePathTree()
|
|||
{
|
||||
EnterCriticalSection(File_PathRoot_CritSec);
|
||||
|
||||
File_SavePathTree_internal(&File_PathRoot, FILE_PATH_FILE_NAME);
|
||||
File_SavePathTree_internal(&File_PathRoot, FILE_PATH_FILE_NAME, File_TranslateNtToDosPath2);
|
||||
|
||||
File_GetAttributes_internal(FILE_PATH_FILE_NAME, &File_PathsFileSize, &File_PathsFileDate, NULL);
|
||||
|
||||
|
@ -482,7 +631,7 @@ _FX void File_ReleaseMutex(HANDLE hMutex)
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX BOOLEAN File_LoadPathTree_internal(LIST* Root, const WCHAR* name)
|
||||
_FX BOOLEAN File_LoadPathTree_internal(LIST* Root, const WCHAR* name, WCHAR* (*TranslatePath)(const WCHAR *))
|
||||
{
|
||||
WCHAR PathsFile[MAX_PATH] = { 0 };
|
||||
wcscpy(PathsFile, Dll_BoxFilePath);
|
||||
|
@ -529,16 +678,26 @@ _FX BOOLEAN File_LoadPathTree_internal(LIST* Root, const WCHAR* name)
|
|||
WCHAR savechar = Line[LineLen];
|
||||
Line[LineLen] = L'\0';
|
||||
|
||||
WCHAR* Path = Line;
|
||||
|
||||
WCHAR* Sep = wcschr(Line, L'|');
|
||||
if (!Sep || Sep > Next) continue; // invalid line, flags field missing
|
||||
*Sep = L'\0';
|
||||
|
||||
WCHAR* Relocation = NULL;
|
||||
|
||||
WCHAR* endptr;
|
||||
ULONG Flags = wcstoul(Sep + 1, &endptr, 16);
|
||||
if (endptr && *endptr == L'|') endptr++;
|
||||
else endptr = NULL;
|
||||
if (endptr && *endptr == L'|')
|
||||
Relocation = endptr + 1;
|
||||
|
||||
File_SetPathFlags_internal(Root, Line, Flags, 0, endptr);
|
||||
WCHAR* PathEx = TranslatePath ? TranslatePath(Path) : NULL;
|
||||
WCHAR* RelocationEx = TranslatePath ? TranslatePath(Relocation) : NULL;
|
||||
|
||||
File_SetPathFlags_internal(Root, PathEx ? PathEx : Path, Flags, 0, RelocationEx ? RelocationEx : Relocation);
|
||||
|
||||
if (PathEx) Dll_Free(PathEx);
|
||||
if (RelocationEx) Dll_Free(RelocationEx);
|
||||
|
||||
*Sep = L'|';
|
||||
Line[LineLen] = savechar;
|
||||
|
@ -552,6 +711,73 @@ _FX BOOLEAN File_LoadPathTree_internal(LIST* Root, const WCHAR* name)
|
|||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// File_TranslateDosToNtPath2
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX WCHAR *File_TranslateDosToNtPath2(const WCHAR *DosPath)
|
||||
{
|
||||
WCHAR *NtPath = NULL;
|
||||
ULONG len_dos;
|
||||
|
||||
if (DosPath && DosPath[0] && DosPath[1]) {
|
||||
|
||||
if (DosPath[0] == L'\\' && DosPath[1] == L'\\') {
|
||||
|
||||
//
|
||||
// network path
|
||||
//
|
||||
|
||||
DosPath += 2;
|
||||
len_dos = wcslen(DosPath) + 1;
|
||||
NtPath = Dll_Alloc((File_MupLen + len_dos) * sizeof(WCHAR));
|
||||
wmemcpy(NtPath, File_Mup, File_MupLen);
|
||||
wmemcpy(NtPath + File_MupLen, DosPath, len_dos);
|
||||
|
||||
} else if (DosPath[0] != L'\\') {
|
||||
|
||||
const WCHAR* backslash = wcschr(DosPath, L'\\');
|
||||
if(!backslash) backslash = wcschr(DosPath, L'\0');
|
||||
if (*(backslash - 1) == L':') {
|
||||
|
||||
ULONG path_pos = (ULONG)(backslash - DosPath);
|
||||
|
||||
//
|
||||
// drive-letter path
|
||||
//
|
||||
|
||||
FILE_DRIVE* drive = File_GetDriveForLetter(DosPath[0]);
|
||||
if (drive) {
|
||||
|
||||
if (File_DriveAddSN && *drive->sn) {
|
||||
|
||||
//
|
||||
// if the volume serial numbers dont match return NULL
|
||||
//
|
||||
|
||||
if (_wcsnicmp(DosPath + 2, drive->sn, 9) != 0) {
|
||||
LeaveCriticalSection(File_DrivesAndLinks_CritSec);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
DosPath += path_pos;
|
||||
len_dos = wcslen(DosPath) + 1;
|
||||
NtPath = Dll_Alloc((drive->len + len_dos) * sizeof(WCHAR));
|
||||
wmemcpy(NtPath, drive->path, drive->len);
|
||||
wmemcpy(NtPath + drive->len, DosPath, len_dos);
|
||||
|
||||
LeaveCriticalSection(File_DrivesAndLinks_CritSec);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return NtPath;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// File_LoadPathTree
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -563,7 +789,7 @@ _FX BOOLEAN File_LoadPathTree()
|
|||
|
||||
EnterCriticalSection(File_PathRoot_CritSec);
|
||||
|
||||
File_LoadPathTree_internal(&File_PathRoot, FILE_PATH_FILE_NAME);
|
||||
File_LoadPathTree_internal(&File_PathRoot, FILE_PATH_FILE_NAME, File_TranslateDosToNtPath2);
|
||||
|
||||
LeaveCriticalSection(File_PathRoot_CritSec);
|
||||
|
||||
|
@ -738,7 +964,7 @@ _FX NTSTATUS File_MarkDeleted_v2(const WCHAR* TruePath)
|
|||
|
||||
EnterCriticalSection(File_PathRoot_CritSec);
|
||||
|
||||
BOOLEAN bSet = File_MarkDeleted_internal(&File_PathRoot, TruePath);
|
||||
BOOLEAN bSet = File_MarkDeleted_internal(&File_PathRoot, File_NormalizePath(TruePath, NORM_NAME_BUFFER));
|
||||
|
||||
LeaveCriticalSection(File_PathRoot_CritSec);
|
||||
|
||||
|
@ -876,7 +1102,7 @@ _FX NTSTATUS File_SetRelocation(const WCHAR* OldTruePath, const WCHAR* NewTruePa
|
|||
|
||||
EnterCriticalSection(File_PathRoot_CritSec);
|
||||
|
||||
File_SetRelocation_internal(&File_PathRoot, OldTruePath, NewTruePath);
|
||||
File_SetRelocation_internal(&File_PathRoot, File_NormalizePath(OldTruePath, NORM_NAME_BUFFER), File_NormalizePath(NewTruePath, MISC_NAME_BUFFER));
|
||||
|
||||
LeaveCriticalSection(File_PathRoot_CritSec);
|
||||
|
||||
|
|
|
@ -194,7 +194,7 @@ static NTSTATUS File_NtQueryVolumeInformationFile(
|
|||
|
||||
NTSTATUS File_NtCloseImpl(HANDLE FileHandle);
|
||||
|
||||
VOID File_NtCloseDir(HANDLE FileHandle);
|
||||
VOID File_NtCloseDir(HANDLE FileHandle, void* CloseParams);
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Variables
|
||||
|
@ -484,7 +484,7 @@ _FX NTSTATUS File_Merge(
|
|||
|
||||
} else {
|
||||
|
||||
Handle_UnRegisterCloseHandler(merge->handle, File_NtCloseDir);
|
||||
Handle_UnRegisterHandler(merge->handle, File_NtCloseDir, NULL);
|
||||
List_Remove(&File_DirHandles, merge);
|
||||
File_MergeFree(merge);
|
||||
}
|
||||
|
@ -528,7 +528,7 @@ _FX NTSTATUS File_Merge(
|
|||
}
|
||||
|
||||
List_Insert_After(&File_DirHandles, NULL, merge);
|
||||
Handle_RegisterCloseHandler(merge->handle, File_NtCloseDir);
|
||||
Handle_RegisterHandler(merge->handle, File_NtCloseDir, NULL, FALSE);
|
||||
}
|
||||
|
||||
//
|
||||
|
@ -617,7 +617,20 @@ _FX NTSTATUS File_OpenForMerge(
|
|||
if (FILE_PATH_DELETED(TruePathFlags))
|
||||
TruePathDeleted = TRUE;
|
||||
else if (OldTruePath) {
|
||||
|
||||
OriginalPath = TruePath;
|
||||
|
||||
if (File_Snapshot != NULL) {
|
||||
|
||||
//
|
||||
// note: File_ResolveTruePath returns a buffer from the TMPL_NAME_BUFFER slot,
|
||||
// which is reused byFile_MakeSnapshotPath, so we need to make non reusable copy
|
||||
//
|
||||
|
||||
TruePath = Dll_GetTlsNameBuffer(TlsData, MISC_NAME_BUFFER, (wcslen(OldTruePath) + 1) * sizeof(WCHAR));
|
||||
wcscpy(TruePath, OldTruePath);
|
||||
}
|
||||
else
|
||||
TruePath = OldTruePath;
|
||||
}
|
||||
}
|
||||
|
@ -2267,8 +2280,6 @@ _FX NTSTATUS File_NtCloseImpl(HANDLE FileHandle)
|
|||
THREAD_DATA *TlsData = Dll_GetTlsData(&LastError);
|
||||
|
||||
NTSTATUS status;
|
||||
ULONG i;
|
||||
P_CloseHandler CloseHandlers[MAX_CLOSE_HANDLERS];
|
||||
BOOLEAN DeleteOnClose = FALSE;
|
||||
UNICODE_STRING uni;
|
||||
WCHAR *DeletePath = NULL;
|
||||
|
@ -2308,13 +2319,7 @@ _FX NTSTATUS File_NtCloseImpl(HANDLE FileHandle)
|
|||
// and prepare the DeleteOnClose if its set
|
||||
//
|
||||
|
||||
if (Handle_FreeCloseHandler(FileHandle, &CloseHandlers[0], &DeleteOnClose)) {
|
||||
|
||||
for (i = 0; i < MAX_CLOSE_HANDLERS; i++) {
|
||||
if(CloseHandlers[i] != NULL)
|
||||
CloseHandlers[i](FileHandle);
|
||||
}
|
||||
}
|
||||
Handle_ExecuteCloseHandler(FileHandle, &DeleteOnClose);
|
||||
|
||||
//
|
||||
// prepare delete disposition if set
|
||||
|
@ -2397,7 +2402,7 @@ _FX NTSTATUS File_NtCloseImpl(HANDLE FileHandle)
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX VOID File_NtCloseDir(HANDLE FileHandle)
|
||||
_FX VOID File_NtCloseDir(HANDLE FileHandle, void* CloseParams)
|
||||
{
|
||||
FILE_MERGE *merge;
|
||||
|
||||
|
@ -2407,7 +2412,6 @@ _FX VOID File_NtCloseDir(HANDLE FileHandle)
|
|||
while (merge) {
|
||||
FILE_MERGE *next = List_Next(merge);
|
||||
if (merge->handle == FileHandle) {
|
||||
Handle_UnRegisterCloseHandler(merge->handle, File_NtCloseDir);
|
||||
List_Remove(&File_DirHandles, merge);
|
||||
File_MergeFree(merge);
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
* Copyright 2020-2022 David Xanatos, xanasoft.com
|
||||
* Copyright 2020-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -348,7 +348,7 @@ _FX BOOLEAN File_RecordRecover(HANDLE FileHandle, const WCHAR *TruePath)
|
|||
//}
|
||||
|
||||
if (IsRecoverable != FALSE)
|
||||
Handle_RegisterCloseHandler(FileHandle, File_NotifyRecover);
|
||||
Handle_RegisterHandler(FileHandle, File_NotifyRecover, NULL, TRUE);
|
||||
|
||||
return IsRecoverable == TRUE;
|
||||
}
|
||||
|
@ -359,7 +359,7 @@ _FX BOOLEAN File_RecordRecover(HANDLE FileHandle, const WCHAR *TruePath)
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX void File_NotifyRecover(HANDLE FileHandle)
|
||||
_FX void File_NotifyRecover(HANDLE FileHandle, void* CloseParams)
|
||||
{
|
||||
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
|
||||
|
||||
|
|
|
@ -36,7 +36,7 @@ typedef struct _FILE_SNAPSHOT {
|
|||
WCHAR ID[FILE_MAX_SNAPSHOT_ID];
|
||||
ULONG IDlen;
|
||||
ULONG ScramKey;
|
||||
//WCHAR Name[34];
|
||||
//WCHAR Name[BOXNAME_COUNT];
|
||||
struct _FILE_SNAPSHOT* Parent;
|
||||
LIST PathRoot;
|
||||
} FILE_SNAPSHOT, *PFILE_SNAPSHOT;
|
||||
|
@ -278,7 +278,7 @@ _FX ULONG File_GetPathFlagsEx(const WCHAR *TruePath, const WCHAR *CopyPath, WCHA
|
|||
// check true path relocation and deletion for the active state
|
||||
//
|
||||
|
||||
Flags = File_GetPathFlags_internal(&File_PathRoot, TruePath, &Relocation, TRUE); // this requires a name buffer
|
||||
Flags = File_GetPathFlags_internal(&File_PathRoot, File_NormalizePath(TruePath, NORM_NAME_BUFFER), &Relocation, TRUE); // this requires a name buffer
|
||||
if (FILE_PATH_DELETED(Flags))
|
||||
goto finish;
|
||||
}
|
||||
|
@ -373,7 +373,7 @@ _FX ULONG File_GetPathFlagsEx(const WCHAR *TruePath, const WCHAR *CopyPath, WCHA
|
|||
//
|
||||
|
||||
TmplRelocation = NULL;
|
||||
Flags = File_GetPathFlags_internal(&Cur_Snapshot->PathRoot, TruePath, &TmplRelocation, TRUE);
|
||||
Flags = File_GetPathFlags_internal(&Cur_Snapshot->PathRoot, File_NormalizePath(TruePath, NORM_NAME_BUFFER), &TmplRelocation, TRUE);
|
||||
if(TmplRelocation)
|
||||
Relocation = TmplRelocation;
|
||||
if (FILE_PATH_DELETED(Flags))
|
||||
|
@ -477,11 +477,11 @@ _FX void File_InitSnapshots(void)
|
|||
wcscat(PathFile, L"\\");
|
||||
wcscat(PathFile, FILE_PATH_FILE_NAME);
|
||||
|
||||
File_LoadPathTree_internal(&Cur_Snapshot->PathRoot, PathFile);
|
||||
File_LoadPathTree_internal(&Cur_Snapshot->PathRoot, PathFile, File_TranslateDosToNtPath);
|
||||
}
|
||||
|
||||
//WCHAR SnapshotName[34] = { 0 };
|
||||
//GetPrivateProfileStringW(SnapshotId, L"Name", L"", SnapshotName, 34, SnapshotsIni);
|
||||
//WCHAR SnapshotName[BOXNAME_COUNT] = { 0 };
|
||||
//GetPrivateProfileStringW(SnapshotId, L"Name", L"", SnapshotName, BOXNAME_COUNT, SnapshotsIni);
|
||||
//wcscpy(Cur_Snapshot->Name, SnapshotName);
|
||||
|
||||
GetPrivateProfileStringW(SnapshotId, L"Parent", L"", Snapshot, 16, SnapshotsIni);
|
||||
|
|
|
@ -789,6 +789,9 @@ _FX HANDLE Gui_GetClipboardData(UINT uFormat)
|
|||
// clipboard data
|
||||
//
|
||||
|
||||
if (!SbieApi_QueryConfBool(NULL, L"OpenClipboard", TRUE))
|
||||
return NULL;
|
||||
|
||||
hGlobalRet = __sys_GetClipboardData(uFormat);
|
||||
if (hGlobalRet)
|
||||
return hGlobalRet;
|
||||
|
@ -1058,6 +1061,9 @@ _FX void Gui_GetClipboardData_MF(void *buf, ULONG sz, ULONG fmt)
|
|||
// create a local HMETAFILE handle
|
||||
//
|
||||
|
||||
if (!SbieApi_QueryConfBool(NULL, L"OpenClipboard", TRUE))
|
||||
return;
|
||||
|
||||
if ((fmt != CF_METAFILEPICT) || (sz != sizeof(METAFILEPICT))) {
|
||||
SbieApi_Log(2205, L"Clipboard MetaFile (fmt %04X sz %d)", fmt, sz);
|
||||
return;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2021-2022 David Xanatos, xanasoft.com
|
||||
* Copyright 2021-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -33,10 +33,23 @@
|
|||
// Structures and Types
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
typedef struct _HANDLE_HANDLER
|
||||
{
|
||||
LIST_ELEM list_elem;
|
||||
|
||||
P_HandlerFunc Close;
|
||||
void* Param;
|
||||
|
||||
BOOL bPropagate; // incompatible with Param, todo: add duplicate handler
|
||||
|
||||
} HANDLE_HANDLER;
|
||||
|
||||
|
||||
typedef struct _HANDLE_STATE {
|
||||
|
||||
BOOLEAN DeleteOnClose;
|
||||
P_CloseHandler CloseHandlers[MAX_CLOSE_HANDLERS];
|
||||
LIST CloseHandlers;
|
||||
WCHAR* RelocationPath;
|
||||
|
||||
} HANDLE_STATE;
|
||||
|
@ -145,21 +158,17 @@ _FX WCHAR* Handle_GetRelocationPath(HANDLE FileHandle, ULONG ExtraLength)
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX BOOLEAN Handle_FreeCloseHandler(HANDLE FileHandle, P_CloseHandler* CloseHandlers, BOOLEAN* DeleteOnClose)
|
||||
_FX VOID Handle_ExecuteCloseHandler(HANDLE FileHandle, BOOLEAN* DeleteOnClose)
|
||||
{
|
||||
BOOLEAN HasCloseHandlers = FALSE;
|
||||
LIST CloseHandlers;
|
||||
|
||||
EnterCriticalSection(&Handle_StatusData_CritSec);
|
||||
|
||||
HANDLE_STATE* state = (HANDLE_STATE*)map_get(&Handle_StatusData, FileHandle);
|
||||
if (state) {
|
||||
|
||||
HasCloseHandlers = TRUE;
|
||||
|
||||
if(CloseHandlers)
|
||||
memcpy(CloseHandlers, state->CloseHandlers, MAX_CLOSE_HANDLERS * sizeof(P_CloseHandler));
|
||||
if(DeleteOnClose) *DeleteOnClose = state->DeleteOnClose;
|
||||
|
||||
*DeleteOnClose = state->DeleteOnClose;
|
||||
CloseHandlers = state->CloseHandlers;
|
||||
if (state->RelocationPath) Dll_Free(state->RelocationPath);
|
||||
}
|
||||
|
||||
|
@ -167,22 +176,33 @@ _FX BOOLEAN Handle_FreeCloseHandler(HANDLE FileHandle, P_CloseHandler* CloseHand
|
|||
|
||||
LeaveCriticalSection(&Handle_StatusData_CritSec);
|
||||
|
||||
return HasCloseHandlers;
|
||||
//
|
||||
// execute all close handlers
|
||||
//
|
||||
|
||||
if (state) {
|
||||
while (1) {
|
||||
HANDLE_HANDLER* handler = List_Head(&CloseHandlers);
|
||||
if (!handler)
|
||||
break;
|
||||
handler->Close(FileHandle, handler->Param);
|
||||
List_Remove(&CloseHandlers, handler);
|
||||
Pool_Free(handler, sizeof(HANDLE_HANDLER));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Handle_RegisterCloseHandler
|
||||
// Handle_RegisterHandler
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX BOOLEAN Handle_RegisterCloseHandler(HANDLE FileHandle, P_CloseHandler CloseHandler)
|
||||
_FX BOOLEAN Handle_RegisterHandler(HANDLE FileHandle, P_HandlerFunc CloseHandler, void* Params, BOOL bPropagate)
|
||||
{
|
||||
if (!FileHandle || FileHandle == (HANDLE)-1)
|
||||
return FALSE;
|
||||
|
||||
ULONG i;
|
||||
|
||||
EnterCriticalSection(&Handle_StatusData_CritSec);
|
||||
|
||||
HANDLE_STATE* state = map_get(&Handle_StatusData, FileHandle);
|
||||
|
@ -190,19 +210,30 @@ _FX BOOLEAN Handle_RegisterCloseHandler(HANDLE FileHandle, P_CloseHandler CloseH
|
|||
state = map_insert(&Handle_StatusData, FileHandle, NULL, sizeof(HANDLE_STATE));
|
||||
}
|
||||
|
||||
for (i = 0; i < MAX_CLOSE_HANDLERS; i++) {
|
||||
if (state->CloseHandlers[i] == CloseHandler)
|
||||
HANDLE_HANDLER* handler = List_Head(&state->CloseHandlers);
|
||||
while (handler)
|
||||
{
|
||||
if (handler->Close == CloseHandler)
|
||||
break; // already registered
|
||||
if (state->CloseHandlers[i] == NULL) {
|
||||
state->CloseHandlers[i] = CloseHandler; // set to empty slot
|
||||
break;
|
||||
handler = List_Next(handler);
|
||||
}
|
||||
|
||||
if (handler == NULL)
|
||||
{
|
||||
HANDLE_HANDLER* newNandler = Pool_Alloc(Dll_Pool, sizeof(HANDLE_HANDLER));
|
||||
memzero(&newNandler->list_elem, sizeof(LIST_ELEM));
|
||||
|
||||
newNandler->Close = CloseHandler;
|
||||
newNandler->Param = Params;
|
||||
newNandler->bPropagate = bPropagate;
|
||||
|
||||
List_Insert_After(&state->CloseHandlers, NULL, newNandler);
|
||||
}
|
||||
|
||||
LeaveCriticalSection(&Handle_StatusData_CritSec);
|
||||
|
||||
if (i == MAX_CLOSE_HANDLERS) {
|
||||
SbieApi_Log(2301, L"No free CloseHandlers slot available");
|
||||
if (handler != NULL) {
|
||||
//SbieApi_Log(2301, L"CloseHandlers already registered"); // todo
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
@ -211,30 +242,31 @@ _FX BOOLEAN Handle_RegisterCloseHandler(HANDLE FileHandle, P_CloseHandler CloseH
|
|||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Handle_UnRegisterCloseHandler
|
||||
// Handle_UnRegisterHandler
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX BOOLEAN Handle_UnRegisterCloseHandler(HANDLE FileHandle, P_CloseHandler CloseHandler)
|
||||
_FX VOID Handle_UnRegisterHandler(HANDLE FileHandle, P_HandlerFunc CloseHandler, void** pParams)
|
||||
{
|
||||
ULONG i = MAX_CLOSE_HANDLERS;
|
||||
|
||||
EnterCriticalSection(&Handle_StatusData_CritSec);
|
||||
|
||||
HANDLE_STATE* state = map_get(&Handle_StatusData, FileHandle);
|
||||
if (state) {
|
||||
|
||||
for (i = 0; i < MAX_CLOSE_HANDLERS; i++) {
|
||||
if (state->CloseHandlers[i] == CloseHandler) {
|
||||
state->CloseHandlers[i] = NULL; // clear slot
|
||||
HANDLE_HANDLER* handler = List_Head(&state->CloseHandlers);
|
||||
while (handler)
|
||||
{
|
||||
if (handler->Close == CloseHandler)
|
||||
{
|
||||
if (pParams) pParams = handler->Param;
|
||||
List_Remove(&state->CloseHandlers, handler);
|
||||
break;
|
||||
}
|
||||
handler = List_Next(handler);
|
||||
}
|
||||
}
|
||||
|
||||
LeaveCriticalSection(&Handle_StatusData_CritSec);
|
||||
|
||||
return i != MAX_CLOSE_HANDLERS;
|
||||
}
|
||||
|
||||
|
||||
|
@ -245,8 +277,6 @@ _FX BOOLEAN Handle_UnRegisterCloseHandler(HANDLE FileHandle, P_CloseHandler Clos
|
|||
|
||||
_FX void Handle_SetupDuplicate(HANDLE OldFileHandle, HANDLE NewFileHandle)
|
||||
{
|
||||
ULONG i;
|
||||
|
||||
EnterCriticalSection(&Handle_StatusData_CritSec);
|
||||
|
||||
HANDLE_STATE* state = map_get(&Handle_StatusData, OldFileHandle);
|
||||
|
@ -255,16 +285,15 @@ _FX void Handle_SetupDuplicate(HANDLE OldFileHandle, HANDLE NewFileHandle)
|
|||
if(state->RelocationPath)
|
||||
Handle_SetRelocationPath(NewFileHandle, state->RelocationPath);
|
||||
|
||||
// todo: add a flag to each CloseHandlers entry to indicate if it should be propagated or not
|
||||
BOOLEAN found = FALSE;
|
||||
for (i = 0; i < MAX_CLOSE_HANDLERS; i++) {
|
||||
if (state->CloseHandlers[i] == File_NotifyRecover) {
|
||||
found = TRUE;
|
||||
HANDLE_HANDLER* handler = List_Head(&state->CloseHandlers);
|
||||
while (handler)
|
||||
{
|
||||
if (handler->bPropagate) {
|
||||
Handle_RegisterHandler(NewFileHandle, handler->Close, NULL, TRUE);
|
||||
break;
|
||||
}
|
||||
handler = List_Next(handler);
|
||||
}
|
||||
if(found)
|
||||
Handle_RegisterCloseHandler(NewFileHandle, File_NotifyRecover);
|
||||
}
|
||||
|
||||
LeaveCriticalSection(&Handle_StatusData_CritSec);
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2021-2022 David Xanatos, xanasoft.com
|
||||
* Copyright 2021-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -21,10 +21,11 @@
|
|||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Defines
|
||||
// Structures and Types
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
#define MAX_CLOSE_HANDLERS 4
|
||||
|
||||
typedef void(*P_HandlerFunc)(HANDLE handle, void* param);
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -32,19 +33,17 @@
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
typedef void(*P_CloseHandler)(HANDLE handle);
|
||||
|
||||
VOID Handle_SetDeleteOnClose(HANDLE FileHandle, BOOLEAN DeleteOnClose);
|
||||
|
||||
BOOLEAN Handle_RegisterCloseHandler(HANDLE FileHandle, P_CloseHandler CloseHandler);
|
||||
BOOLEAN Handle_RegisterHandler(HANDLE FileHandle, P_HandlerFunc CloseHandler, void* Params, BOOL bPropagate);
|
||||
|
||||
BOOLEAN Handle_UnRegisterCloseHandler(HANDLE FileHandle, P_CloseHandler CloseHandler);
|
||||
VOID Handle_UnRegisterHandler(HANDLE FileHandle, P_HandlerFunc CloseHandler, void** pParams);
|
||||
|
||||
VOID Handle_SetRelocationPath(HANDLE FileHandle, WCHAR* RelocationPath);
|
||||
|
||||
WCHAR* Handle_GetRelocationPath(HANDLE FileHandle, ULONG ExtraLength);
|
||||
|
||||
BOOLEAN Handle_FreeCloseHandler(HANDLE FileHandle, P_CloseHandler* CloseHandlers, BOOLEAN* DeleteOnClose);
|
||||
VOID Handle_ExecuteCloseHandler(HANDLE FileHandle, BOOLEAN* DeleteOnClose);
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
|
||||
#include "dll.h"
|
||||
#include "obj.h"
|
||||
#include "handle.h"
|
||||
#include <stdio.h>
|
||||
#include "common/my_version.h"
|
||||
#include "core/svc/namedpipewire.h"
|
||||
|
@ -39,6 +40,32 @@
|
|||
: 0)
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Structures and Types
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
typedef struct _IPC_MERGE {
|
||||
|
||||
LIST_ELEM list_elem;
|
||||
|
||||
HANDLE handle;
|
||||
|
||||
LIST objects;
|
||||
|
||||
} IPC_MERGE;
|
||||
|
||||
|
||||
typedef struct _IPC_MERGE_ENTRY
|
||||
{
|
||||
LIST_ELEM list_elem;
|
||||
|
||||
UNICODE_STRING Name;
|
||||
UNICODE_STRING TypeName;
|
||||
|
||||
} IPC_MERGE_ENTRY;
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Functions
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -356,6 +383,8 @@ LIST Ipc_DynamicPortNames;
|
|||
|
||||
BOOLEAN RpcRt_IsDynamicPortOpen(const WCHAR* wszPortName);
|
||||
|
||||
static LIST Ipc_Handles;
|
||||
static CRITICAL_SECTION Ipc_Handles_CritSec;
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// IPC (other modules)
|
||||
|
@ -374,6 +403,10 @@ _FX BOOLEAN Ipc_Init(void)
|
|||
{
|
||||
HMODULE module = Dll_Ntdll;
|
||||
|
||||
InitializeCriticalSection(&Ipc_Handles_CritSec);
|
||||
|
||||
List_Init(&Ipc_Handles);
|
||||
|
||||
void *NtAlpcCreatePort;
|
||||
void *NtAlpcConnectPort;
|
||||
void *NtAlpcConnectPortEx;
|
||||
|
@ -485,6 +518,7 @@ _FX void Ipc_CreateObjects(void)
|
|||
WCHAR *backslash;
|
||||
WCHAR *buffer = NULL;
|
||||
WCHAR *BNOLINKS = NULL;
|
||||
WCHAR *GLOBAL = NULL;
|
||||
WCHAR *buffer2 = NULL;
|
||||
HANDLE handle;
|
||||
WCHAR str[64];
|
||||
|
@ -598,6 +632,10 @@ _FX void Ipc_CreateObjects(void)
|
|||
wcscpy(buffer, buffer2);
|
||||
wcscat(buffer, L"\\Global");
|
||||
|
||||
GLOBAL = Dll_Alloc((wcslen(buffer) + 32) * sizeof(WCHAR));
|
||||
|
||||
wcscpy(GLOBAL, buffer);
|
||||
|
||||
status = SbieApi_CreateDirOrLink(buffer, buffer2);
|
||||
|
||||
if (! NT_SUCCESS(status)) {
|
||||
|
@ -643,7 +681,7 @@ _FX void Ipc_CreateObjects(void)
|
|||
wcscpy(buffer, CopyPath);
|
||||
wcscat(buffer, L"\\Global");
|
||||
|
||||
status = SbieApi_CreateDirOrLink(buffer, CopyPath);
|
||||
status = SbieApi_CreateDirOrLink(buffer, GLOBAL);
|
||||
|
||||
if (! NT_SUCCESS(status)) {
|
||||
errlvl = 41;
|
||||
|
@ -680,6 +718,8 @@ finish:
|
|||
Dll_Free(buffer);
|
||||
if(BNOLINKS)
|
||||
Dll_Free(BNOLINKS);
|
||||
if(GLOBAL)
|
||||
Dll_Free(GLOBAL);
|
||||
if(buffer2)
|
||||
Dll_Free(buffer2);
|
||||
|
||||
|
@ -744,7 +784,7 @@ _FX NTSTATUS Ipc_GetName(
|
|||
name = Dll_GetTlsNameBuffer(
|
||||
TlsData, TRUE_NAME_BUFFER, length + objname_len);
|
||||
|
||||
if ((! objname_len) || (! *objname_buf)) {
|
||||
/*if ((! objname_len) || (! *objname_buf)) {
|
||||
|
||||
//
|
||||
// an object handle was specified, but the object name is an
|
||||
|
@ -760,7 +800,7 @@ _FX NTSTATUS Ipc_GetName(
|
|||
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
}
|
||||
}*/
|
||||
|
||||
if (objname_len && *objname_buf == L'\\') {
|
||||
|
||||
|
@ -1392,10 +1432,10 @@ _FX NTSTATUS Ipc_NtConnectPort(
|
|||
ConnectionInfo, ConnectionInfoLength, MaximumMessageLength,
|
||||
ClientSharedMemory, NULL, ServerSharedMemory);
|
||||
|
||||
if (status != STATUS_BAD_INITIAL_PC)
|
||||
__leave;
|
||||
if (status == STATUS_BAD_INITIAL_STACK)
|
||||
goto OpenTruePath;
|
||||
if (status != STATUS_BAD_INITIAL_PC)
|
||||
__leave;
|
||||
|
||||
//
|
||||
// if trying to connect to a COM port, start our COM servers first
|
||||
|
@ -1520,10 +1560,10 @@ _FX NTSTATUS Ipc_NtSecureConnectPort(
|
|||
ConnectionInfo, ConnectionInfoLength, MaximumMessageLength,
|
||||
ClientSharedMemory, ServerSid, ServerSharedMemory);
|
||||
|
||||
if (status != STATUS_BAD_INITIAL_PC)
|
||||
__leave;
|
||||
if (status == STATUS_BAD_INITIAL_STACK)
|
||||
goto OpenTruePath;
|
||||
if (status != STATUS_BAD_INITIAL_PC)
|
||||
__leave;
|
||||
|
||||
//
|
||||
// if trying to connect to a COM port, start our COM servers first
|
||||
|
@ -1772,10 +1812,10 @@ _FX NTSTATUS Ipc_NtAlpcConnectPort(
|
|||
ConnectionInfo, ConnectionInfoLength, AlpcConnectInfo,
|
||||
NULL, ServerSid, NULL);
|
||||
|
||||
if (status != STATUS_BAD_INITIAL_PC)
|
||||
__leave;
|
||||
if (status == STATUS_BAD_INITIAL_STACK)
|
||||
goto OpenTruePath;
|
||||
if (status != STATUS_BAD_INITIAL_PC)
|
||||
__leave;
|
||||
|
||||
//
|
||||
// if trying to connect to a COM port, start our COM servers first
|
||||
|
@ -1948,10 +1988,10 @@ _FX NTSTATUS Ipc_NtAlpcConnectPortEx(
|
|||
ConnectionInfo, ConnectionInfoLength, AlpcConnectInfo,
|
||||
NULL, ServerSd, NULL);
|
||||
|
||||
if (status != STATUS_BAD_INITIAL_PC)
|
||||
__leave;
|
||||
if (status == STATUS_BAD_INITIAL_STACK)
|
||||
goto OpenTruePath;
|
||||
if (status != STATUS_BAD_INITIAL_PC)
|
||||
__leave;
|
||||
|
||||
//
|
||||
// if trying to connect to a COM port, start our COM servers first
|
||||
|
@ -4051,6 +4091,152 @@ OpenTruePath:
|
|||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Ipc_MergeFree
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX void Ipc_MergeFree(IPC_MERGE *merge)
|
||||
{
|
||||
while (1) {
|
||||
IPC_MERGE_ENTRY *entry = List_Head(&merge->objects);
|
||||
if (! entry)
|
||||
break;
|
||||
List_Remove(&merge->objects, entry);
|
||||
Dll_Free(entry);
|
||||
}
|
||||
|
||||
Dll_Free(merge);
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Ipc_NtClose
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX void Ipc_NtClose(HANDLE IpcHandle, void* CloseParams)
|
||||
{
|
||||
IPC_MERGE *merge;
|
||||
|
||||
EnterCriticalSection(&Ipc_Handles_CritSec);
|
||||
|
||||
merge = List_Head(&Ipc_Handles);
|
||||
while (merge) {
|
||||
if (merge->handle == IpcHandle) {
|
||||
|
||||
Handle_UnRegisterHandler(merge->handle, Ipc_NtClose, NULL);
|
||||
List_Remove(&Ipc_Handles, merge);
|
||||
Ipc_MergeFree(merge);
|
||||
|
||||
break;
|
||||
}
|
||||
merge = List_Next(merge);
|
||||
}
|
||||
|
||||
LeaveCriticalSection(&Ipc_Handles_CritSec);
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Ipc_MergeDirectoryObject
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX NTSTATUS Ipc_MergeDirectoryObject(IPC_MERGE *merge, WCHAR* path, BOOLEAN join)
|
||||
{
|
||||
NTSTATUS status;
|
||||
HANDLE directoryHandle;
|
||||
OBJECT_ATTRIBUTES objattrs;
|
||||
UNICODE_STRING objname;
|
||||
|
||||
RtlInitUnicodeString(&objname, path);
|
||||
|
||||
InitializeObjectAttributes(
|
||||
&objattrs, &objname, OBJ_CASE_INSENSITIVE, NULL, NULL);
|
||||
|
||||
status = __sys_NtOpenDirectoryObject(&directoryHandle, DIRECTORY_QUERY, &objattrs);
|
||||
if (!NT_SUCCESS(status))
|
||||
return status;
|
||||
|
||||
ULONG bufferSize = 4096;
|
||||
PVOID buffer = Dll_Alloc(bufferSize);
|
||||
BOOLEAN firstTime = TRUE;
|
||||
ULONG indexCounter = 0;
|
||||
ULONG returnLength;
|
||||
|
||||
while (1)
|
||||
{
|
||||
status = __sys_NtQueryDirectoryObject(directoryHandle, buffer, bufferSize, FALSE, firstTime, &indexCounter, &returnLength);
|
||||
firstTime = FALSE;
|
||||
|
||||
if (status == STATUS_NO_MORE_ENTRIES)
|
||||
break; // done
|
||||
if (!NT_SUCCESS(status))
|
||||
break; // error
|
||||
|
||||
for (POBJECT_DIRECTORY_INFORMATION directoryInfo = buffer; directoryInfo->Name.Length != 0; directoryInfo++)
|
||||
{
|
||||
ULONG len = sizeof(IPC_MERGE_ENTRY) + (directoryInfo->Name.MaximumLength + directoryInfo->TypeName.MaximumLength) * sizeof(WCHAR);
|
||||
|
||||
//
|
||||
// when we are joining we remove the older entries when a duplicate is encountered
|
||||
//
|
||||
|
||||
if (join) {
|
||||
|
||||
IPC_MERGE_ENTRY* entry = List_Head(&merge->objects);
|
||||
while (entry) {
|
||||
|
||||
if (entry->Name.Length == directoryInfo->Name.Length && memcmp(entry->Name.Buffer, directoryInfo->Name.Buffer, entry->Name.Length) == 0)
|
||||
break;
|
||||
|
||||
entry = List_Next(entry);
|
||||
}
|
||||
|
||||
if (entry) {
|
||||
|
||||
if (entry->TypeName.Length == directoryInfo->TypeName.Length && memcmp(entry->TypeName.Buffer, directoryInfo->TypeName.Buffer, entry->TypeName.Length) == 0)
|
||||
continue; // identical entry, nothign to do
|
||||
|
||||
// same name but different type, remove old entry
|
||||
List_Remove(&merge->objects, entry);
|
||||
Dll_Free(entry);
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// add new entry
|
||||
//
|
||||
|
||||
IPC_MERGE_ENTRY* entry = Dll_Alloc(len);
|
||||
WCHAR* ptr = entry + 1;
|
||||
|
||||
entry->Name.Length = directoryInfo->Name.Length;
|
||||
entry->Name.MaximumLength = directoryInfo->Name.MaximumLength;
|
||||
entry->Name.Buffer = ptr;
|
||||
memcpy(ptr, directoryInfo->Name.Buffer, directoryInfo->Name.MaximumLength);
|
||||
ptr += directoryInfo->Name.MaximumLength / sizeof(WCHAR);
|
||||
|
||||
entry->TypeName.Length = directoryInfo->TypeName.Length;
|
||||
entry->TypeName.MaximumLength = directoryInfo->TypeName.MaximumLength;
|
||||
entry->TypeName.Buffer = ptr;
|
||||
memcpy(ptr, directoryInfo->TypeName.Buffer, directoryInfo->TypeName.MaximumLength);
|
||||
//ptr += directoryInfo->TypeName.MaximumLength / sizeof(WCHAR);
|
||||
|
||||
List_Insert_After(&merge->objects, NULL, entry);
|
||||
}
|
||||
}
|
||||
|
||||
Dll_Free(buffer);
|
||||
|
||||
extern P_NtClose __sys_NtClose;
|
||||
__sys_NtClose(directoryHandle);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Ipc_NtQueryDirectoryObject
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -4065,8 +4251,133 @@ _FX NTSTATUS Ipc_NtQueryDirectoryObject(
|
|||
PULONG Context,
|
||||
PULONG ReturnLength)
|
||||
{
|
||||
SbieApi_Log(2205, L"NtQueryDirectoryObject");
|
||||
return __sys_NtQueryDirectoryObject(DirectoryHandle, Buffer, Length, ReturnSingleEntry, RestartScan, Context, ReturnLength);
|
||||
IPC_MERGE *merge;
|
||||
|
||||
EnterCriticalSection(&Ipc_Handles_CritSec);
|
||||
|
||||
merge = List_Head(&Ipc_Handles);
|
||||
while (merge) {
|
||||
|
||||
IPC_MERGE *next = List_Next(merge);
|
||||
|
||||
if (merge->handle == DirectoryHandle)
|
||||
break;
|
||||
|
||||
merge = next;
|
||||
}
|
||||
|
||||
if (RestartScan && merge != NULL) {
|
||||
|
||||
Handle_UnRegisterHandler(merge->handle, Ipc_NtClose, NULL);
|
||||
List_Remove(&Ipc_Handles, merge);
|
||||
Ipc_MergeFree(merge);
|
||||
|
||||
merge = NULL;
|
||||
}
|
||||
|
||||
if (! merge) {
|
||||
|
||||
merge = Dll_Alloc(sizeof(IPC_MERGE));
|
||||
memzero(merge, sizeof(IPC_MERGE));
|
||||
|
||||
merge->handle = DirectoryHandle;
|
||||
|
||||
List_Insert_Before(&Ipc_Handles, NULL, merge);
|
||||
Handle_RegisterHandler(merge->handle, Ipc_NtClose, NULL, FALSE);
|
||||
|
||||
WCHAR *TruePath;
|
||||
WCHAR *CopyPath;
|
||||
NTSTATUS status = Ipc_GetName(DirectoryHandle, NULL, &TruePath, &CopyPath, NULL);
|
||||
|
||||
if (!NT_SUCCESS(status))
|
||||
return status;
|
||||
|
||||
Ipc_MergeDirectoryObject(merge, TruePath, FALSE);
|
||||
|
||||
ULONG len = wcslen(CopyPath); // fix root copy path, remove tailing '\\'
|
||||
if (CopyPath[len - 1] == L'\\') CopyPath[len - 1] = 0;
|
||||
|
||||
Ipc_MergeDirectoryObject(merge, CopyPath, TRUE);
|
||||
}
|
||||
|
||||
//
|
||||
// goto index, for better performacne we could cache indexes
|
||||
//
|
||||
|
||||
IPC_MERGE_ENTRY* entry = List_Head(&merge->objects);
|
||||
|
||||
ULONG indexCounter = 0;
|
||||
if (Context) {
|
||||
for (; entry && indexCounter < *Context; indexCounter++)
|
||||
entry = List_Next(entry);
|
||||
}
|
||||
if (!entry)
|
||||
return STATUS_NO_MORE_ENTRIES;
|
||||
|
||||
//
|
||||
// count the buffer space
|
||||
//
|
||||
|
||||
ULONG CountToGo = 0;
|
||||
ULONG TotalLength = sizeof(OBJECT_DIRECTORY_INFORMATION);
|
||||
for (IPC_MERGE_ENTRY* cur = entry; cur; cur = List_Next(cur)) {
|
||||
|
||||
ULONG len = sizeof(OBJECT_DIRECTORY_INFORMATION) + (cur->Name.MaximumLength + cur->TypeName.MaximumLength) * sizeof(WCHAR);
|
||||
|
||||
if (TotalLength + len > Length)
|
||||
break; // not enough space for this entry
|
||||
|
||||
CountToGo++;
|
||||
TotalLength += len;
|
||||
|
||||
if (ReturnSingleEntry)
|
||||
break;
|
||||
}
|
||||
|
||||
//
|
||||
// fill output buffer
|
||||
//
|
||||
|
||||
POBJECT_DIRECTORY_INFORMATION directoryInfo = Buffer;
|
||||
WCHAR* ptr = directoryInfo + CountToGo + 1;
|
||||
|
||||
ULONG EndIndex = indexCounter + CountToGo;
|
||||
for (; entry && indexCounter < EndIndex; indexCounter++) {
|
||||
|
||||
directoryInfo->Name.Length = entry->Name.Length;
|
||||
directoryInfo->Name.MaximumLength = entry->Name.MaximumLength;
|
||||
directoryInfo->Name.Buffer = ptr;
|
||||
memcpy(ptr, entry->Name.Buffer, entry->Name.MaximumLength);
|
||||
ptr += directoryInfo->Name.MaximumLength / sizeof(WCHAR);
|
||||
|
||||
directoryInfo->TypeName.Length = entry->TypeName.Length;
|
||||
directoryInfo->TypeName.MaximumLength = entry->TypeName.MaximumLength;
|
||||
directoryInfo->TypeName.Buffer = ptr;
|
||||
memcpy(ptr, entry->TypeName.Buffer, entry->TypeName.MaximumLength);
|
||||
ptr += directoryInfo->TypeName.MaximumLength / sizeof(WCHAR);
|
||||
|
||||
directoryInfo++;
|
||||
|
||||
entry = List_Next(entry);
|
||||
}
|
||||
|
||||
//
|
||||
// terminate listing with an empty entry
|
||||
//
|
||||
|
||||
directoryInfo->Name.Length = directoryInfo->TypeName.Length = 0;
|
||||
directoryInfo->Name.MaximumLength = directoryInfo->TypeName.MaximumLength = 0;
|
||||
directoryInfo->Name.Buffer = directoryInfo->TypeName.Buffer = NULL;
|
||||
|
||||
//
|
||||
// set return values
|
||||
//
|
||||
|
||||
if (ReturnLength) *ReturnLength = TotalLength;
|
||||
if (Context) *Context = indexCounter;
|
||||
if (indexCounter < (ULONG)merge->objects.count)
|
||||
return STATUS_MORE_ENTRIES;
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -80,11 +80,10 @@ static ULONG Key_IsDeletedEx_v2(const WCHAR* TruePath, const WCHAR* ValueName, B
|
|||
//
|
||||
|
||||
VOID File_ClearPathBranche_internal(LIST* parent);
|
||||
VOID File_SavePathTree_internal(LIST* Root, const WCHAR* name);
|
||||
BOOLEAN File_LoadPathTree_internal(LIST* Root, const WCHAR* name);
|
||||
VOID File_SavePathTree_internal(LIST* Root, const WCHAR* name, WCHAR* (*TranslatePath)(const WCHAR *));
|
||||
BOOLEAN File_LoadPathTree_internal(LIST* Root, const WCHAR* name, WCHAR* (*TranslatePath)(const WCHAR *));
|
||||
VOID File_SetPathFlags_internal(LIST* Root, const WCHAR* Path, ULONG setFlags, ULONG clrFlags, const WCHAR* Relocation);
|
||||
ULONG File_GetPathFlags_internal(LIST* Root, const WCHAR* Path, WCHAR** pRelocation, BOOLEAN CheckChildren);
|
||||
VOID File_SavePathNode_internal(HANDLE hPathsFile, LIST* parent, WCHAR* Path, ULONG Length, ULONG SetFlags);
|
||||
BOOLEAN File_MarkDeleted_internal(LIST* Root, const WCHAR* Path);
|
||||
VOID File_SetRelocation_internal(LIST* Root, const WCHAR* OldTruePath, const WCHAR* NewTruePath);
|
||||
|
||||
|
@ -128,7 +127,7 @@ _FX BOOLEAN Key_SavePathTree()
|
|||
{
|
||||
EnterCriticalSection(Key_PathRoot_CritSec);
|
||||
|
||||
File_SavePathTree_internal(&Key_PathRoot, KEY_PATH_FILE_NAME);
|
||||
File_SavePathTree_internal(&Key_PathRoot, KEY_PATH_FILE_NAME, NULL);
|
||||
|
||||
File_GetAttributes_internal(KEY_PATH_FILE_NAME, &Key_PathsFileSize, &Key_PathsFileDate, NULL);
|
||||
|
||||
|
@ -151,7 +150,7 @@ _FX BOOLEAN Key_LoadPathTree()
|
|||
|
||||
EnterCriticalSection(Key_PathRoot_CritSec);
|
||||
|
||||
Key_RegPaths_Loaded = File_LoadPathTree_internal(&Key_PathRoot, KEY_PATH_FILE_NAME);
|
||||
Key_RegPaths_Loaded = File_LoadPathTree_internal(&Key_PathRoot, KEY_PATH_FILE_NAME, NULL);
|
||||
|
||||
LeaveCriticalSection(Key_PathRoot_CritSec);
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
* Copyright 2021-2022 David Xanatos, xanasoft.com
|
||||
* Copyright 2021-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -206,7 +206,7 @@ _FX NTSTATUS Key_Merge(
|
|||
// if we got here, we need to discard the stale entry
|
||||
//
|
||||
|
||||
Handle_UnRegisterCloseHandler(merge->handle, Key_NtClose);
|
||||
Handle_UnRegisterHandler(merge->handle, Key_NtClose, NULL);
|
||||
List_Remove(&Key_Handles, merge);
|
||||
Key_MergeFree(merge, TRUE);
|
||||
|
||||
|
@ -234,7 +234,7 @@ _FX NTSTATUS Key_Merge(
|
|||
memcpy(merge->name, TruePath, TruePath_len + sizeof(WCHAR));
|
||||
|
||||
List_Insert_Before(&Key_Handles, NULL, merge);
|
||||
Handle_RegisterCloseHandler(merge->handle, Key_NtClose);
|
||||
Handle_RegisterHandler(merge->handle, Key_NtClose, NULL, FALSE);
|
||||
}
|
||||
|
||||
//
|
||||
|
@ -1557,7 +1557,7 @@ _FX void Key_DiscardMergeByPath(const WCHAR *TruePath, BOOLEAN Recurse)
|
|||
}
|
||||
}
|
||||
|
||||
Handle_UnRegisterCloseHandler(merge->handle, Key_NtClose);
|
||||
Handle_UnRegisterHandler(merge->handle, Key_NtClose, NULL);
|
||||
List_Remove(&Key_Handles, merge);
|
||||
Key_MergeFree(merge, TRUE);
|
||||
}
|
||||
|
@ -1605,7 +1605,7 @@ _FX void Key_DiscardMergeByHandle(
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX void Key_NtClose(HANDLE KeyHandle)
|
||||
_FX void Key_NtClose(HANDLE KeyHandle, void* CloseParams)
|
||||
{
|
||||
KEY_MERGE *merge;
|
||||
|
||||
|
|
|
@ -282,22 +282,15 @@ void CALLBACK Ldr_LdrDllNotification(ULONG NotificationReason, PLDR_DLL_NOTIFICA
|
|||
{
|
||||
ULONG_PTR LdrCookie = 0;
|
||||
NTSTATUS status = 0;
|
||||
WCHAR text[4096];
|
||||
|
||||
if (NotificationReason == 1) {
|
||||
status = __sys_LdrLockLoaderLock(0, NULL, &LdrCookie);
|
||||
Ldr_MyDllCallbackNew(NotificationData->Loaded.BaseDllName->Buffer, (HMODULE)NotificationData->Loaded.DllBase, TRUE);
|
||||
__sys_LdrUnlockLoaderLock(0, LdrCookie);
|
||||
|
||||
Sbie_snwprintf(text, ARRAYSIZE(text), L"%s (loaded)", NotificationData->Loaded.BaseDllName->Buffer);
|
||||
}
|
||||
else if (NotificationReason == 2) {
|
||||
Ldr_MyDllCallbackNew(NotificationData->Unloaded.BaseDllName->Buffer, (HMODULE)NotificationData->Loaded.DllBase, FALSE);
|
||||
|
||||
Sbie_snwprintf(text, ARRAYSIZE(text), L"%s (unloaded)", NotificationData->Loaded.BaseDllName->Buffer);
|
||||
}
|
||||
|
||||
SbieApi_MonitorPutMsg(MONITOR_IMAGE, text);
|
||||
}
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -1090,19 +1083,25 @@ _FX void Ldr_MyDllCallbackA(const CHAR *ImageName, HMODULE ImageBase, BOOL LoadS
|
|||
WCHAR ImageNameW[128];
|
||||
Sbie_snwprintf(ImageNameW, ARRAYSIZE(ImageNameW), L"%S", ImageName);
|
||||
|
||||
Ldr_MyDllCallbackW(ImageNameW, ImageBase, LoadState);
|
||||
Ldr_MyDllCallbackNew(ImageNameW, ImageBase, LoadState);
|
||||
}
|
||||
|
||||
|
||||
_FX void Ldr_MyDllCallbackW(const WCHAR *ImageName, HMODULE ImageBase, BOOL LoadState) // Windows XP
|
||||
{
|
||||
// call new function
|
||||
Ldr_MyDllCallbackNew(ImageName, ImageBase, LoadState);
|
||||
}
|
||||
|
||||
|
||||
_FX void Ldr_MyDllCallbackNew(const WCHAR *ImageName, HMODULE ImageBase, BOOL LoadState) // Windows 8.1 and later
|
||||
{
|
||||
WCHAR text[4096];
|
||||
if(LoadState)
|
||||
Sbie_snwprintf(text, ARRAYSIZE(text), L"%s (loaded)", ImageName);
|
||||
else
|
||||
Sbie_snwprintf(text, ARRAYSIZE(text), L"%s (unloaded)", ImageName);
|
||||
SbieApi_MonitorPutMsg(MONITOR_IMAGE, text);
|
||||
|
||||
//
|
||||
// invoke our sub-modules as necessary
|
||||
//
|
||||
|
@ -1187,12 +1186,12 @@ _FX void *Ldr_GetProcAddrOld(const WCHAR *DllName, const WCHAR *ProcNameW)
|
|||
_FX void *Ldr_GetProcAddrNew(const WCHAR *DllName, const WCHAR *ProcNameW, char * ProcNameA)
|
||||
{
|
||||
NTSTATUS status;
|
||||
void *proc;
|
||||
void *proc = NULL;
|
||||
// char buffer[768];
|
||||
// sprintf(buffer,"GetProcAddrNew: DllName = %S, ProcW = %S, ProcA = %s\n",DllName,ProcNameW,ProcNameA);
|
||||
// OutputDebugStringA(buffer);
|
||||
|
||||
if (Dll_OsBuild < 9600) {
|
||||
if (Dll_OsBuild < 9600) { // Windows 8.0 or earlier
|
||||
proc = Ldr_GetProcAddr_2(DllName, ProcNameW);
|
||||
if (!proc) {
|
||||
ULONG_PTR LdrCookie;
|
||||
|
@ -1223,7 +1222,7 @@ _FX void *Ldr_GetProcAddrNew(const WCHAR *DllName, const WCHAR *ProcNameW, char
|
|||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
else { // Windows 8.1 and later
|
||||
HMODULE DllBase;
|
||||
DllBase = GetModuleHandle(DllName);
|
||||
if (!DllBase) {
|
||||
|
|
|
@ -22,6 +22,7 @@
|
|||
|
||||
|
||||
#include "dll.h"
|
||||
#include "core/low/lowdata.h"
|
||||
#include <stdio.h>
|
||||
|
||||
|
||||
|
@ -881,5 +882,21 @@ _FX void* Ldr_Inject_Entry(ULONG_PTR *pPtr)
|
|||
Ldr_LoadInjectDlls(g_bHostInject);
|
||||
}
|
||||
|
||||
|
||||
//
|
||||
// free the syscall/inject data area which is no longer needed
|
||||
//
|
||||
|
||||
#ifdef _M_ARM64EC
|
||||
extern ULONG* SbieApi_SyscallPtr;
|
||||
SbieApi_SyscallPtr = NULL;
|
||||
#endif
|
||||
extern SBIELOW_DATA* SbieApi_data;
|
||||
VirtualFree((void*)SbieApi_data->syscall_data, 0, MEM_RELEASE);
|
||||
|
||||
//
|
||||
// return original entry point address to jump to
|
||||
//
|
||||
|
||||
return entrypoint;
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
// Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
// Copyright 2023 David Xanatos, xanasoft.com
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
|
@ -54,11 +55,10 @@
|
|||
#ifdef BUILD_UTILITY_PASS2
|
||||
|
||||
#if MY_ARM64_FLAG
|
||||
LOWLEVEL RCDATA "../low/obj/ARM64/LowLevel.dll"
|
||||
LOWLEVEL64 RCDATA "../low/obj/ARM64/LowLevel.dll"
|
||||
#elif MY_WIN64_FLAG
|
||||
LOWLEVEL RCDATA "../low/obj/amd64/LowLevel.dll"
|
||||
#else
|
||||
LOWLEVEL RCDATA "../low/obj/i386/LowLevel.dll"
|
||||
LOWLEVEL64 RCDATA "../low/obj/amd64/LowLevel.dll"
|
||||
#endif // MY_WIN64_FLAG
|
||||
LOWLEVEL32 RCDATA "../low/obj/i386/LowLevel.dll"
|
||||
|
||||
#endif // BUILD_UTILITY_PASS2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
* Copyright 2020-2022 David Xanatos, xanasoft.com
|
||||
* Copyright 2020-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -48,6 +48,7 @@
|
|||
typedef struct _MY_TARGETS {
|
||||
unsigned long long entry;
|
||||
unsigned long long data;
|
||||
unsigned long long detour;
|
||||
} MY_TARGETS;
|
||||
|
||||
#ifdef _M_ARM64
|
||||
|
@ -85,7 +86,7 @@ typedef PVOID (*P_VirtualAlloc2)(
|
|||
SBIEDLL_EXPORT HANDLE SbieDll_InjectLow_SendHandle(HANDLE hProcess);
|
||||
|
||||
void *SbieDll_InjectLow_CopyCode(
|
||||
HANDLE hProcess, SIZE_T lowLevel_size, UCHAR *code, ULONG code_len
|
||||
HANDLE hProcess, SIZE_T total_size, SIZE_T lowLevel_size, const void* lowLevel_ptr
|
||||
#ifdef _M_ARM64
|
||||
, BOOLEAN use_arm64ec
|
||||
#endif
|
||||
|
@ -129,11 +130,16 @@ ULONG Hook_GetSysCallFunc(ULONG* aCode, void** pHandleStubHijack);
|
|||
|
||||
|
||||
void *m_sbielow_ptr = NULL;
|
||||
ULONG m_sbielow_len = 0;
|
||||
//adding two offsets variables to replace the "head" and "tail" dependency
|
||||
ULONG m_sbielow_start_offset = 0;
|
||||
ULONG m_sbielow_data_offset = 0;
|
||||
|
||||
ULONG m_sbielow_len = 0;
|
||||
#ifdef _WIN64
|
||||
void *m_sbielow32_ptr = NULL;
|
||||
ULONG m_sbielow32_len = 0;
|
||||
ULONG m_sbielow32_detour_offset = 0;
|
||||
#endif
|
||||
|
||||
ULONG *m_syscall_data = NULL;
|
||||
|
||||
|
@ -149,19 +155,19 @@ P_VirtualAlloc2 __sys_VirtualAlloc2 = NULL;
|
|||
|
||||
#endif
|
||||
|
||||
#include "core/low/lowlevel_code.c"
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// InjectLow_InitHelper
|
||||
// SbieDll_InjectLow_LoadLow
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX ULONG SbieDll_InjectLow_InitHelper()
|
||||
_FX ULONG SbieDll_InjectLow_LoadLow(BOOLEAN arch_64bit, void **sbielow_ptr, ULONG *sbielow_len, ULONG *start_offset, ULONG* data_offset, ULONG* detour_offset)
|
||||
{
|
||||
//
|
||||
// lock the SbieLow resource (embedded within the SbieSvc executable,
|
||||
// see lowlevel.rc) and find the offset to executable code, and length
|
||||
//
|
||||
|
||||
IMAGE_DOS_HEADER *dos_hdr = 0;
|
||||
IMAGE_NT_HEADERS *nt_hdrs = 0;
|
||||
IMAGE_SECTION_HEADER *section = 0;
|
||||
|
@ -171,7 +177,7 @@ _FX ULONG SbieDll_InjectLow_InitHelper()
|
|||
|
||||
ULONG errlvl = 0x11;
|
||||
|
||||
HRSRC hrsrc = FindResource(Dll_Instance, L"LOWLEVEL", RT_RCDATA);
|
||||
HRSRC hrsrc = FindResource(Dll_Instance, arch_64bit ? L"LOWLEVEL64" : L"LOWLEVEL32", RT_RCDATA);
|
||||
if (! hrsrc)
|
||||
return errlvl;
|
||||
|
||||
|
@ -193,44 +199,33 @@ _FX ULONG SbieDll_InjectLow_InitHelper()
|
|||
if (dos_hdr->e_magic == 'MZ' || dos_hdr->e_magic == 'ZM') {
|
||||
nt_hdrs = (IMAGE_NT_HEADERS *)((UCHAR *)dos_hdr + dos_hdr->e_lfanew);
|
||||
|
||||
if (nt_hdrs->Signature == IMAGE_NT_SIGNATURE) { // 'PE\0\0'
|
||||
#ifndef _WIN64
|
||||
if (nt_hdrs->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
|
||||
if (nt_hdrs->Signature != IMAGE_NT_SIGNATURE) // 'PE\0\0'
|
||||
return errlvl;
|
||||
if (nt_hdrs->OptionalHeader.Magic != (arch_64bit ? IMAGE_NT_OPTIONAL_HDR64_MAGIC : IMAGE_NT_OPTIONAL_HDR32_MAGIC))
|
||||
return errlvl;
|
||||
|
||||
if (!arch_64bit) {
|
||||
IMAGE_NT_HEADERS32 *nt_hdrs_32 = (IMAGE_NT_HEADERS32 *)nt_hdrs;
|
||||
IMAGE_OPTIONAL_HEADER32 *opt_hdr_32 = &nt_hdrs_32->OptionalHeader;
|
||||
data_dirs = &opt_hdr_32->DataDirectory[0];
|
||||
imageBase = opt_hdr_32->ImageBase;
|
||||
}
|
||||
#else
|
||||
if (nt_hdrs->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
|
||||
else {
|
||||
IMAGE_NT_HEADERS64 *nt_hdrs_64 = (IMAGE_NT_HEADERS64 *)nt_hdrs;
|
||||
IMAGE_OPTIONAL_HEADER64 *opt_hdr_64 = &nt_hdrs_64->OptionalHeader;
|
||||
data_dirs = &opt_hdr_64->DataDirectory[0];
|
||||
imageBase = (ULONG_PTR)opt_hdr_64->ImageBase;
|
||||
}
|
||||
#endif
|
||||
else {
|
||||
|
||||
return errlvl;
|
||||
}
|
||||
}
|
||||
else {
|
||||
|
||||
return errlvl;
|
||||
}
|
||||
}
|
||||
|
||||
ULONG zzzzz;
|
||||
|
||||
ULONG zzzzz = 1;
|
||||
#ifdef _M_ARM64
|
||||
zzzzz = 4;
|
||||
#else
|
||||
if (imageBase != 0) {
|
||||
return errlvl;
|
||||
}
|
||||
|
||||
zzzzz = 1;
|
||||
if (arch_64bit)
|
||||
zzzzz = 4; // ARM64 only
|
||||
else
|
||||
#endif
|
||||
if (imageBase != 0) // x64 or x86
|
||||
return errlvl;
|
||||
|
||||
section = IMAGE_FIRST_SECTION(nt_hdrs);
|
||||
if (nt_hdrs->FileHeader.NumberOfSections < 2) return errlvl;
|
||||
|
@ -241,13 +236,32 @@ _FX ULONG SbieDll_InjectLow_InitHelper()
|
|||
|
||||
|
||||
targets = (MY_TARGETS *)& bindata[section[zzzzz].PointerToRawData];
|
||||
m_sbielow_start_offset = (ULONG)(targets->entry - imageBase - section[0].VirtualAddress);
|
||||
m_sbielow_data_offset = (ULONG)(targets->data - imageBase - section[0].VirtualAddress);
|
||||
if(start_offset) *start_offset = (ULONG)(targets->entry - imageBase - section[0].VirtualAddress);
|
||||
if(data_offset) *data_offset = (ULONG)(targets->data - imageBase - section[0].VirtualAddress);
|
||||
if(detour_offset) *detour_offset = (ULONG)(targets->detour - imageBase - section[0].VirtualAddress);
|
||||
|
||||
m_sbielow_ptr = bindata + section[0].PointerToRawData; //Old version: head;
|
||||
m_sbielow_len = section[0].SizeOfRawData; //Old version: (ULONG)(ULONG_PTR)(tail - head);
|
||||
*sbielow_ptr = bindata + section[0].PointerToRawData; //Old version: head;
|
||||
*sbielow_len = section[0].SizeOfRawData; //Old version: (ULONG)(ULONG_PTR)(tail - head);
|
||||
|
||||
if ((!m_sbielow_start_offset) || (!m_sbielow_data_offset))
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// InjectLow_InitHelper
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX ULONG SbieDll_InjectLow_InitHelper()
|
||||
{
|
||||
#ifdef _WIN64
|
||||
ULONG errlvl = SbieDll_InjectLow_LoadLow(TRUE, &m_sbielow_ptr, &m_sbielow_len, &m_sbielow_start_offset, &m_sbielow_data_offset, NULL);
|
||||
if(!errlvl)
|
||||
errlvl = SbieDll_InjectLow_LoadLow(FALSE, &m_sbielow32_ptr, &m_sbielow32_len, NULL, NULL, &m_sbielow32_detour_offset);
|
||||
#else
|
||||
ULONG errlvl = SbieDll_InjectLow_LoadLow(FALSE, &m_sbielow_ptr, &m_sbielow_len, &m_sbielow_start_offset, &m_sbielow_data_offset, NULL);
|
||||
#endif
|
||||
if (errlvl)
|
||||
return errlvl;
|
||||
|
||||
//
|
||||
|
@ -403,6 +417,10 @@ _FX ULONG SbieDll_InjectLow_InitSyscalls(BOOLEAN drv_init)
|
|||
// Get the SbieDll Location
|
||||
//
|
||||
|
||||
/*if (1) {
|
||||
GetSystemDirectory(sbie_home, 512);
|
||||
}
|
||||
else */
|
||||
if (drv_init)
|
||||
{
|
||||
status = SbieApi_GetHomePath(NULL, 0, sbie_home, 512);
|
||||
|
@ -531,6 +549,15 @@ _FX ULONG SbieDll_InjectLow_InitSyscalls(BOOLEAN drv_init)
|
|||
extra->LdrGetProcAddr_offset = ULONG_DIFF(ptr, extra);
|
||||
ptr += 28 / sizeof(WCHAR);
|
||||
|
||||
//
|
||||
// write an ASCII string for NtProtectVirtualMemory
|
||||
//
|
||||
|
||||
strcpy((char *)ptr, "NtProtectVirtualMemory");
|
||||
|
||||
extra->NtProtectVirtualMemory_offset = ULONG_DIFF(ptr, extra);
|
||||
ptr += 28 / sizeof(WCHAR);
|
||||
|
||||
//
|
||||
// write an ASCII string for NtRaiseHardError
|
||||
//
|
||||
|
@ -540,6 +567,15 @@ _FX ULONG SbieDll_InjectLow_InitSyscalls(BOOLEAN drv_init)
|
|||
extra->NtRaiseHardError_offset = ULONG_DIFF(ptr, extra);
|
||||
ptr += 20 / sizeof(WCHAR);
|
||||
|
||||
//
|
||||
// write an ASCII string for NtDeviceIoControlFile
|
||||
//
|
||||
|
||||
strcpy((char *)ptr, "NtDeviceIoControlFile");
|
||||
|
||||
extra->NtDeviceIoControlFile_offset = ULONG_DIFF(ptr, extra);
|
||||
ptr += 28 / sizeof(WCHAR);
|
||||
|
||||
//
|
||||
// write an ASCII string for RtlFindActivationContextSectionString
|
||||
//
|
||||
|
@ -615,15 +651,6 @@ _FX ULONG SbieDll_InjectLow_InitSyscalls(BOOLEAN drv_init)
|
|||
|
||||
extra->InjectData_offset = ULONG_DIFF(ptr, extra);
|
||||
|
||||
#ifdef _WIN64
|
||||
|
||||
//
|
||||
// Copy the required non shell code into INJECT_DATA.DetourCode_*
|
||||
//
|
||||
|
||||
memcpy((UCHAR*)ptr + FIELD_OFFSET(INJECT_DATA, DetourCode_x86), SbieDll_ShellCode_x86, sizeof(SbieDll_ShellCode_x86));
|
||||
#endif
|
||||
|
||||
//
|
||||
// adjust size of syscall buffer to include path strings
|
||||
//
|
||||
|
@ -852,6 +879,7 @@ _FX ULONG SbieDll_InjectLow(HANDLE hProcess, ULONG init_flags, BOOLEAN dup_drv_h
|
|||
#endif
|
||||
|
||||
lowdata.RealNtDeviceIoControlFile = (ULONG64)GetProcAddress((HMODULE)lowdata.ntdll_base, "NtDeviceIoControlFile");
|
||||
lowdata.NativeNtProtectVirtualMemory = (ULONG64)GetProcAddress((HMODULE)lowdata.ntdll_base, "NtProtectVirtualMemory");
|
||||
lowdata.NativeNtRaiseHardError = (ULONG64)GetProcAddress((HMODULE)lowdata.ntdll_base, "NtRaiseHardError");
|
||||
|
||||
//
|
||||
|
@ -885,16 +913,76 @@ _FX ULONG SbieDll_InjectLow(HANDLE hProcess, ULONG init_flags, BOOLEAN dup_drv_h
|
|||
#endif
|
||||
lowLevel_size = m_sbielow_len;
|
||||
|
||||
void *remote_addr = SbieDll_InjectLow_CopyCode(hProcess, lowLevel_size, lowdata.LdrInitializeThunk_tramp, sizeof(lowdata.LdrInitializeThunk_tramp)
|
||||
void *remote_addr = SbieDll_InjectLow_CopyCode(hProcess, lowLevel_size, m_sbielow_len, m_sbielow_ptr
|
||||
#ifdef _M_ARM64
|
||||
, (BOOLEAN)lowdata.flags.is_arm64ec
|
||||
#endif
|
||||
);
|
||||
|
||||
if (remote_addr) {
|
||||
|
||||
void* pLdrInitializeThunk = (void*)m_LdrInitializeThunk;
|
||||
#ifdef _M_ARM64
|
||||
if (lowdata.flags.is_arm64ec)
|
||||
pLdrInitializeThunk = (void*)m_LdrInitializeThunkEC;
|
||||
#endif
|
||||
|
||||
//
|
||||
// copy code at LdrInitializeThunk from new process
|
||||
//
|
||||
|
||||
SIZE_T len1 = sizeof(lowdata.LdrInitializeThunk_tramp);
|
||||
SIZE_T len2 = 0;
|
||||
/*
|
||||
sprintf(buffer,"CopyCode: copy ldr size %d\n",code_len);
|
||||
OutputDebugStringA(buffer);
|
||||
*/
|
||||
BOOL vm_ok = ReadProcessMemory(
|
||||
hProcess, pLdrInitializeThunk, lowdata.LdrInitializeThunk_tramp,
|
||||
len1, &len2);
|
||||
|
||||
if (!vm_ok || len1 != len2) {
|
||||
|
||||
remote_addr = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
if (!remote_addr) {
|
||||
errlvl = 0x33;
|
||||
goto finish;
|
||||
}
|
||||
|
||||
#ifdef _WIN64
|
||||
void *remote_addr32 = NULL;
|
||||
if (lowdata.flags.is_wow64) {
|
||||
|
||||
//
|
||||
// when this is a 32 bit process running under WoW64, we need to inject also some 32 bit code
|
||||
//
|
||||
|
||||
remote_addr32 = SbieDll_InjectLow_CopyCode(hProcess, m_sbielow32_len, m_sbielow32_len, m_sbielow32_ptr
|
||||
#ifdef _M_ARM64
|
||||
, FALSE
|
||||
#endif
|
||||
);
|
||||
|
||||
if (remote_addr32) {
|
||||
|
||||
ULONG protect;
|
||||
BOOL vm_ok = VirtualProtectEx(hProcess, remote_addr32, m_sbielow32_len,
|
||||
PAGE_EXECUTE_READ, &protect);
|
||||
if (vm_ok) {
|
||||
lowdata.ptr_32bit_detour = (ULONG64)((UCHAR*)remote_addr32 + m_sbielow32_detour_offset);
|
||||
}
|
||||
}
|
||||
|
||||
if (!lowdata.ptr_32bit_detour) {
|
||||
errlvl = 0x88;
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef _M_ARM64
|
||||
#ifdef _WIN64
|
||||
lowdata.flags.long_diff = 1;
|
||||
|
@ -1041,8 +1129,8 @@ _FX void* InjectLow_AllocMemory(HANDLE hProcess, SIZE_T size, BOOLEAN executable
|
|||
void *remote_addr = NULL;
|
||||
|
||||
#ifdef _M_ARM64
|
||||
if (use_arm64ec && executable)
|
||||
{
|
||||
if (use_arm64ec && executable) {
|
||||
|
||||
MEM_EXTENDED_PARAMETER Parameter = { 0 };
|
||||
Parameter.Type = MemExtendedParameterAttributeFlags;
|
||||
Parameter.ULong64 = MEM_EXTENDED_PARAMETER_EC_CODE;
|
||||
|
@ -1051,8 +1139,9 @@ _FX void* InjectLow_AllocMemory(HANDLE hProcess, SIZE_T size, BOOLEAN executable
|
|||
|
||||
remote_addr = __sys_VirtualAlloc2(hProcess, (void*)base_addr, region_size, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE, &Parameter, 1);
|
||||
}
|
||||
|
||||
return remote_addr;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
|
||||
//
|
||||
|
@ -1127,20 +1216,13 @@ _FX HANDLE SbieDll_InjectLow_SendHandle(HANDLE hProcess)
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX void *SbieDll_InjectLow_CopyCode(HANDLE hProcess, SIZE_T lowLevel_size, UCHAR *code, ULONG code_len
|
||||
_FX void *SbieDll_InjectLow_CopyCode(HANDLE hProcess, SIZE_T total_size, SIZE_T lowLevel_size, const void* lowLevel_ptr
|
||||
#ifdef _M_ARM64
|
||||
, BOOLEAN use_arm64ec
|
||||
#endif
|
||||
) {
|
||||
void* remote_addr;
|
||||
void* pLdrInitializeThunk = (void*)m_LdrInitializeThunk;
|
||||
|
||||
#ifdef _M_ARM64
|
||||
if (use_arm64ec)
|
||||
pLdrInitializeThunk = (void*)m_LdrInitializeThunkEC;
|
||||
#endif
|
||||
|
||||
remote_addr = InjectLow_AllocMemory(hProcess, lowLevel_size, TRUE
|
||||
void* remote_addr = InjectLow_AllocMemory(hProcess, total_size, TRUE
|
||||
#ifdef _M_ARM64
|
||||
, use_arm64ec
|
||||
#endif
|
||||
|
@ -1152,26 +1234,10 @@ _FX void *SbieDll_InjectLow_CopyCode(HANDLE hProcess, SIZE_T lowLevel_size, UCHA
|
|||
// copy SbieLow into the allocated region in the new process
|
||||
//
|
||||
|
||||
SIZE_T len1 = m_sbielow_len;
|
||||
SIZE_T len1 = lowLevel_size;
|
||||
SIZE_T len2 = 0;
|
||||
BOOL vm_ok = WriteProcessMemory(
|
||||
hProcess, remote_addr, m_sbielow_ptr,
|
||||
len1, &len2);
|
||||
|
||||
if (vm_ok && len1 == len2) {
|
||||
|
||||
//
|
||||
// copy code at LdrInitializeThunk from new process
|
||||
//
|
||||
|
||||
len1 = code_len;
|
||||
len2 = 0;
|
||||
/*
|
||||
sprintf(buffer,"CopyCode: copy ldr size %d\n",code_len);
|
||||
OutputDebugStringA(buffer);
|
||||
*/
|
||||
vm_ok = ReadProcessMemory(
|
||||
hProcess, pLdrInitializeThunk, code,
|
||||
hProcess, remote_addr, lowLevel_ptr,
|
||||
len1, &len2);
|
||||
|
||||
if (vm_ok && len1 == len2) {
|
||||
|
@ -1179,7 +1245,6 @@ _FX void *SbieDll_InjectLow_CopyCode(HANDLE hProcess, SIZE_T lowLevel_size, UCHA
|
|||
return remote_addr;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
@ -1356,10 +1421,8 @@ _FX void *SbieDll_InjectLow_CopySyscalls(HANDLE hProcess, BOOLEAN is_wow64
|
|||
data = m_syscall_data;
|
||||
SIZE_T region_size = *data;
|
||||
|
||||
remote_addr = InjectLow_AllocMemory(hProcess, region_size
|
||||
, is_wow64 // we copy the detour code into this area, hence executable = TRUE
|
||||
remote_addr = InjectLow_AllocMemory(hProcess, region_size , FALSE
|
||||
#ifdef _M_ARM64
|
||||
//|| use_arm64ec
|
||||
, FALSE
|
||||
#endif
|
||||
);
|
||||
|
@ -1406,10 +1469,7 @@ _FX BOOLEAN SbieDll_InjectLow_CopyData(
|
|||
|
||||
ULONG protect;
|
||||
vm_ok = VirtualProtectEx(hProcess, remote_addr, m_sbielow_len,
|
||||
// we want to be able to pass data from the low level dll we do this here
|
||||
// we set PAGE_EXECUTE_READ in SbieDll.dll Dll_Ordinal1
|
||||
PAGE_EXECUTE_READWRITE, &protect);
|
||||
//PAGE_EXECUTE_READ, &protect);
|
||||
PAGE_EXECUTE_READ, &protect);
|
||||
if (vm_ok) {
|
||||
return TRUE;
|
||||
}
|
||||
|
|
|
@ -1066,7 +1066,7 @@ _FX HGLOBAL XDataObject::InitFormatIdList(HGLOBAL hData)
|
|||
if (! pIdList)
|
||||
return NULL;
|
||||
|
||||
HRESULT hr;
|
||||
BOOL ok;
|
||||
HANDLE hFile;
|
||||
WCHAR *path = (WCHAR *)Dll_AllocTemp(8192);
|
||||
|
||||
|
@ -1083,8 +1083,8 @@ _FX HGLOBAL XDataObject::InitFormatIdList(HGLOBAL hData)
|
|||
LPCITEMIDLIST pidl = pILCombine(GetPidl(0), GetPidl(count));
|
||||
if (pidl) {
|
||||
|
||||
hr = pSHGetPathFromIDList(pidl, path);
|
||||
if (SUCCEEDED(hr)) {
|
||||
ok = pSHGetPathFromIDList(pidl, path);
|
||||
if (ok) {
|
||||
|
||||
hFile = CreateFileW(path,
|
||||
GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING,
|
||||
|
@ -1128,8 +1128,8 @@ _FX HGLOBAL XDataObject::InitFormatIdList(HGLOBAL hData)
|
|||
// get the pidl for the parent folder in the sandbox
|
||||
//
|
||||
|
||||
hr = pSHGetPathFromIDList(GetPidl(0), path);
|
||||
if (! SUCCEEDED(hr))
|
||||
ok = pSHGetPathFromIDList(GetPidl(0), path);
|
||||
if (!ok)
|
||||
goto finish;
|
||||
|
||||
hFile = CreateFileW(path,
|
||||
|
@ -1153,8 +1153,8 @@ _FX HGLOBAL XDataObject::InitFormatIdList(HGLOBAL hData)
|
|||
LPCITEMIDLIST pidl = pILCombine(GetPidl(0), GetPidl(1));
|
||||
if (pidl) {
|
||||
|
||||
hr = pSHGetPathFromIDList(pidl, path);
|
||||
if (SUCCEEDED(hr)) {
|
||||
ok = pSHGetPathFromIDList(pidl, path);
|
||||
if (ok) {
|
||||
|
||||
hFile = CreateFileW(path,
|
||||
GENERIC_WRITE, FILE_SHARE_VALID_FLAGS, NULL,
|
||||
|
@ -1188,6 +1188,7 @@ _FX HGLOBAL XDataObject::InitFormatIdList(HGLOBAL hData)
|
|||
|
||||
SbieDll_TranslateNtToDosPath(path);
|
||||
|
||||
HRESULT hr;
|
||||
LPITEMIDLIST pidl;
|
||||
ULONG flags = 0;
|
||||
hr = pSHILCreateFromPath(path, &pidl, &flags);
|
||||
|
|
|
@ -737,11 +737,11 @@ _FX BOOL Proc_CreateAppContainerToken(
|
|||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Proc_FindArgumentEnd
|
||||
// SbieDll_FindArgumentEnd
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX const WCHAR* Proc_FindArgumentEnd(const WCHAR* arguments)
|
||||
_FX const WCHAR* SbieDll_FindArgumentEnd(const WCHAR* arguments)
|
||||
{
|
||||
//
|
||||
// when suplying: "aaaa \"bb cc\"ddd\"e\\"f\" gg hh \\"ii \"jjjj kkkk"
|
||||
|
@ -1206,7 +1206,7 @@ _FX BOOL Proc_CreateProcessInternalW(
|
|||
|
||||
const WCHAR* lpArguments = NULL;
|
||||
if (lpCommandLine)
|
||||
lpArguments = Proc_FindArgumentEnd(lpCommandLine);
|
||||
lpArguments = SbieDll_FindArgumentEnd(lpCommandLine);
|
||||
|
||||
WCHAR *mybuf = Dll_Alloc((wcslen(lpApplicationName) + 2 + (lpArguments ? wcslen(lpArguments) + 8192 : 0) + 1) * sizeof(WCHAR));
|
||||
if (mybuf) {
|
||||
|
@ -1232,7 +1232,7 @@ _FX BOOL Proc_CreateProcessInternalW(
|
|||
WCHAR* temp = Dll_Alloc(sizeof(WCHAR) * 8192);
|
||||
|
||||
for (const WCHAR* ptr = lpArguments; *ptr != L'\0';) {
|
||||
WCHAR* end = (WCHAR*)Proc_FindArgumentEnd(ptr);
|
||||
WCHAR* end = (WCHAR*)SbieDll_FindArgumentEnd(ptr);
|
||||
ULONG len = (ULONG)(end - ptr);
|
||||
if (len > 0) {
|
||||
WCHAR savechar = *end;
|
||||
|
@ -2271,7 +2271,14 @@ _FX NTSTATUS Proc_NtCreateUserProcess(
|
|||
|
||||
if (TlsData->proc_image_path && ProcessParameters && ProcessParameters->CommandLine.Buffer) {
|
||||
|
||||
Proc_FixBatchCommandLine(TlsData, ProcessParameters->CommandLine.Buffer, TlsData->proc_image_path);
|
||||
//Proc_FixBatchCommandLine(TlsData, ProcessParameters->CommandLine.Buffer, TlsData->proc_image_path);
|
||||
|
||||
WCHAR *cmd = Dll_Alloc(ProcessParameters->CommandLine.Length + sizeof(WCHAR));
|
||||
wcscpy(cmd, ProcessParameters->CommandLine.Buffer);
|
||||
|
||||
if (TlsData->proc_command_line)
|
||||
Dll_Free(TlsData->proc_command_line);
|
||||
TlsData->proc_command_line = cmd;
|
||||
}
|
||||
|
||||
NtClose(FileHandle);
|
||||
|
@ -2391,7 +2398,7 @@ _FX BOOLEAN SbieDll_RunFromHome(
|
|||
|
||||
len = MAX_PATH * 2 + wcslen(pgmName);
|
||||
if (pgmArgs)
|
||||
len += wcslen(pgmArgs);
|
||||
len += 1 + wcslen(pgmArgs);
|
||||
path = Dll_AllocTemp(len * sizeof(WCHAR));
|
||||
|
||||
ptr = wcsrchr(pgmName, L'.');
|
||||
|
|
|
@ -667,7 +667,7 @@ _FX ULONG64 SbieApi_QueryProcessInfoEx(
|
|||
|
||||
|
||||
_FX LONG SbieApi_QueryBoxPath(
|
||||
const WCHAR *box_name, // WCHAR [34]
|
||||
const WCHAR *box_name, // WCHAR [BOXNAME_COUNT]
|
||||
WCHAR *out_file_path,
|
||||
WCHAR *out_key_path,
|
||||
WCHAR *out_ipc_path,
|
||||
|
@ -828,7 +828,7 @@ _FX LONG SbieApi_QueryPathList(
|
|||
|
||||
|
||||
_FX LONG SbieApi_EnumProcessEx(
|
||||
const WCHAR *box_name, // WCHAR [34]
|
||||
const WCHAR *box_name, // WCHAR [BOXNAME_COUNT]
|
||||
BOOLEAN all_sessions,
|
||||
ULONG which_session, // -1 for current session
|
||||
ULONG *boxed_pids, // ULONG [512]
|
||||
|
@ -1432,7 +1432,7 @@ _FX ULONG SbieApi_QueryConfNumber(
|
|||
|
||||
_FX LONG SbieApi_EnumBoxes(
|
||||
LONG index, // initialize to -1
|
||||
WCHAR *box_name) // WCHAR [34]
|
||||
WCHAR *box_name) // WCHAR [BOXNAME_COUNT]
|
||||
{
|
||||
return SbieApi_EnumBoxesEx(index, box_name, FALSE);
|
||||
}
|
||||
|
@ -1445,7 +1445,7 @@ _FX LONG SbieApi_EnumBoxes(
|
|||
|
||||
_FX LONG SbieApi_EnumBoxesEx(
|
||||
LONG index, // initialize to -1
|
||||
WCHAR *box_name, // WCHAR [34]
|
||||
WCHAR *box_name, // WCHAR [BOXNAME_COUNT]
|
||||
BOOLEAN return_all_sections)
|
||||
{
|
||||
LONG rc;
|
||||
|
@ -1738,7 +1738,7 @@ _FX LONG SbieApi_SessionLeader(HANDLE TokenHandle, HANDLE *ProcessId)
|
|||
|
||||
|
||||
_FX LONG SbieApi_IsBoxEnabled(
|
||||
const WCHAR *box_name) // WCHAR [34]
|
||||
const WCHAR *box_name) // WCHAR [BOXNAME_COUNT]
|
||||
{
|
||||
NTSTATUS status;
|
||||
__declspec(align(8)) ULONG64 parms[API_NUM_ARGS];
|
||||
|
|
|
@ -233,6 +233,8 @@ SBIEDLL_EXPORT BOOLEAN SbieDll_GetBorderColor(const WCHAR* box_name, COLORREF*
|
|||
|
||||
SBIEDLL_EXPORT BOOLEAN SbieDll_IsReservedFileName(const WCHAR* name);
|
||||
|
||||
SBIEDLL_EXPORT const WCHAR* SbieDll_FindArgumentEnd(const WCHAR* arguments);
|
||||
|
||||
SBIEDLL_EXPORT void DbgPrint(const char* format, ...);
|
||||
SBIEDLL_EXPORT void DbgTrace(const char* format, ...);
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
* Copyright 2020-2021 David Xanatos, xanasoft.com
|
||||
* Copyright 2020-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -219,7 +219,7 @@ _FX HANDLE Scm_CreateWaitableTimerW(
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX VOID Scm_TokenCloseHandler(HANDLE Handle)
|
||||
_FX VOID Scm_TokenCloseHandler(HANDLE Handle, void* CloseParams)
|
||||
{
|
||||
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
|
||||
|
||||
|
@ -241,7 +241,7 @@ _FX BOOL Scm_OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE
|
|||
|
||||
if (NT_SUCCESS(status) && ProcessHandle == GetCurrentProcess()) {
|
||||
|
||||
Handle_RegisterCloseHandler(*phTokenOut, Scm_TokenCloseHandler);
|
||||
Handle_RegisterHandler(*phTokenOut, Scm_TokenCloseHandler, NULL, FALSE);
|
||||
TlsData->scm_last_own_token = *phTokenOut;
|
||||
}
|
||||
|
||||
|
@ -262,7 +262,7 @@ _FX BOOL Scm_OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL Open
|
|||
|
||||
if (NT_SUCCESS(status) && ThreadHandle == GetCurrentThread()) {
|
||||
|
||||
Handle_RegisterCloseHandler(*phTokenOut, Scm_TokenCloseHandler);
|
||||
Handle_RegisterHandler(*phTokenOut, Scm_TokenCloseHandler, NULL, FALSE);
|
||||
TlsData->scm_last_own_token = *phTokenOut;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
/*
|
||||
* Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
* Copyright 2020-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -738,7 +739,7 @@ _FX NTSTATUS Secure_NtDuplicateObject(
|
|||
}
|
||||
|
||||
if (SourceHandle)
|
||||
Key_NtClose(SourceHandle);
|
||||
Key_NtClose(SourceHandle, NULL);
|
||||
}
|
||||
|
||||
//
|
||||
|
|
|
@ -105,10 +105,6 @@ _FX int Trace_Init(void)
|
|||
|
||||
|
||||
OutputDebugString(L"SbieDll injected...\n");
|
||||
for (int i = 0; i < 16; i++) {
|
||||
if (SbieApi_data->DebugData[i] != 0)
|
||||
DbgPrint("DebugData[%d]: %p\n", i, (UINT_PTR)SbieApi_data->DebugData[i]);
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
|
|
|
@ -30,6 +30,7 @@
|
|||
#include "session.h"
|
||||
#include "common/my_version.h"
|
||||
#include "log_buff.h"
|
||||
#include "verify.h"
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -1325,7 +1326,7 @@ _FX NTSTATUS Api_QueryDriverInfo(PROCESS* proc, ULONG64* parms)
|
|||
FeatureFlags |= SBIE_FEATURE_FLAG_WIN32K_HOOK;
|
||||
#endif
|
||||
|
||||
if (Driver_Certified) {
|
||||
if (CERT_IS_LEVEL(Verify_CertInfo, eCertStandard)) {
|
||||
|
||||
FeatureFlags |= SBIE_FEATURE_FLAG_CERTIFIED;
|
||||
|
||||
|
@ -1342,14 +1343,13 @@ _FX NTSTATUS Api_QueryDriverInfo(PROCESS* proc, ULONG64* parms)
|
|||
}
|
||||
else if (args->info_class.val == -1) {
|
||||
|
||||
extern ULONGLONG Verify_CertInfo;
|
||||
if (args->info_len.val >= sizeof(ULONGLONG)) {
|
||||
ULONGLONG* data = args->info_data.val;
|
||||
*data = Verify_CertInfo;
|
||||
*data = Verify_CertInfo.State;
|
||||
}
|
||||
else if (args->info_len.val == sizeof(ULONG)) {
|
||||
ULONG* data = args->info_data.val;
|
||||
*data = (ULONG)(Verify_CertInfo & 0xFFFFFFFF); // drop optional data
|
||||
*data = (ULONG)(Verify_CertInfo.State & 0xFFFFFFFF); // drop optional data
|
||||
}
|
||||
else
|
||||
status = STATUS_BUFFER_TOO_SMALL;
|
||||
|
|
|
@ -1508,7 +1508,7 @@ _FX NTSTATUS Conf_Api_Reload(PROCESS *proc, ULONG64 *parms)
|
|||
/*
|
||||
#ifdef HOOK_WIN32K
|
||||
// must be windows 10 or later
|
||||
if (Driver_OsBuild >= 10041) {
|
||||
if (Driver_OsBuild >= 14393) {
|
||||
extern ULONG Syscall_MaxIndex32;
|
||||
if (Conf_Get_Boolean(NULL, L"EnableWin32kHooks", 0, FALSE) && Syscall_MaxIndex32 == 0) {
|
||||
if(Syscall_Init_List32()){
|
||||
|
|
|
@ -38,6 +38,7 @@
|
|||
#include "thread.h"
|
||||
#include "wfp.h"
|
||||
#include "common/my_version.h"
|
||||
#include "verify.h"
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -755,7 +756,7 @@ _FX PROCESS *Process_Create(
|
|||
// check certificate
|
||||
//
|
||||
|
||||
if (!Driver_Certified && !proc->image_sbie) {
|
||||
if (!CERT_IS_LEVEL(Verify_CertInfo, eCertStandard) && !proc->image_sbie) {
|
||||
|
||||
const WCHAR* exclusive_setting = NULL;
|
||||
if (proc->use_security_mode)
|
||||
|
@ -1209,7 +1210,7 @@ _FX BOOLEAN Process_NotifyProcess_Create(
|
|||
BOX* breakout_box = NULL;
|
||||
|
||||
if (box && Process_IsBreakoutProcess(box, ImagePath)) {
|
||||
if(!Driver_Certified)
|
||||
if(!CERT_IS_LEVEL(Verify_CertInfo, eCertStandard))
|
||||
Log_Msg_Process(MSG_6004, box->name, L"BreakoutProcess", box->session_id, CallerId);
|
||||
else {
|
||||
UNICODE_STRING image_uni;
|
||||
|
|
|
@ -212,9 +212,23 @@ _FX NTSTATUS Process_Api_Query(PROCESS *proc, ULONG64 *parms)
|
|||
// this is the first SbieApi call by SbieDll
|
||||
//
|
||||
|
||||
if (proc)
|
||||
if (proc && !proc->sbiedll_loaded) {
|
||||
|
||||
proc->sbiedll_loaded = TRUE;
|
||||
|
||||
//
|
||||
// On windows 10 it was observed that the PCA service is assigning its job
|
||||
// after sandboxie's job was already assigned, so we re check here,
|
||||
// and when needed restart the process from the sbiedll outside a PCA job.
|
||||
//
|
||||
|
||||
if (proc->forced_process && Driver_OsVersion >= DRIVER_WINDOWS_10) {
|
||||
|
||||
if (Process_IsInPcaJob(proc->pid))
|
||||
proc->in_pca_job = TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// if a ProcessId was specified, then locate and lock the matching
|
||||
// process. ProcessId must be specified if the caller is not sandboxed
|
||||
|
|
|
@ -147,7 +147,7 @@ _FX BOOLEAN Syscall_Init(void)
|
|||
return FALSE;
|
||||
|
||||
#ifdef HOOK_WIN32K
|
||||
if (Driver_OsBuild >= 10041 && Conf_Get_Boolean(NULL, L"EnableWin32kHooks", 0, TRUE)) {
|
||||
if (Driver_OsBuild >= 14393 && Conf_Get_Boolean(NULL, L"EnableWin32kHooks", 0, TRUE)) {
|
||||
|
||||
if (!Syscall_Init_List32())
|
||||
return FALSE;
|
||||
|
@ -711,7 +711,7 @@ _FX NTSTATUS Syscall_Api_Invoke(PROCESS *proc, ULONG64 *parms)
|
|||
if (pTrapFrame) {
|
||||
ret = pTrapFrame->Rip;
|
||||
UserStack = pTrapFrame->Rsp;
|
||||
pTrapFrame->Rsp = pTrapFrame->Rbp; //*pRbp;
|
||||
pTrapFrame->Rsp = pTrapFrame->Rdi; //*pRbp;
|
||||
pTrapFrame->Rip = pTrapFrame->Rbx; //*pRbx;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -554,7 +554,7 @@ _FX NTSTATUS Syscall_Api_Invoke32(PROCESS* proc, ULONG64* parms)
|
|||
if (pTrapFrame) {
|
||||
ret = pTrapFrame->Rip;
|
||||
UserStack = pTrapFrame->Rsp;
|
||||
pTrapFrame->Rsp = pTrapFrame->Rbp; //*pRbp;
|
||||
pTrapFrame->Rsp = pTrapFrame->Rdi; //*pRbp;
|
||||
pTrapFrame->Rip = pTrapFrame->Rbx; //*pRbx;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -377,16 +377,12 @@ _FX BOOLEAN MyIsCallerSigned(void)
|
|||
// MyValidateCertificate
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
BOOLEAN Driver_Certified = FALSE;
|
||||
|
||||
NTSTATUS KphValidateCertificate();
|
||||
|
||||
_FX NTSTATUS MyValidateCertificate(void)
|
||||
{
|
||||
NTSTATUS status = KphValidateCertificate();
|
||||
|
||||
Driver_Certified = NT_SUCCESS(status);
|
||||
|
||||
if (status == STATUS_ACCOUNT_EXPIRED)
|
||||
status = STATUS_SUCCESS;
|
||||
|
||||
|
|
|
@ -124,6 +124,4 @@ ULONG Util_CaptureStack(_Out_ PVOID* Frames, _In_ ULONG Count);
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
extern BOOLEAN Driver_Certified;
|
||||
|
||||
#endif // _MY_UTIL_H
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Copyright (C) 2016 wj32
|
||||
* Copyright (C) 2021 David Xanatos, xanasoft.com
|
||||
* Copyright (C) 2021-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* Process Hacker is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -481,27 +481,11 @@ _FX LONGLONG KphGetDateInterval(CSHORT days, CSHORT months, CSHORT years)
|
|||
return ((LONGLONG)days + (LONGLONG)months * 30ll + (LONGLONG)years * 365ll) * 24ll * 3600ll * 10000000ll; // 100ns steps -> 1sec
|
||||
}
|
||||
|
||||
#define SOFTWARE_NAME L"Sandboxie-Plus"
|
||||
#include "verify.h"
|
||||
|
||||
union _SCertInfo {
|
||||
ULONGLONG State;
|
||||
struct {
|
||||
ULONG
|
||||
valid : 1, // certificate is active
|
||||
expired : 1, // certificate is expired but may be active
|
||||
outdated : 1, // certificate is expired, not anymore valid for the current build
|
||||
business : 1, // certificate is suitable for business use
|
||||
evaluation: 1, // evaluation certificate
|
||||
grace_period: 1, // the certificate is expired and or outdated but we keep it valid for 1 extra month to allof wor a seamless renewal
|
||||
reservd_1 : 2,
|
||||
reservd_2 : 8,
|
||||
reservd_3 : 8,
|
||||
reservd_4 : 8;
|
||||
ULONG expirers_in_sec;
|
||||
};
|
||||
} Verify_CertInfo = {0};
|
||||
SCertInfo Verify_CertInfo = { 0 };
|
||||
|
||||
_FX NTSTATUS KphValidateCertificate(void)
|
||||
_FX NTSTATUS KphValidateCertificate()
|
||||
{
|
||||
BOOLEAN CertDbg = FALSE;
|
||||
|
||||
|
@ -689,7 +673,7 @@ _FX NTSTATUS KphValidateCertificate(void)
|
|||
|
||||
if (NT_SUCCESS(status)) {
|
||||
|
||||
Verify_CertInfo.valid = 1;
|
||||
Verify_CertInfo.active = 1;
|
||||
|
||||
if(CertDbg) DbgPrint("Sbie Cert type: %S-%S\n", type, level);
|
||||
|
||||
|
@ -722,89 +706,115 @@ _FX NTSTATUS KphValidateCertificate(void)
|
|||
level = NULL;
|
||||
}
|
||||
|
||||
// Checks if the certificate is within its validity period, otherwise it has no effect except for UI notification
|
||||
#define TEST_CERT_DATE(days, months, years) \
|
||||
if ((cert_date.QuadPart + KphGetDateInterval(days, months, years)) < LocalTime.QuadPart){ \
|
||||
Verify_CertInfo.expired = 1; \
|
||||
} \
|
||||
Verify_CertInfo.expirers_in_sec = (ULONG)(((cert_date.QuadPart + KphGetDateInterval(days, months, years)) - LocalTime.QuadPart) / 10000000ll); // 100ns steps -> 1sec
|
||||
LARGE_INTEGER expiration_date = { 0 };
|
||||
|
||||
// certs with a validity >= 3 months get 1 extra month of functionality
|
||||
#define TEST_GRACE_PERIODE(days, months, years) \
|
||||
if (months >= 3 || years > 0){ \
|
||||
if ((cert_date.QuadPart + KphGetDateInterval(days, months + 1, years)) >= LocalTime.QuadPart) \
|
||||
Verify_CertInfo.grace_period = 1; \
|
||||
} \
|
||||
if (!type) // type is mandatory
|
||||
;
|
||||
else if (_wcsicmp(type, L"CONTRIBUTOR") == 0) {
|
||||
Verify_CertInfo.type = eCertContributor;
|
||||
Verify_CertInfo.level = eCertMaxLevel;
|
||||
} else if (_wcsicmp(type, L"ETERNAL") == 0) {
|
||||
Verify_CertInfo.type = eCertEternal;
|
||||
Verify_CertInfo.level = eCertMaxLevel;
|
||||
} else if (_wcsicmp(type, L"BUSINESS") == 0)
|
||||
Verify_CertInfo.type = eCertBusiness;
|
||||
else if (_wcsicmp(type, L"EVALUATION") == 0 || _wcsicmp(type, L"TEST") == 0)
|
||||
Verify_CertInfo.type = eCertEvaluation;
|
||||
else if (_wcsicmp(type, L"SUBSCRIPTION") == 0)
|
||||
Verify_CertInfo.type = eCertSubscription;
|
||||
else if (_wcsicmp(type, L"FAMILY") == 0)
|
||||
Verify_CertInfo.type = eCertFamily;
|
||||
// patreon >>>
|
||||
else if (wcsstr(type, L"PATREON") != NULL) // TYPE: [CLASS]_PATREON-[LEVEL]
|
||||
{
|
||||
if(_wcsnicmp(type, L"GREAT", 5) == 0)
|
||||
Verify_CertInfo.type = eCertGreatPatreon;
|
||||
else if (_wcsnicmp(type, L"ENTRY", 5) == 0) { // new patreons get only 3 montgs for start
|
||||
Verify_CertInfo.type = eCertEntryPatreon;
|
||||
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 3, 0);
|
||||
} else
|
||||
Verify_CertInfo.type = eCertPatreon;
|
||||
|
||||
// Check if the certificate is valid for the current build, failing this locks features out
|
||||
#define TEST_VALIDITY(days, months, years) \
|
||||
TEST_CERT_DATE(days, months, years) \
|
||||
if ((cert_date.QuadPart + KphGetDateInterval(days, months, years)) < BuildDate.QuadPart){ \
|
||||
Verify_CertInfo.outdated = 1; \
|
||||
TEST_GRACE_PERIODE(days, months, years) \
|
||||
if(!Verify_CertInfo.grace_period){ \
|
||||
Verify_CertInfo.valid = 0; \
|
||||
status = STATUS_ACCOUNT_EXPIRED; \
|
||||
} \
|
||||
}
|
||||
// <<< patreon
|
||||
else //if (_wcsicmp(type, L"PERSONAL") == 0 || _wcsicmp(type, L"SUPPORTER") == 0)
|
||||
{
|
||||
Verify_CertInfo.type = eCertPersonal;
|
||||
}
|
||||
|
||||
// Check if the certificate is expired, failing this locks features out
|
||||
#define TEST_EXPIRATION(days, months, years) \
|
||||
TEST_CERT_DATE(days, months, years) \
|
||||
if(Verify_CertInfo.expired == 1) { \
|
||||
TEST_GRACE_PERIODE(days, months, years) \
|
||||
if(!Verify_CertInfo.grace_period){ \
|
||||
Verify_CertInfo.valid = 0; \
|
||||
status = STATUS_ACCOUNT_EXPIRED; \
|
||||
} \
|
||||
}
|
||||
if(CertDbg) DbgPrint("Sbie Cert type: %X\n", Verify_CertInfo.type);
|
||||
|
||||
|
||||
if (type && _wcsicmp(type, L"CONTRIBUTOR") == 0) {
|
||||
// forever - nothing to check here
|
||||
if (CERT_IS_TYPE(Verify_CertInfo, eCertEvaluation))
|
||||
{
|
||||
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval((CSHORT)(level ? _wtoi(level) : 7), 0, 0); // x days, default 7
|
||||
Verify_CertInfo.level = eCertAdvanced;
|
||||
}
|
||||
else if (type && _wcsicmp(type, L"BUSINESS") == 0) {
|
||||
Verify_CertInfo.business = 1;
|
||||
if (level) { // in months
|
||||
TEST_EXPIRATION(0, (CSHORT)_wtoi(level), 0);
|
||||
}
|
||||
else { // 1 year default
|
||||
TEST_EXPIRATION(0, 0, 1);
|
||||
}
|
||||
}
|
||||
else if (type && _wcsicmp(type, L"EVALUATION") == 0) {
|
||||
Verify_CertInfo.evaluation = 1;
|
||||
// evaluation
|
||||
if (level) { // in days
|
||||
TEST_EXPIRATION((CSHORT)_wtoi(level), 0, 0);
|
||||
}
|
||||
else { // 5 days default
|
||||
TEST_EXPIRATION(5, 0, 0);
|
||||
}
|
||||
}
|
||||
else /*if (!type || _wcsicmp(type, L"PERSONAL") == 0 || _wcsicmp(type, L"PATREON") == 0 || _wcsicmp(type, L"SUPPORTER") == 0) */ {
|
||||
// persistent
|
||||
else if (level && _wcsicmp(type, L"STANDARD") == 0)
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
else if (level && _wcsicmp(type, L"ADVANCED") == 0)
|
||||
Verify_CertInfo.level = eCertAdvanced;
|
||||
// scheme 1.1 >>>
|
||||
else if (CERT_IS_TYPE(Verify_CertInfo, eCertPersonal) || CERT_IS_TYPE(Verify_CertInfo, eCertPatreon))
|
||||
{
|
||||
if (level && _wcsicmp(level, L"HUGE") == 0) {
|
||||
//
|
||||
Verify_CertInfo.type = eCertEternal;
|
||||
Verify_CertInfo.level = eCertMaxLevel;
|
||||
}
|
||||
else if (level && _wcsicmp(level, L"LARGE") == 0 && cert_date.QuadPart < KphGetDate(1,04,2022)) { // valid for all builds released with 2 years
|
||||
TEST_CERT_DATE(0, 0, 2); // no real expiration just ui reminder - old certs
|
||||
else if (level && _wcsicmp(level, L"LARGE") == 0) { // 2 years - personal
|
||||
Verify_CertInfo.level = eCertAdvanced;
|
||||
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 0, 2); // 2 years
|
||||
}
|
||||
else if (level && _wcsicmp(level, L"LARGE") == 0) { // valid for all builds released with 2 years
|
||||
TEST_VALIDITY(0, 0, 2);
|
||||
else if (level && _wcsicmp(level, L"MEDIUM") == 0) { // 1 year - personal
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
}
|
||||
else if (level && _wcsicmp(level, L"MEDIUM") == 0) { // valid for all builds released with 1 year
|
||||
TEST_VALIDITY(0, 0, 1);
|
||||
else if (level && _wcsicmp(level, L"ENTRY") == 0) { // PATREON-ENTRY new patreons get only 3 montgs for start
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
if(CERT_IS_TYPE(Verify_CertInfo, eCertPatreon))
|
||||
Verify_CertInfo.type = eCertEntryPatreon;
|
||||
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 3, 0);
|
||||
}
|
||||
// subscriptions
|
||||
else if (level && _wcsicmp(level, L"TEST") == 0) { // test certificate 5 days only
|
||||
TEST_EXPIRATION(5, 0, 0);
|
||||
else if (level && _wcsicmp(level, L"SMALL") == 0) { // 1 year - subscription
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
Verify_CertInfo.type = eCertSubscription;
|
||||
}
|
||||
else if (level && _wcsicmp(level, L"ENTRY") == 0) { // patreon entry level, first 3 months, later longer
|
||||
TEST_EXPIRATION(0, 3, 0);
|
||||
else
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
}
|
||||
else /*if (!level || _wcsicmp(level, L"SMALL") == 0)*/ { // valid for 1 year
|
||||
TEST_EXPIRATION(0, 0, 1);
|
||||
// <<< scheme 1.1
|
||||
|
||||
if(CertDbg) DbgPrint("Sbie Cert level: %X\n", Verify_CertInfo.level);
|
||||
|
||||
if (CERT_IS_TYPE(Verify_CertInfo, eCertEternal))
|
||||
expiration_date.QuadPart = -1; // at the end of time (never)
|
||||
else if(!expiration_date.QuadPart)
|
||||
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 0, 1); // default 1 year, unless set differently already
|
||||
|
||||
// check if this is a subscription type certificate
|
||||
BOOLEAN isSubscription = CERT_IS_SUBSCRIPTION(Verify_CertInfo);
|
||||
|
||||
if (expiration_date.QuadPart != -1)
|
||||
{
|
||||
// check if this certificate is expired
|
||||
if (expiration_date.QuadPart < LocalTime.QuadPart)
|
||||
Verify_CertInfo.expired = 1;
|
||||
Verify_CertInfo.expirers_in_sec = (ULONG)((expiration_date.QuadPart - LocalTime.QuadPart) / 10000000ll); // 100ns steps -> 1sec
|
||||
|
||||
// check if a non subscription type certificate is valid for the current build
|
||||
if (!isSubscription && expiration_date.QuadPart < BuildDate.QuadPart)
|
||||
Verify_CertInfo.outdated = 1;
|
||||
}
|
||||
|
||||
// check if the certificate is valid
|
||||
if (isSubscription ? Verify_CertInfo.expired : Verify_CertInfo.outdated)
|
||||
{
|
||||
if (!CERT_IS_TYPE(Verify_CertInfo, eCertEvaluation)) { // non eval certs get 1 month extra
|
||||
if (expiration_date.QuadPart + KphGetDateInterval(0, 1, 0) >= LocalTime.QuadPart)
|
||||
Verify_CertInfo.grace_period = 1;
|
||||
}
|
||||
|
||||
if (!Verify_CertInfo.grace_period) {
|
||||
Verify_CertInfo.active = 0;
|
||||
status = STATUS_ACCOUNT_EXPIRED;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,90 @@
|
|||
/*
|
||||
* Copyright (C) 2021-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* Process Hacker is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Process Hacker is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with Process Hacker. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#define SOFTWARE_NAME L"Sandboxie-Plus"
|
||||
|
||||
typedef union _SCertInfo {
|
||||
unsigned long long State;
|
||||
struct {
|
||||
unsigned long
|
||||
active : 1, // certificate is active
|
||||
expired : 1, // certificate is expired but may be active
|
||||
outdated : 1, // certificate is expired, not anymore valid for the current build
|
||||
unused_1 : 2, // DEPRECATED
|
||||
grace_period: 1, // the certificate is expired and or outdated but we keep it valid for 1 extra month to allof wor a seamless renewal
|
||||
reservd_2 : 2,
|
||||
|
||||
type : 5,
|
||||
level : 3,
|
||||
|
||||
reservd_3 : 8,
|
||||
|
||||
reservd_4 : 8;
|
||||
|
||||
unsigned long expirers_in_sec;
|
||||
};
|
||||
} SCertInfo;
|
||||
|
||||
enum ECertType {
|
||||
eCertNoType = 0b00000,
|
||||
|
||||
eCertEternal = 0b00100,
|
||||
eCertContributor = 0b00101,
|
||||
// eCert = 0b00110,
|
||||
// eCert = 0b00111,
|
||||
|
||||
eCertBusiness = 0b01000,
|
||||
// eCert = 0b01001,
|
||||
// eCert = 0b01010,
|
||||
// eCert = 0b01011,
|
||||
|
||||
eCertPersonal = 0b01100,
|
||||
// eCert = 0b01101,
|
||||
// eCert = 0b01110,
|
||||
// eCert = 0b01111,
|
||||
|
||||
eCertSubscription = 0b10000,
|
||||
eCertFamily = 0b10001,
|
||||
// eCert = 0b10010,
|
||||
// eCert = 0b10011,
|
||||
|
||||
// eCertOther = 0b10100,
|
||||
// eCert = 0b10101,
|
||||
// eCert = 0b10110,
|
||||
// eCert = 0b10111,
|
||||
|
||||
eCertPatreon = 0b11000,
|
||||
eCertGreatPatreon = 0b11001,
|
||||
eCertEntryPatreon = 0b11010,
|
||||
// eCert = 0b11011,
|
||||
|
||||
eCertEvaluation = 0b11100
|
||||
};
|
||||
|
||||
enum ECertLevel {
|
||||
eCertNoLevel = 0b000,
|
||||
eCertStandard = 0b010,
|
||||
eCertAdvanced = 0b100,
|
||||
eCertMaxLevel = 0b111,
|
||||
};
|
||||
|
||||
#define CERT_IS_TYPE(cert,t) ((cert.type & 0b11100) == t)
|
||||
#define CERT_IS_SUBSCRIPTION(cert) (CERT_IS_TYPE(cert, eCertBusiness) || CERT_IS_TYPE(cert, eCertSubscription) || cert.type == eCertEntryPatreon || CERT_IS_TYPE(cert, eCertEvaluation))
|
||||
#define CERT_IS_INSIDER(cert) (CERT_IS_TYPE(cert, eCertEternal) || cert.type == eCertGreatPatreon)
|
||||
#define CERT_IS_LEVEL(cert,l) (Verify_CertInfo.active && cert.level >= l)
|
||||
|
||||
extern SCertInfo Verify_CertInfo;
|
|
@ -159,11 +159,6 @@
|
|||
<ItemGroup>
|
||||
<ClCompile Include="init.c" />
|
||||
<ClCompile Include="inject.c" />
|
||||
<ClCompile Include="lowlevel_code.c">
|
||||
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">true</ExcludedFromBuild>
|
||||
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|ARM64'">true</ExcludedFromBuild>
|
||||
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">true</ExcludedFromBuild>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="lowdata.h" />
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
;------------------------------------------------------------------------
|
||||
; Copyright 2022 David Xanatos, xanasoft.com
|
||||
; Copyright 2022-2023 David Xanatos, xanasoft.com
|
||||
;
|
||||
; This program is free software: you can redistribute it and/or modify
|
||||
; it under the terms of the GNU General Public License as published by
|
||||
|
@ -19,6 +19,8 @@
|
|||
|
||||
IMPORT EntrypointC
|
||||
|
||||
IMPORT DetourFunc
|
||||
|
||||
;EXPORT ServiceDataPtr
|
||||
EXPORT SystemServiceARM64
|
||||
|
||||
|
@ -251,7 +253,7 @@ DeviceIoControlSvc
|
|||
|
||||
|
||||
;----------------------------------------------------------------------------
|
||||
; RtlFindActivationContextSectionString detour code
|
||||
; detour code loading SbieDll.dll
|
||||
;----------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
@ -273,102 +275,25 @@ DetourCodeARM64 PROC
|
|||
ldr x19, InjectDataPtr ; x19 -> inject data area
|
||||
|
||||
;
|
||||
; reatore RtlFindActCtx, copy 16 bytes
|
||||
; call DetourFunc
|
||||
;
|
||||
|
||||
add x8, x19, #0x20 ; [x19].InjectData.RtlFindActCtx
|
||||
ldr x9, [x8]
|
||||
ldp w10, w11, [x19, #0x2C] ; [x19].InjectData.RtlFindActCtx_Bytes
|
||||
stp w10, w11, [x9, #0x00]
|
||||
ldp w10, w11, [x19, #0x34] ; [x19].InjectData.RtlFindActCtx_Bytes + 8
|
||||
stp w10, w11, [x9, #0x08]
|
||||
mov x0, x19 ; [x19].InjectData
|
||||
bl DetourFunc
|
||||
|
||||
ldr x0, =0xFFFFFFFFFFFFFFFF ; ProcessHandle
|
||||
mov x1, x9 ; BaseAddress
|
||||
mov x2, #0x10 ; NumberOfBytesToFlush
|
||||
|
||||
;ldr x8, [x19, 0x70] ; [x19].InjectData.NtFlushInstructionCache
|
||||
ldr x9, [x19] ; [x19].InjectData.SBIELOW_DATA
|
||||
add x8, x9, 0xA0 ; SBIELOW_DATA.NtFlushInstructionCache_code
|
||||
blr x8
|
||||
; cmp x0, #0x00
|
||||
; bne DetourError
|
||||
|
||||
;
|
||||
; call LdrLoadDll for kernel32
|
||||
; resume execution or original function
|
||||
;
|
||||
|
||||
mov x20, #0x10 ; retry count
|
||||
|
||||
LdrLoadRetry
|
||||
mov x0, #0x00 ; PathToFile
|
||||
mov x1, #0x00 ; Flags
|
||||
add x2, x19, 0x40 ; [x19].InjectData.KernelDll_Unicode
|
||||
add x3, x19, 0x60 ; [x19].InjectData.ModuleHandle
|
||||
|
||||
ldr x8, [x19, 0x08] ; [x19].InjectData.LdrLoadDll
|
||||
blr x8
|
||||
|
||||
cmp x0, #0x00
|
||||
beq LdrLoadGood
|
||||
sub x20, x20, #0x01
|
||||
cmp x20, #0x00
|
||||
bne LdrLoadRetry
|
||||
b RtlFindActivationContextSectionStringError
|
||||
|
||||
LdrLoadGood
|
||||
;
|
||||
; call LdrLoadDll for sbiedll
|
||||
;
|
||||
|
||||
mov x0, #0x00 ; PathToFile
|
||||
mov x1, #0x00 ; Flags
|
||||
add x2, x19, 0x50 ; [x19].InjectData.SbieDll_Unicode
|
||||
add x3, x19, 0x60 ; [x19].InjectData.ModuleHandle
|
||||
|
||||
ldr x8, [x19, 0x08] ; [x19].InjectData.LdrLoadDll
|
||||
blr x8
|
||||
cmp x0, #0x00
|
||||
bne RtlFindActivationContextSectionStringError
|
||||
|
||||
;
|
||||
; call the custom MyGetProcedureAddress implemented in c
|
||||
; which calls LdrGetProcedureAddress for sbiedll ordinal 1,
|
||||
; this forces ntdll to initialize sbiedll and returns the address to call
|
||||
;
|
||||
; in ARM64EC mode it returns the native function address instead of the FFS sequence
|
||||
;
|
||||
|
||||
ldr x0, [x19, 0x60] ; [x19].InjectData.ModuleHandle
|
||||
mov x1, #0x00 ; FunctionName
|
||||
mov x2, #0x01 ; Ordinal
|
||||
add x3, x19, 0x68 ; [x19].InjectData.SbieDllOrdinal1
|
||||
mov x4, x19 ; [x19].InjectData
|
||||
|
||||
;ldr x8, [x19, 0x10] ; [x19].InjectData.LdrGetProcAddr
|
||||
ldr x8, [x19, 0x70] ; [x19].InjectData.MyGetProcAddr
|
||||
blr x8
|
||||
cmp x0, #0x00
|
||||
bne RtlFindActivationContextSectionStringError
|
||||
|
||||
;
|
||||
; pass control to ordinal 1, which will free the inject
|
||||
; data area, and pass control to the original function
|
||||
; RtlFindActivationContextSectionString
|
||||
;
|
||||
; note that we need to pass the address of the inject
|
||||
; data area to ordinal 1, which we do by overwriting the
|
||||
; first argument. the original argument is saved in
|
||||
; the inject data area
|
||||
;
|
||||
|
||||
ldr x8, [sp, #0x00]
|
||||
str x8, [x19, 0x08] ; [x19].InjectData.LdrLoadDll
|
||||
mov x0, x19
|
||||
ldr x1, [sp, #0x08]
|
||||
ldp x0, x1, [sp, #0x00]
|
||||
ldp x2, x3, [sp, #0x10]
|
||||
ldp x4, x5, [sp, #0x20]
|
||||
ldp x6, x7, [sp, #0x30]
|
||||
|
||||
ldr x8, [x19, 0x68] ; [x19].InjectData.SbieDllOrdinal1
|
||||
ldr x8, [x19, 0x08] ; [x19].InjectData.RtlFindActCtx
|
||||
|
||||
add sp, sp, #0x40
|
||||
ldp x19, x20, [sp], #0x10
|
||||
|
@ -376,34 +301,170 @@ LdrLoadGood
|
|||
|
||||
br x8
|
||||
|
||||
RtlFindActivationContextSectionStringError
|
||||
|
||||
str x0, [sp, #0x38] ; save ntstatus
|
||||
|
||||
add x8, x19, 0x50 ; [x19].InjectData.SbieDll_Unicode
|
||||
str x8, [x19, 0x08] ; [x19].InjectData.LdrLoadDll
|
||||
|
||||
add x5, x19, 0x10 ; out_response - [x19].InjectData.LdrGetProcAddr
|
||||
mov x4, #0x01 ; response_buttons - ERROR_OK
|
||||
mov x3, x8 ; list_of_pointers_to_parameters
|
||||
mov x2, #0x01 ; mask_of_strings_in_list
|
||||
mov x1, #0x01 ; number_of_parameters_in_list
|
||||
ldr x0, =0xD0000142 ; ntstatus_message_code - (STATUS_DLL_INIT_FAILED or FORCE_ERROR_MESSAGE_BOX)
|
||||
|
||||
ldr x8, [x19, 0x18] ; [x19].InjectData.LdrGetProcAddr
|
||||
blr x8
|
||||
|
||||
ldr x0, [sp, #0x38] ; restore ntstatus
|
||||
|
||||
add sp, sp, #0x40
|
||||
ldp x19, x20, [sp], #0x10
|
||||
ldp fp, lr, [sp], #0x10
|
||||
|
||||
ret
|
||||
;DetourError
|
||||
;
|
||||
; add sp, sp, #0x40
|
||||
; ldp x19, x20, [sp], #0x10
|
||||
; ldp fp, lr, [sp], #0x10
|
||||
;
|
||||
; ret
|
||||
|
||||
ENDP
|
||||
|
||||
|
||||
;;----------------------------------------------------------------------------
|
||||
;; RtlFindActivationContextSectionString detour code
|
||||
;;----------------------------------------------------------------------------
|
||||
;
|
||||
;
|
||||
;InjectDataPtr
|
||||
; DCQ 0
|
||||
;DetourCodeARM64 PROC
|
||||
;
|
||||
; ;brk #0xF000
|
||||
;
|
||||
; stp fp, lr, [sp, #-0x10]!
|
||||
; stp x19, x20, [sp, #-0x10]!
|
||||
; sub sp, sp, #0x40
|
||||
;
|
||||
; stp x0, x1, [sp, #0x00]
|
||||
; stp x2, x3, [sp, #0x10]
|
||||
; stp x4, x5, [sp, #0x20]
|
||||
; stp x6, x7, [sp, #0x30]
|
||||
;
|
||||
; ldr x19, InjectDataPtr ; x19 -> inject data area
|
||||
;
|
||||
; ;
|
||||
; ; reatore RtlFindActCtx, copy 16 bytes
|
||||
; ;
|
||||
;
|
||||
; add x8, x19, #0x20 ; [x19].InjectData.RtlFindActCtx
|
||||
; ldr x9, [x8]
|
||||
; ldp w10, w11, [x19, #0x2C] ; [x19].InjectData.RtlFindActCtx_Bytes
|
||||
; stp w10, w11, [x9, #0x00]
|
||||
; ldp w10, w11, [x19, #0x34] ; [x19].InjectData.RtlFindActCtx_Bytes + 8
|
||||
; stp w10, w11, [x9, #0x08]
|
||||
;
|
||||
; ldr x0, =0xFFFFFFFFFFFFFFFF ; ProcessHandle
|
||||
; mov x1, x9 ; BaseAddress
|
||||
; mov x2, #0x10 ; NumberOfBytesToFlush
|
||||
;
|
||||
; ;ldr x8, [x19, 0x70] ; [x19].InjectData.NtFlushInstructionCache
|
||||
; ldr x9, [x19] ; [x19].InjectData.SBIELOW_DATA
|
||||
; add x8, x9, 0xA0 ; SBIELOW_DATA.NtFlushInstructionCache_code
|
||||
; blr x8
|
||||
;
|
||||
; ;
|
||||
; ; call LdrLoadDll for kernel32
|
||||
; ;
|
||||
;
|
||||
; mov x20, #0x10 ; retry count
|
||||
;
|
||||
;LdrLoadRetry
|
||||
; mov x0, #0x00 ; PathToFile
|
||||
; mov x1, #0x00 ; Flags
|
||||
; add x2, x19, 0x40 ; [x19].InjectData.KernelDll_Unicode
|
||||
; add x3, x19, 0x60 ; [x19].InjectData.ModuleHandle
|
||||
;
|
||||
; ldr x8, [x19, 0x08] ; [x19].InjectData.LdrLoadDll
|
||||
; blr x8
|
||||
;
|
||||
; cmp x0, #0x00
|
||||
; beq LdrLoadGood
|
||||
; sub x20, x20, #0x01
|
||||
; cmp x20, #0x00
|
||||
; bne LdrLoadRetry
|
||||
; b RtlFindActivationContextSectionStringError
|
||||
;
|
||||
;LdrLoadGood
|
||||
; ;
|
||||
; ; call LdrLoadDll for sbiedll
|
||||
; ;
|
||||
;
|
||||
; mov x0, #0x00 ; PathToFile
|
||||
; mov x1, #0x00 ; Flags
|
||||
; add x2, x19, 0x50 ; [x19].InjectData.SbieDll_Unicode
|
||||
; add x3, x19, 0x60 ; [x19].InjectData.ModuleHandle
|
||||
;
|
||||
; ldr x8, [x19, 0x08] ; [x19].InjectData.LdrLoadDll
|
||||
; blr x8
|
||||
; cmp x0, #0x00
|
||||
; bne RtlFindActivationContextSectionStringError
|
||||
;
|
||||
; ;
|
||||
; ; call the custom MyGetProcedureAddress implemented in c
|
||||
; ; which calls LdrGetProcedureAddress for sbiedll ordinal 1,
|
||||
; ; this forces ntdll to initialize sbiedll and returns the address to call
|
||||
; ;
|
||||
; ; in ARM64EC mode it returns the native function address instead of the FFS sequence
|
||||
; ;
|
||||
;
|
||||
; ldr x0, [x19, 0x60] ; [x19].InjectData.ModuleHandle
|
||||
; mov x1, #0x00 ; FunctionName
|
||||
; mov x2, #0x01 ; Ordinal
|
||||
; add x3, x19, 0x68 ; [x19].InjectData.SbieDllOrdinal1
|
||||
; mov x4, x19 ; [x19].InjectData
|
||||
;
|
||||
; ;ldr x8, [x19, 0x10] ; [x19].InjectData.LdrGetProcAddr
|
||||
; ldr x8, [x19, 0x70] ; [x19].InjectData.MyGetProcAddr
|
||||
; blr x8
|
||||
; cmp x0, #0x00
|
||||
; bne RtlFindActivationContextSectionStringError
|
||||
;
|
||||
; ;
|
||||
; ; pass control to ordinal 1, which will free the inject
|
||||
; ; data area, and pass control to the original function
|
||||
; ; RtlFindActivationContextSectionString
|
||||
; ;
|
||||
; ; note that we need to pass the address of the inject
|
||||
; ; data area to ordinal 1, which we do by overwriting the
|
||||
; ; first argument. the original argument is saved in
|
||||
; ; the inject data area
|
||||
; ;
|
||||
;
|
||||
; ldr x8, [sp, #0x00]
|
||||
; str x8, [x19, 0x08] ; [x19].InjectData.LdrLoadDll
|
||||
; mov x0, x19
|
||||
; ldr x1, [sp, #0x08]
|
||||
; ldp x2, x3, [sp, #0x10]
|
||||
; ldp x4, x5, [sp, #0x20]
|
||||
; ldp x6, x7, [sp, #0x30]
|
||||
;
|
||||
; ldr x8, [x19, 0x68] ; [x19].InjectData.SbieDllOrdinal1
|
||||
;
|
||||
; add sp, sp, #0x40
|
||||
; ldp x19, x20, [sp], #0x10
|
||||
; ldp fp, lr, [sp], #0x10
|
||||
;
|
||||
; br x8
|
||||
;
|
||||
;RtlFindActivationContextSectionStringError
|
||||
;
|
||||
; str x0, [sp, #0x38] ; save ntstatus
|
||||
;
|
||||
; add x8, x19, 0x50 ; [x19].InjectData.SbieDll_Unicode
|
||||
; str x8, [x19, 0x08] ; [x19].InjectData.LdrLoadDll
|
||||
;
|
||||
; add x5, x19, 0x10 ; out_response - [x19].InjectData.LdrGetProcAddr
|
||||
; mov x4, #0x01 ; response_buttons - ERROR_OK
|
||||
; mov x3, x8 ; list_of_pointers_to_parameters
|
||||
; mov x2, #0x01 ; mask_of_strings_in_list
|
||||
; mov x1, #0x01 ; number_of_parameters_in_list
|
||||
; ldr x0, =0xD0000142 ; ntstatus_message_code - (STATUS_DLL_INIT_FAILED or FORCE_ERROR_MESSAGE_BOX)
|
||||
;
|
||||
; ldr x8, [x19, 0x18] ; [x19].InjectData.LdrGetProcAddr
|
||||
; blr x8
|
||||
;
|
||||
; ldr x0, [sp, #0x38] ; restore ntstatus
|
||||
;
|
||||
; add sp, sp, #0x40
|
||||
; ldp x19, x20, [sp], #0x10
|
||||
; ldp fp, lr, [sp], #0x10
|
||||
;
|
||||
; ret
|
||||
;
|
||||
; ENDP
|
||||
|
||||
|
||||
;----------------------------------------------------------------------------
|
||||
; Parameters stored by SbieSvc
|
||||
|
@ -433,6 +494,7 @@ SbieLowData
|
|||
|
||||
DCQ Start ; entry point for the detour
|
||||
DCQ SbieLowData ; data location
|
||||
DCQ DetourCodeARM64 ; detour code location
|
||||
|
||||
|
||||
;----------------------------------------------------------------------------
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
;------------------------------------------------------------------------
|
||||
; Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
; Copyright 2021-2022 David Xanatos, xanasoft.com
|
||||
; Copyright 2021-2023 David Xanatos, xanasoft.com
|
||||
;
|
||||
; This program is free software: you can redistribute it and/or modify
|
||||
; it under the terms of the GNU General Public License as published by
|
||||
|
@ -74,16 +74,14 @@ _001: pop rcx
|
|||
; removed hard coded position dependency
|
||||
; key symbols are now passed as arguments to EntrypointC
|
||||
; 64 bit version takes 4 arguments
|
||||
; _EntrypointC(SbieLowData,_RtlFindActivationContextSectionString,_SystemService,_RtlFindActivationContextSectionString64)
|
||||
; _EntrypointC(SbieLowData,_DetourCode,_SystemService)
|
||||
|
||||
mov rbx,rcx
|
||||
add rcx, offset SbieLowData - _001
|
||||
mov rdx,rbx
|
||||
add rdx, offset _RtlFindActivationContextSectionString64 - _001
|
||||
add rdx, offset _DetourCode - _001
|
||||
mov r8,rbx
|
||||
add r8, offset _SystemService - _001
|
||||
;mov r9,rbx
|
||||
;add r9, offset _RtlFindActivationContextSectionString - _001
|
||||
|
||||
call EntrypointC
|
||||
|
||||
|
@ -104,16 +102,19 @@ _001: pop eax
|
|||
; removed hard coded position dependency
|
||||
; key symbols are now passed as arguments to EntrypointC
|
||||
; 32 bit version takes 3 arguments
|
||||
;_EntrypointC(SbieLowData,_RtlFindActivationContextSectionString,_SystemService)
|
||||
;_EntrypointC(SbieLowData,_DetourCode,_SystemService)
|
||||
|
||||
add eax, offset _SystemService - _001 ;old + 96 offset
|
||||
push eax
|
||||
mov eax,edx
|
||||
add eax, offset _RtlFindActivationContextSectionString - _001; old + 256 offset
|
||||
add eax, offset _DetourCode - _001; old + 256 offset
|
||||
push eax
|
||||
mov eax, edx
|
||||
add eax, offset SbieLowData - _001
|
||||
push eax
|
||||
|
||||
call _EntrypointC@12
|
||||
|
||||
jmp eax ; jump to LdrInitializeThunk trampoline
|
||||
|
||||
endif ; 32-bit or 64-bit
|
||||
|
@ -126,7 +127,6 @@ endif ; 32-bit or 64-bit
|
|||
|
||||
_SystemService:
|
||||
|
||||
;----------------------------------------------------------------------------
|
||||
ifdef _WIN64 ; 64-bit
|
||||
myService Proc
|
||||
db 48h, 0B8h ; rax -> SbieLowData
|
||||
|
@ -141,7 +141,7 @@ myService Proc
|
|||
; because of x64 calling convention.
|
||||
;
|
||||
|
||||
push rbp; target rsp
|
||||
push rdi; target rsp
|
||||
push rbx; target rip
|
||||
|
||||
mov r11,[rax + 0e0h] ; SbieLow.RealNtDeviceIoControlFile
|
||||
|
@ -151,7 +151,7 @@ myService Proc
|
|||
mov r11, rsp ; restore stack in r11
|
||||
add r11, 10h
|
||||
|
||||
mov rbp, r11 ; pass stack frame in rbp
|
||||
mov rdi, r11 ; pass stack frame in rbp
|
||||
|
||||
API_NUM_ARGS = 8
|
||||
sub rsp, (API_NUM_ARGS + 1 + 2 + 10) * 8
|
||||
|
@ -225,17 +225,16 @@ myService Proc
|
|||
mov qword ptr [rsp+8*8], rdx
|
||||
mov qword ptr [rsp+9*8], rdx
|
||||
|
||||
lea r10, [r10+80h] ; r10 -> SbieLow.NtDeviceIoControlFile
|
||||
lea r10, [r10+80h] ; r10 -> SbieLow.NtDeviceIoControlFile_code
|
||||
|
||||
call r10
|
||||
add rsp, (API_NUM_ARGS + 1 + 2 + 10) * 8
|
||||
|
||||
pop rbx
|
||||
pop rbp
|
||||
pop rdi
|
||||
ret
|
||||
|
||||
myService ENDP
|
||||
;----------------------------------------------------------------------------
|
||||
|
||||
else ; 32-bit
|
||||
|
||||
|
@ -297,7 +296,7 @@ else ; 32-bit
|
|||
push 0
|
||||
push [edx+2*8] ; push SbieLow.api_device_handle
|
||||
|
||||
lea eax, [edx+80h] ; eax -> SbieLow.NtDeviceIoControlFile
|
||||
lea eax, [edx+80h] ; eax -> SbieLow.NtDeviceIoControlFile_code
|
||||
call eax
|
||||
|
||||
;
|
||||
|
@ -316,160 +315,25 @@ else ; 32-bit
|
|||
neg ecx
|
||||
mov ecx, [esp+ecx]
|
||||
jmp ecx ; return to caller
|
||||
|
||||
endif ; 32-bit or 64-bit
|
||||
|
||||
|
||||
;----------------------------------------------------------------------------
|
||||
; Inject Data Area for our RtlFindActivationContextSectionString
|
||||
; detour code
|
||||
;----------------------------------------------------------------------------
|
||||
|
||||
|
||||
InjectData struct ; keep in sync with inject.c
|
||||
dq ? ; 0x00
|
||||
LdrLoadDll dq ? ; 0x08
|
||||
LdrGetProcAddr dq ? ; 0x10
|
||||
NtRaiseHardError dq ? ; 0x18
|
||||
RtlFindActCtx dq ? ; 0x20
|
||||
RtlFindActCtx_Protect dd ? ; 0x28
|
||||
RtlFindActCtx_Bytes db 20 dup (?) ; 0x2C
|
||||
KernelDll_Unicode dq 2 dup (?) ; 0x40
|
||||
SbieDll_Unicode dq 2 dup (?) ; 0x50
|
||||
ModuleHandle dq ? ; 0x60
|
||||
SbieDllOrdinal1 dq ? ; 0x68
|
||||
sbielow_data dq ? ; 0x00
|
||||
RtlFindActCtx dq ? ; 0x08
|
||||
InjectData ends
|
||||
|
||||
|
||||
;----------------------------------------------------------------------------
|
||||
; 32-bit RtlFindActivationContextSectionString detour code
|
||||
;----------------------------------------------------------------------------
|
||||
|
||||
_RtlFindActivationContextSectionString:
|
||||
ifndef _WIN64 ; 32-bit
|
||||
|
||||
mov edx, 0 ; edx -> inject data area
|
||||
|
||||
push esi
|
||||
mov esi, edx ; esi -> inject data area
|
||||
|
||||
mov eax, dword ptr [esi].InjectData.RtlFindActCtx
|
||||
mov dl, byte ptr [esi].InjectData.RtlFindActCtx_Bytes
|
||||
mov byte ptr [eax], dl
|
||||
mov edx, dword ptr [esi].InjectData.RtlFindActCtx_Bytes+1
|
||||
mov dword ptr [eax+1], edx
|
||||
|
||||
;
|
||||
; call LdrLoadDll for kernel32
|
||||
;
|
||||
mov ecx, 10h ;number of retries
|
||||
LdrLoadDll_Retry:
|
||||
push ecx
|
||||
lea eax, [esi].InjectData.ModuleHandle
|
||||
push eax
|
||||
lea eax, [esi].InjectData.KernelDll_Unicode
|
||||
push eax
|
||||
push 0
|
||||
push 0
|
||||
call dword ptr [esi].InjectData.LdrLoadDll
|
||||
pop ecx
|
||||
test eax, eax
|
||||
jz LdrLoadDll_Good
|
||||
loop LdrLoadDll_Retry
|
||||
; retry failed 16 times: raise error
|
||||
jmp RtlFindActivationContextSectionStringError
|
||||
LdrLoadDll_Good:
|
||||
;
|
||||
; call LdrLoadDll for sbiedll
|
||||
;
|
||||
|
||||
lea eax, [esi].InjectData.ModuleHandle
|
||||
push eax
|
||||
lea eax, [esi].InjectData.SbieDll_Unicode
|
||||
push eax
|
||||
push 0
|
||||
push 0
|
||||
call dword ptr [esi].InjectData.LdrLoadDll
|
||||
|
||||
test eax, eax
|
||||
jnz RtlFindActivationContextSectionStringError
|
||||
|
||||
;
|
||||
; call LdrGetProcedureAddress for sbiedll ordinal 1,
|
||||
; which forces ntdll to initialize sbiedll
|
||||
;
|
||||
|
||||
lea eax, [esi].InjectData.SbieDllOrdinal1
|
||||
push eax
|
||||
push 1
|
||||
push 0
|
||||
push dword ptr [esi].InjectData.ModuleHandle
|
||||
call dword ptr [esi].InjectData.LdrGetProcAddr
|
||||
|
||||
test eax, eax
|
||||
jnz RtlFindActivationContextSectionStringError
|
||||
|
||||
;
|
||||
; pass control to ordinal 1, which will free the inject
|
||||
; data area, and pass control to the original function
|
||||
; RtlFindActivationContextSectionString
|
||||
;
|
||||
; note that we need to pass the address of the inject
|
||||
; data area to ordinal 1, which we do by overwriting the
|
||||
; first argument. the original argument is saved in
|
||||
; the inject data area
|
||||
;
|
||||
|
||||
mov eax, esi
|
||||
xchg eax, dword ptr [esp+4*2]
|
||||
mov dword ptr [esi].InjectData.LdrLoadDll, eax
|
||||
mov eax, esi
|
||||
pop esi
|
||||
jmp dword ptr [eax].InjectData.SbieDllOrdinal1
|
||||
|
||||
;
|
||||
; display error message, invoke NtRaiseHardError(
|
||||
; NTSTATUS ntstatus_message_code,
|
||||
; ULONG number_of_parameters_in_list,
|
||||
; ULONG mask_of_strings_in_list,
|
||||
; ULONG_PTR *list_of_pointers_to_parameters,
|
||||
; ULONG response_buttons,
|
||||
; ULONG *out_response)
|
||||
;
|
||||
|
||||
RtlFindActivationContextSectionStringError:
|
||||
|
||||
STATUS_DLL_INIT_FAILED = 0C0000142h
|
||||
FORCE_ERROR_MESSAGE_BOX = 010000000h
|
||||
|
||||
push eax ; save ntstatus
|
||||
|
||||
lea edx, [esi].InjectData.SbieDll_Unicode
|
||||
mov dword ptr [esi].InjectData.LdrLoadDll, edx
|
||||
|
||||
lea edx, [esi].InjectData.LdrGetProcAddr
|
||||
push edx ; out_response
|
||||
push 1 ; response_buttons - ERROR_OK
|
||||
lea edx, [esi].InjectData.LdrLoadDll
|
||||
push edx ; list_of_pointers_to_parameters
|
||||
push 1 ; mask_of_strings_in_list
|
||||
push 1 ; number_of_parameters_in_list
|
||||
push (STATUS_DLL_INIT_FAILED or FORCE_ERROR_MESSAGE_BOX)
|
||||
call dword ptr [esi].InjectData.NtRaiseHardError
|
||||
|
||||
pop eax ; pop error ntstatus to return
|
||||
pop esi
|
||||
ret 14h ; return to caller with error
|
||||
|
||||
endif ; 32-bit or 64-bit
|
||||
|
||||
|
||||
;----------------------------------------------------------------------------
|
||||
; 64-bit RtlFindActivationContextSectionString detour code
|
||||
;----------------------------------------------------------------------------
|
||||
|
||||
|
||||
ifdef _WIN64 ; 64-bit
|
||||
|
||||
EXTERN DetourFunc : PROC
|
||||
|
||||
dq 0h ;inject data area address
|
||||
_RtlFindActivationContextSectionString64:
|
||||
_DetourCode:
|
||||
mov rax, qword ptr [$-8] ; rax -> inject data area
|
||||
|
||||
push rsi ; save rsi, and align stack
|
||||
|
@ -482,134 +346,367 @@ dq 0h ;inject data area address
|
|||
|
||||
mov rsi, rax ; rsi -> inject data area
|
||||
|
||||
mov rax, qword ptr [rsi].InjectData.RtlFindActCtx
|
||||
|
||||
;replace 12bytes
|
||||
mov rdx, qword ptr [rsi].InjectData.RtlFindActCtx_Bytes
|
||||
mov qword ptr [rax], rdx
|
||||
mov edx, dword ptr [rsi].InjectData.RtlFindActCtx_Bytes + 8
|
||||
mov dword ptr [rax+8], edx
|
||||
|
||||
;
|
||||
; call LdrLoadDll for kernel32
|
||||
;
|
||||
;; retry loop
|
||||
mov qword ptr [rsi].InjectData.RtlFindActCtx_Bytes, rbx
|
||||
mov rbx, 010h
|
||||
|
||||
LdrLoadRetry:
|
||||
xor rcx, rcx
|
||||
xor rdx, rdx
|
||||
lea r8, [rsi].InjectData.KernelDll_Unicode
|
||||
lea r9, [rsi].InjectData.ModuleHandle
|
||||
;cmp rbx,1
|
||||
;jnz LdrTestLoop
|
||||
call qword ptr [rsi].InjectData.LdrLoadDll
|
||||
test eax, eax
|
||||
jz LdrLoadGood
|
||||
;LdrTestLoop:
|
||||
dec rbx
|
||||
test rbx, rbx
|
||||
jnz LdrLoadRetry ;loop LdrLoadRetry
|
||||
jmp RtlFindActivationContextSectionStringError
|
||||
LdrLoadGood:
|
||||
mov rbx, qword ptr [rsi].InjectData.RtlFindActCtx_Bytes
|
||||
|
||||
;
|
||||
; call LdrLoadDll for sbiedll
|
||||
; call DetourFunc
|
||||
;
|
||||
|
||||
xor rcx, rcx
|
||||
xor rdx, rdx
|
||||
lea r8, [rsi].InjectData.SbieDll_Unicode
|
||||
lea r9, [rsi].InjectData.ModuleHandle
|
||||
call qword ptr [rsi].InjectData.LdrLoadDll
|
||||
|
||||
test eax, eax
|
||||
jnz RtlFindActivationContextSectionStringError
|
||||
|
||||
;
|
||||
; call LdrGetProcedureAddress for sbiedll ordinal 1,
|
||||
; which forces ntdll to initialize sbiedll
|
||||
;
|
||||
|
||||
mov rcx, qword ptr [rsi].InjectData.ModuleHandle
|
||||
mov rcx, rsi
|
||||
xor rdx, rdx
|
||||
xor r8, r8
|
||||
inc r8
|
||||
lea r9, [rsi].InjectData.SbieDllOrdinal1
|
||||
call qword ptr [rsi].InjectData.LdrGetProcAddr
|
||||
xor r9, r9
|
||||
call DetourFunc
|
||||
|
||||
test eax, eax
|
||||
jnz RtlFindActivationContextSectionStringError
|
||||
; test eax, eax
|
||||
; jnz DetourError
|
||||
|
||||
;
|
||||
; pass control to ordinal 1, which will free the inject
|
||||
; data area, and pass control to the original function
|
||||
; RtlFindActivationContextSectionString
|
||||
;
|
||||
; note that we need to pass the address of the inject
|
||||
; data area to ordinal 1, which we do by overwriting the
|
||||
; first argument. the original argument is saved in
|
||||
; the inject data area
|
||||
; resume execution or original function
|
||||
;
|
||||
|
||||
mov rax, qword ptr [rsp+4*8]
|
||||
mov qword ptr [rsi].InjectData.LdrLoadDll, rax
|
||||
mov rcx, rsi
|
||||
mov rcx, qword ptr [rsp+4*8]
|
||||
mov rdx, qword ptr [rsp+5*8]
|
||||
mov r8, qword ptr [rsp+6*8]
|
||||
mov r9, qword ptr [rsp+7*8]
|
||||
|
||||
add rsp, 8*8
|
||||
mov rax, qword ptr [rsi].InjectData.RtlFindActCtx
|
||||
pop rsi
|
||||
jmp qword ptr [rcx].InjectData.SbieDllOrdinal1
|
||||
jmp rax
|
||||
|
||||
;DetourError:
|
||||
;
|
||||
; add rsp, 8*8
|
||||
; pop rsi
|
||||
; ret ; return to caller with error
|
||||
|
||||
else ; 32-bit
|
||||
|
||||
EXTERN _DetourFunc@4 : PROC
|
||||
|
||||
_DetourCode:
|
||||
|
||||
mov edx, 0 ; edx -> inject data area
|
||||
|
||||
push esi
|
||||
mov esi, edx ; esi -> inject data area
|
||||
|
||||
;
|
||||
; display error message, invoke NtRaiseHardError(
|
||||
; NTSTATUS ntstatus_message_code,
|
||||
; ULONG number_of_parameters_in_list,
|
||||
; ULONG mask_of_strings_in_list,
|
||||
; ULONG_PTR *list_of_pointers_to_parameters,
|
||||
; ULONG response_buttons,
|
||||
; ULONG *out_response)
|
||||
; call DetourFunc
|
||||
;
|
||||
|
||||
RtlFindActivationContextSectionStringError:
|
||||
push esi
|
||||
call _DetourFunc@4
|
||||
|
||||
STATUS_DLL_INIT_FAILED = 0C0000142h
|
||||
FORCE_ERROR_MESSAGE_BOX = 010000000h
|
||||
; test eax, eax
|
||||
; jnz DetourError
|
||||
|
||||
mov qword ptr [rsp+7*8], rax ; save ntstatus
|
||||
;
|
||||
; resume execution or original function
|
||||
;
|
||||
|
||||
mov ecx, \ ; ntstatus_message_code
|
||||
(STATUS_DLL_INIT_FAILED or FORCE_ERROR_MESSAGE_BOX)
|
||||
mov eax, dword ptr [esi].InjectData.RtlFindActCtx
|
||||
pop esi
|
||||
jmp eax
|
||||
|
||||
xor rdx, rdx ; number_of_parameters_in_list
|
||||
inc rdx
|
||||
;DetourError:
|
||||
;
|
||||
; pop esi
|
||||
; ret 14h ; return to caller with error
|
||||
|
||||
mov r8, rdx ; mask_of_strings_in_list
|
||||
endif ; 32-bit or 64-bit
|
||||
|
||||
lea r9, \ ; list_of_pointers_to_parameters
|
||||
[esi].InjectData.LdrLoadDll
|
||||
lea rax, [rsi].InjectData.SbieDll_Unicode
|
||||
mov qword ptr [r9], rax
|
||||
|
||||
mov \ ; response_buttons - ERROR_OK
|
||||
qword ptr [rsp+4*8], rdx
|
||||
|
||||
lea rax, [rsi].InjectData.LdrGetProcAddr
|
||||
mov \ ; out_response
|
||||
qword ptr [rsp+5*8], rax
|
||||
|
||||
call qword ptr [rsi].InjectData.NtRaiseHardError
|
||||
|
||||
mov rax, qword ptr [rsp+7*8] ; restore ntstatus
|
||||
add rsp, 8*8
|
||||
pop rsi
|
||||
ret ; return to caller with error
|
||||
|
||||
endif ; 64-bit
|
||||
;;----------------------------------------------------------------------------
|
||||
;; Inject Data Area for our RtlFindActivationContextSectionString
|
||||
;;----------------------------------------------------------------------------
|
||||
;
|
||||
;
|
||||
;InjectData struct ; keep in sync with inject.c
|
||||
; dq ? ; 0x00
|
||||
;LdrLoadDll dq ? ; 0x08
|
||||
;LdrGetProcAddr dq ? ; 0x10
|
||||
;NtRaiseHardError dq ? ; 0x18
|
||||
;RtlFindActCtx dq ? ; 0x20
|
||||
;RtlFindActCtx_Protect dd ? ; 0x28
|
||||
;RtlFindActCtx_Bytes db 20 dup (?) ; 0x2C
|
||||
;KernelDll_Unicode dq 2 dup (?) ; 0x40
|
||||
;SbieDll_Unicode dq 2 dup (?) ; 0x50
|
||||
;ModuleHandle dq ? ; 0x60
|
||||
;SbieDllOrdinal1 dq ? ; 0x68
|
||||
;InjectData ends
|
||||
;
|
||||
;
|
||||
;;----------------------------------------------------------------------------
|
||||
;; 32-bit RtlFindActivationContextSectionString detour code
|
||||
;;----------------------------------------------------------------------------
|
||||
;
|
||||
;_RtlFindActivationContextSectionString:
|
||||
;ifndef _WIN64 ; 32-bit
|
||||
;
|
||||
; mov edx, 0 ; edx -> inject data area
|
||||
;
|
||||
; push esi
|
||||
; mov esi, edx ; esi -> inject data area
|
||||
;
|
||||
; mov eax, dword ptr [esi].InjectData.RtlFindActCtx
|
||||
; mov dl, byte ptr [esi].InjectData.RtlFindActCtx_Bytes
|
||||
; mov byte ptr [eax], dl
|
||||
; mov edx, dword ptr [esi].InjectData.RtlFindActCtx_Bytes+1
|
||||
; mov dword ptr [eax+1], edx
|
||||
;
|
||||
; ;
|
||||
; ; call LdrLoadDll for kernel32
|
||||
; ;
|
||||
; mov ecx, 10h ;number of retries
|
||||
;LdrLoadDll_Retry:
|
||||
; push ecx
|
||||
; lea eax, [esi].InjectData.ModuleHandle
|
||||
; push eax
|
||||
; lea eax, [esi].InjectData.KernelDll_Unicode
|
||||
; push eax
|
||||
; push 0
|
||||
; push 0
|
||||
; call dword ptr [esi].InjectData.LdrLoadDll
|
||||
; pop ecx
|
||||
; test eax, eax
|
||||
; jz LdrLoadDll_Good
|
||||
; loop LdrLoadDll_Retry
|
||||
; ; retry failed 16 times: raise error
|
||||
; jmp RtlFindActivationContextSectionStringError
|
||||
;LdrLoadDll_Good:
|
||||
; ;
|
||||
; ; call LdrLoadDll for sbiedll
|
||||
; ;
|
||||
;
|
||||
; lea eax, [esi].InjectData.ModuleHandle
|
||||
; push eax
|
||||
; lea eax, [esi].InjectData.SbieDll_Unicode
|
||||
; push eax
|
||||
; push 0
|
||||
; push 0
|
||||
; call dword ptr [esi].InjectData.LdrLoadDll
|
||||
;
|
||||
; test eax, eax
|
||||
; jnz RtlFindActivationContextSectionStringError
|
||||
;
|
||||
; ;
|
||||
; ; call LdrGetProcedureAddress for sbiedll ordinal 1,
|
||||
; ; which forces ntdll to initialize sbiedll
|
||||
; ;
|
||||
;
|
||||
; lea eax, [esi].InjectData.SbieDllOrdinal1
|
||||
; push eax
|
||||
; push 1
|
||||
; push 0
|
||||
; push dword ptr [esi].InjectData.ModuleHandle
|
||||
; call dword ptr [esi].InjectData.LdrGetProcAddr
|
||||
;
|
||||
; test eax, eax
|
||||
; jnz RtlFindActivationContextSectionStringError
|
||||
;
|
||||
; ;
|
||||
; ; pass control to ordinal 1, which will free the inject
|
||||
; ; data area, and pass control to the original function
|
||||
; ; RtlFindActivationContextSectionString
|
||||
; ;
|
||||
; ; note that we need to pass the address of the inject
|
||||
; ; data area to ordinal 1, which we do by overwriting the
|
||||
; ; first argument. the original argument is saved in
|
||||
; ; the inject data area
|
||||
; ;
|
||||
;
|
||||
; mov eax, esi
|
||||
; xchg eax, dword ptr [esp+4*2]
|
||||
; mov dword ptr [esi].InjectData.LdrLoadDll, eax
|
||||
; mov eax, esi
|
||||
; pop esi
|
||||
; jmp dword ptr [eax].InjectData.SbieDllOrdinal1
|
||||
;
|
||||
; ;
|
||||
; ; display error message, invoke NtRaiseHardError(
|
||||
; ; NTSTATUS ntstatus_message_code,
|
||||
; ; ULONG number_of_parameters_in_list,
|
||||
; ; ULONG mask_of_strings_in_list,
|
||||
; ; ULONG_PTR *list_of_pointers_to_parameters,
|
||||
; ; ULONG response_buttons,
|
||||
; ; ULONG *out_response)
|
||||
; ;
|
||||
;
|
||||
;RtlFindActivationContextSectionStringError:
|
||||
;
|
||||
; STATUS_DLL_INIT_FAILED = 0C0000142h
|
||||
; FORCE_ERROR_MESSAGE_BOX = 010000000h
|
||||
;
|
||||
; push eax ; save ntstatus
|
||||
;
|
||||
; lea edx, [esi].InjectData.SbieDll_Unicode
|
||||
; mov dword ptr [esi].InjectData.LdrLoadDll, edx
|
||||
;
|
||||
; lea edx, [esi].InjectData.LdrGetProcAddr
|
||||
; push edx ; out_response
|
||||
; push 1 ; response_buttons - ERROR_OK
|
||||
; lea edx, [esi].InjectData.LdrLoadDll
|
||||
; push edx ; list_of_pointers_to_parameters
|
||||
; push 1 ; mask_of_strings_in_list
|
||||
; push 1 ; number_of_parameters_in_list
|
||||
; push (STATUS_DLL_INIT_FAILED or FORCE_ERROR_MESSAGE_BOX)
|
||||
; call dword ptr [esi].InjectData.NtRaiseHardError
|
||||
;
|
||||
; pop eax ; pop error ntstatus to return
|
||||
; pop esi
|
||||
; ret 14h ; return to caller with error
|
||||
;
|
||||
;endif ; 32-bit or 64-bit
|
||||
;
|
||||
;
|
||||
;;----------------------------------------------------------------------------
|
||||
;; 64-bit RtlFindActivationContextSectionString detour code
|
||||
;;----------------------------------------------------------------------------
|
||||
;
|
||||
;
|
||||
;ifdef _WIN64 ; 64-bit
|
||||
;dq 0h ;inject data area address
|
||||
; _RtlFindActivationContextSectionString64:
|
||||
; mov rax, qword ptr [$-8] ; rax -> inject data area
|
||||
;
|
||||
; push rsi ; save rsi, and align stack
|
||||
; sub rsp, 8*8 ; set up local stack
|
||||
;
|
||||
; mov qword ptr [rsp+4*8], rcx
|
||||
; mov qword ptr [rsp+5*8], rdx
|
||||
; mov qword ptr [rsp+6*8], r8
|
||||
; mov qword ptr [rsp+7*8], r9
|
||||
;
|
||||
; mov rsi, rax ; rsi -> inject data area
|
||||
;
|
||||
; mov rax, qword ptr [rsi].InjectData.RtlFindActCtx
|
||||
;
|
||||
; ;replace 12bytes
|
||||
; mov rdx, qword ptr [rsi].InjectData.RtlFindActCtx_Bytes
|
||||
; mov qword ptr [rax], rdx
|
||||
; mov edx, dword ptr [rsi].InjectData.RtlFindActCtx_Bytes + 8
|
||||
; mov dword ptr [rax+8], edx
|
||||
;
|
||||
; ;
|
||||
; ; call LdrLoadDll for kernel32
|
||||
; ;
|
||||
; ;; retry loop
|
||||
; mov qword ptr [rsi].InjectData.RtlFindActCtx_Bytes, rbx
|
||||
; mov rbx, 010h
|
||||
;
|
||||
;LdrLoadRetry:
|
||||
; xor rcx, rcx
|
||||
; xor rdx, rdx
|
||||
; lea r8, [rsi].InjectData.KernelDll_Unicode
|
||||
; lea r9, [rsi].InjectData.ModuleHandle
|
||||
; ;cmp rbx,1
|
||||
; ;jnz LdrTestLoop
|
||||
; call qword ptr [rsi].InjectData.LdrLoadDll
|
||||
; test eax, eax
|
||||
; jz LdrLoadGood
|
||||
;;LdrTestLoop:
|
||||
; dec rbx
|
||||
; test rbx, rbx
|
||||
; jnz LdrLoadRetry ;loop LdrLoadRetry
|
||||
; jmp RtlFindActivationContextSectionStringError
|
||||
;LdrLoadGood:
|
||||
; mov rbx, qword ptr [rsi].InjectData.RtlFindActCtx_Bytes
|
||||
;
|
||||
; ;
|
||||
; ; call LdrLoadDll for sbiedll
|
||||
; ;
|
||||
;
|
||||
; xor rcx, rcx
|
||||
; xor rdx, rdx
|
||||
; lea r8, [rsi].InjectData.SbieDll_Unicode
|
||||
; lea r9, [rsi].InjectData.ModuleHandle
|
||||
; call qword ptr [rsi].InjectData.LdrLoadDll
|
||||
;
|
||||
; test eax, eax
|
||||
; jnz RtlFindActivationContextSectionStringError
|
||||
;
|
||||
; ;
|
||||
; ; call LdrGetProcedureAddress for sbiedll ordinal 1,
|
||||
; ; which forces ntdll to initialize sbiedll
|
||||
; ;
|
||||
;
|
||||
; mov rcx, qword ptr [rsi].InjectData.ModuleHandle
|
||||
; xor rdx, rdx
|
||||
; xor r8, r8
|
||||
; inc r8
|
||||
; lea r9, [rsi].InjectData.SbieDllOrdinal1
|
||||
; call qword ptr [rsi].InjectData.LdrGetProcAddr
|
||||
;
|
||||
; test eax, eax
|
||||
; jnz RtlFindActivationContextSectionStringError
|
||||
;
|
||||
; ;
|
||||
; ; pass control to ordinal 1, which will free the inject
|
||||
; ; data area, and pass control to the original function
|
||||
; ; RtlFindActivationContextSectionString
|
||||
; ;
|
||||
; ; note that we need to pass the address of the inject
|
||||
; ; data area to ordinal 1, which we do by overwriting the
|
||||
; ; first argument. the original argument is saved in
|
||||
; ; the inject data area
|
||||
; ;
|
||||
;
|
||||
; mov rax, qword ptr [rsp+4*8]
|
||||
; mov qword ptr [rsi].InjectData.LdrLoadDll, rax
|
||||
; mov rcx, rsi
|
||||
; mov rdx, qword ptr [rsp+5*8]
|
||||
; mov r8, qword ptr [rsp+6*8]
|
||||
; mov r9, qword ptr [rsp+7*8]
|
||||
;
|
||||
; add rsp, 8*8
|
||||
; pop rsi
|
||||
; jmp qword ptr [rcx].InjectData.SbieDllOrdinal1
|
||||
;
|
||||
; ;
|
||||
; ; display error message, invoke NtRaiseHardError(
|
||||
; ; NTSTATUS ntstatus_message_code,
|
||||
; ; ULONG number_of_parameters_in_list,
|
||||
; ; ULONG mask_of_strings_in_list,
|
||||
; ; ULONG_PTR *list_of_pointers_to_parameters,
|
||||
; ; ULONG response_buttons,
|
||||
; ; ULONG *out_response)
|
||||
; ;
|
||||
;
|
||||
;RtlFindActivationContextSectionStringError:
|
||||
;
|
||||
; STATUS_DLL_INIT_FAILED = 0C0000142h
|
||||
; FORCE_ERROR_MESSAGE_BOX = 010000000h
|
||||
;
|
||||
; mov qword ptr [rsp+7*8], rax ; save ntstatus
|
||||
;
|
||||
; mov ecx, \ ; ntstatus_message_code
|
||||
; (STATUS_DLL_INIT_FAILED or FORCE_ERROR_MESSAGE_BOX)
|
||||
;
|
||||
; xor rdx, rdx ; number_of_parameters_in_list
|
||||
; inc rdx
|
||||
;
|
||||
; mov r8, rdx ; mask_of_strings_in_list
|
||||
;
|
||||
; lea r9, \ ; list_of_pointers_to_parameters
|
||||
; [esi].InjectData.LdrLoadDll
|
||||
; lea rax, [rsi].InjectData.SbieDll_Unicode
|
||||
; mov qword ptr [r9], rax
|
||||
;
|
||||
; mov \ ; response_buttons - ERROR_OK
|
||||
; qword ptr [rsp+4*8], rdx
|
||||
;
|
||||
; lea rax, [rsi].InjectData.LdrGetProcAddr
|
||||
; mov \ ; out_response
|
||||
; qword ptr [rsp+5*8], rax
|
||||
;
|
||||
; call qword ptr [rsi].InjectData.NtRaiseHardError
|
||||
;
|
||||
; mov rax, qword ptr [rsp+7*8] ; restore ntstatus
|
||||
; add rsp, 8*8
|
||||
; pop rsi
|
||||
; ret ; return to caller with error
|
||||
;
|
||||
;endif ; 64-bit
|
||||
|
||||
|
||||
;----------------------------------------------------------------------------
|
||||
|
@ -631,6 +728,7 @@ SbieLowData LABEL QWORD
|
|||
|
||||
dq _Start
|
||||
dq SbieLowData
|
||||
dq _DetourCode
|
||||
|
||||
;----------------------------------------------------------------------------
|
||||
end
|
||||
|
|
|
@ -148,11 +148,11 @@ _FX NTSTATUS SbieApi_Ioctl(SBIELOW_DATA *data, void *parms)
|
|||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// SbieApi_DebugPrint
|
||||
// SbieApi_LogMsg
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX NTSTATUS SbieApi_DebugPrint(SBIELOW_DATA *data, const WCHAR *text)
|
||||
_FX NTSTATUS SbieApi_LogMsg(ULONG64 pNtDeviceIoControlFile, ULONG64 api_device_handle, ULONG code, const WCHAR *text)
|
||||
{
|
||||
NTSTATUS status = 0;
|
||||
__declspec(align(8)) UNICODE_STRING64 msgtext;
|
||||
|
@ -170,9 +170,18 @@ _FX NTSTATUS SbieApi_DebugPrint(SBIELOW_DATA *data, const WCHAR *text)
|
|||
memzero(parms, sizeof(parms));
|
||||
args->func_code = API_LOG_MESSAGE;
|
||||
args->session_id.val = -1;
|
||||
args->msgid.val = 1122;
|
||||
args->msgid.val = code;
|
||||
args->msgtext.val = &msgtext;
|
||||
status = SbieApi_Ioctl(data, parms);
|
||||
//status = SbieApi_Ioctl(data, parms);
|
||||
|
||||
IO_STATUS_BLOCK MyIoStatusBlock;
|
||||
#ifdef _WIN64
|
||||
ULONG MyIoStatusBlock32[2];
|
||||
*(ULONG_PTR *)&MyIoStatusBlock = (ULONG_PTR)MyIoStatusBlock32;
|
||||
#endif _WIN64
|
||||
return ((P_NtDeviceIoControlFile)pNtDeviceIoControlFile)(
|
||||
(HANDLE)api_device_handle, NULL, NULL, NULL, &MyIoStatusBlock,
|
||||
API_SBIEDRV_CTLCODE, parms, sizeof(ULONG64) * 8, NULL, 0);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
@ -196,7 +205,7 @@ _FX NTSTATUS SbieApi_DebugError(SBIELOW_DATA* data, ULONG error)
|
|||
for(int i=28; i >= 0; i-=4)
|
||||
*ptr++ = table[(error >> i) & 0xF];
|
||||
|
||||
return SbieApi_DebugPrint(data, text);
|
||||
return SbieApi_LogMsg(data->NtDeviceIoControlFile, data->api_device_handle, 2180, text);
|
||||
}
|
||||
|
||||
|
||||
|
@ -223,9 +232,42 @@ _FX void WaitForDebugger(SBIELOW_DATA *data)
|
|||
|
||||
__debugbreak();
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// WriteMemorySafe
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX void WriteMemorySafe(SBIELOW_DATA* data, void *Address, SIZE_T Size, void *Data)
|
||||
{
|
||||
void *RegionBase = Address;
|
||||
SIZE_T RegionSize = Size;
|
||||
ULONG OldProtect;
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
|
||||
// memcopy is not available, lets do our own
|
||||
switch (Size) {
|
||||
case 1: *(UCHAR*)Address = *(UCHAR*)Data; break;
|
||||
case 2: *(USHORT*)Address = *(USHORT*)Data; break;
|
||||
case 4: *(ULONG*)Address = *(ULONG*)Data; break;
|
||||
case 8: *(ULONG64*)Address = *(ULONG64*)Data; break;
|
||||
default:
|
||||
for (SIZE_T i = 0; i < Size; i++)
|
||||
((UCHAR*)Address)[i] = ((UCHAR*)Data)[i];
|
||||
}
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
OldProtect, &OldProtect);
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// PrepSyscalls
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -233,11 +275,6 @@ _FX void WaitForDebugger(SBIELOW_DATA *data)
|
|||
|
||||
_FX void PrepSyscalls(SBIELOW_DATA *data, void * SystemService)
|
||||
{
|
||||
UCHAR *SystemServiceAsm;
|
||||
void *RegionBase;
|
||||
SIZE_T RegionSize;
|
||||
ULONG OldProtect;
|
||||
|
||||
#ifdef _M_ARM64
|
||||
if (data->flags.is_arm64ec) {
|
||||
|
||||
|
@ -248,7 +285,8 @@ _FX void PrepSyscalls(SBIELOW_DATA *data, void * SystemService)
|
|||
// a replica of the #NtDeviceIoControlFile EC variant
|
||||
//
|
||||
|
||||
data->NtDeviceIoControlFile = (ULONG64)&NtDeviceIoControlFileEC;
|
||||
ULONG64 pNtDeviceIoControlFileEC = (ULONG64)&NtDeviceIoControlFileEC;
|
||||
WriteMemorySafe(data, &data->NtDeviceIoControlFile, sizeof(ULONG64), &pNtDeviceIoControlFileEC);
|
||||
|
||||
|
||||
//
|
||||
|
@ -260,7 +298,7 @@ _FX void PrepSyscalls(SBIELOW_DATA *data, void * SystemService)
|
|||
// we can just copy the ULONG strait out of the native function
|
||||
//
|
||||
|
||||
DeviceIoControlSvc = *(ULONG*)&data->NtDeviceIoControlFile_code[0];
|
||||
WriteMemorySafe(data, &DeviceIoControlSvc, sizeof(ULONG), &data->NtDeviceIoControlFile_code[0]);
|
||||
|
||||
|
||||
//
|
||||
|
@ -275,11 +313,15 @@ _FX void PrepSyscalls(SBIELOW_DATA *data, void * SystemService)
|
|||
|
||||
ULONG* syscall_ec_data = (ULONG*)data->syscall_data;
|
||||
|
||||
EcExitThunkPtr = *(ULONG64*)((UINT_PTR)syscall_ec_data + syscall_ec_data[1] - 8);
|
||||
UINT_PTR pEcExitThunkPtr = *(UINT_PTR*)((UINT_PTR)syscall_ec_data + syscall_ec_data[1] - 8);
|
||||
WriteMemorySafe(data, &EcExitThunkPtr, sizeof(UINT_PTR), &pEcExitThunkPtr);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
data->NtDeviceIoControlFile = (ULONG64)&data->NtDeviceIoControlFile_code[0];
|
||||
{
|
||||
ULONG64 pNtDeviceIoControlFile = (ULONG64)&data->NtDeviceIoControlFile_code[0];
|
||||
WriteMemorySafe(data, &data->NtDeviceIoControlFile, sizeof(ULONG64), &pNtDeviceIoControlFile);
|
||||
}
|
||||
|
||||
const LONG OFFSET_ULONG_PTR =
|
||||
#ifdef _M_ARM64
|
||||
|
@ -295,21 +337,14 @@ _FX void PrepSyscalls(SBIELOW_DATA *data, void * SystemService)
|
|||
// to include the data area pointer
|
||||
//
|
||||
|
||||
SystemServiceAsm = (UCHAR *)SystemService;
|
||||
RegionBase = (void *)(SystemServiceAsm + OFFSET_ULONG_PTR);
|
||||
RegionSize = sizeof(ULONG_PTR);
|
||||
WriteMemorySafe(data, ((UCHAR *)SystemService) + OFFSET_ULONG_PTR, sizeof(ULONG_PTR), &data);
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
//
|
||||
// store the SystemService address in pSystemService
|
||||
//
|
||||
|
||||
*(ULONG_PTR *)(SystemServiceAsm + OFFSET_ULONG_PTR) = (ULONG_PTR)data;
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
OldProtect, &OldProtect);
|
||||
|
||||
data->pSystemService = (ULONG64)SystemServiceAsm;
|
||||
ULONG64 SystemServicePtr = (ULONG64)SystemService;
|
||||
WriteMemorySafe(data, &data->pSystemService, sizeof(ULONG64), &SystemServicePtr);
|
||||
}
|
||||
|
||||
|
||||
|
@ -597,33 +632,29 @@ _FX void DisableCHPE(SBIELOW_DATA* data)
|
|||
if (!RtlImageOptionsEx)
|
||||
return;
|
||||
|
||||
//
|
||||
// backup bytes for trampoline
|
||||
//
|
||||
|
||||
ULONG DetourSize = 28;
|
||||
memcpy(data->RtlImageOptionsEx_tramp, RtlImageOptionsEx, DetourSize);
|
||||
|
||||
//
|
||||
// make target writable & create detour
|
||||
//
|
||||
|
||||
void *RegionBase;
|
||||
SIZE_T RegionSize;
|
||||
ULONG OldProtect;
|
||||
ULONG* aCode;
|
||||
|
||||
RegionBase = (void*)RtlImageOptionsEx;
|
||||
RegionSize = DetourSize; // 16;
|
||||
//
|
||||
// backup target & create simple trampoline
|
||||
//
|
||||
|
||||
RegionBase = (void*)data->RtlImageOptionsEx_tramp;
|
||||
RegionSize = sizeof(data->RtlImageOptionsEx_tramp);
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
|
||||
ULONG* aCode = (ULONG*)RtlImageOptionsEx;
|
||||
aCode[0] = 0x580000a7; // ldr x7, 20 - data
|
||||
aCode[1] = 0x58000048; // ldr x8, 8 - MyImageOptionsEx
|
||||
aCode[2] = 0xD61F0100; // br x8
|
||||
*(DWORD64*)&aCode[3] = (DWORD64)MyImageOptionsEx;
|
||||
*(DWORD64*)&aCode[5] = (DWORD64)data;
|
||||
ULONG DetourSize = 28;
|
||||
memcpy(data->RtlImageOptionsEx_tramp, RtlImageOptionsEx, DetourSize);
|
||||
|
||||
aCode = (ULONG*)(data->RtlImageOptionsEx_tramp + DetourSize); // 28
|
||||
aCode[0] = 0x58000048; // ldr x8, 8 - Rest of RtlImageOptionsEx
|
||||
aCode[1] = 0xD61F0100; // br x8
|
||||
*(DWORD64*)&aCode[2] = (DWORD64)RtlImageOptionsEx + DetourSize;
|
||||
// 44
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
|
@ -633,13 +664,29 @@ _FX void DisableCHPE(SBIELOW_DATA* data)
|
|||
NtCurrentProcess(), RegionBase, (ULONG)RegionSize);
|
||||
|
||||
//
|
||||
// create simple trampoline
|
||||
// make target writable & create detour
|
||||
//
|
||||
|
||||
aCode = (ULONG*)(data->RtlImageOptionsEx_tramp + DetourSize);
|
||||
aCode[0] = 0x58000048; // ldr x8, 8 - Rest of RtlImageOptionsEx
|
||||
aCode[1] = 0xD61F0100; // br x8
|
||||
*(DWORD64*)&aCode[2] = (DWORD64)RtlImageOptionsEx + DetourSize;
|
||||
RegionBase = (void*)RtlImageOptionsEx;
|
||||
RegionSize = DetourSize;
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
|
||||
aCode = (ULONG*)RtlImageOptionsEx;
|
||||
aCode[0] = 0x580000a7; // ldr x7, 20 - data
|
||||
aCode[1] = 0x58000048; // ldr x8, 8 - MyImageOptionsEx
|
||||
aCode[2] = 0xD61F0100; // br x8
|
||||
*(DWORD64*)&aCode[3] = (DWORD64)MyImageOptionsEx;
|
||||
*(DWORD64*)&aCode[5] = (DWORD64)data;
|
||||
//28
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
OldProtect, &OldProtect);
|
||||
|
||||
SBIELOW_CALL(NtFlushInstructionCache)(
|
||||
NtCurrentProcess(), RegionBase, (ULONG)RegionSize);
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -745,7 +792,7 @@ ULONG_PTR EntrypointC(SBIELOW_DATA *data, void *DetourCode, void *SystemService)
|
|||
// WaitForDebugger(data);
|
||||
|
||||
//wchar_t text[] = { 't','e','s','t',0 };
|
||||
//SbieApi_DebugPrint(data, text);
|
||||
//SbieApi_LogMsg(data->NtDeviceIoControlFile, data->api_device_handle, 1122, text);
|
||||
|
||||
PrepSyscalls(data, SystemService);
|
||||
if (!data->flags.bHostInject && !data->flags.bNoSysHooks)
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
* Copyright 2020-2022 David Xanatos, xanasoft.com
|
||||
* Copyright 2020-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -17,7 +17,7 @@
|
|||
*/
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Functions
|
||||
// inject
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
#include <ntstatus.h>
|
||||
|
@ -28,12 +28,13 @@ typedef long NTSTATUS;
|
|||
#include "common/win32_ntddk.h"
|
||||
#include "common/defines.h"
|
||||
#include "lowdata.h"
|
||||
|
||||
#include "core/drv/api_defs.h"
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Functions
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
_FX NTSTATUS SbieApi_LogMsg(ULONG64 pNtDeviceIoControlFile, ULONG64 api_device_handle, ULONG code, const WCHAR* text);
|
||||
_FX NTSTATUS SbieApi_DebugError(SBIELOW_DATA* data, ULONG error);
|
||||
|
||||
UCHAR *FindDllExport(void *DllBase, const UCHAR *ProcName, ULONG *pErr);
|
||||
|
@ -45,10 +46,27 @@ static UCHAR *FindDllExport2(
|
|||
void* Hook_GetFFSTarget(UCHAR* SourceFunc);
|
||||
#endif
|
||||
|
||||
static void InitInjectWow64(SBIELOW_DATA *data);
|
||||
//static void InitInjectWow64(SBIELOW_DATA *data);
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
typedef NTSTATUS(*P_LdrLoadDll)(
|
||||
WCHAR *PathString, ULONG *DllFlags,
|
||||
UNICODE_STRING *ModuleName, HANDLE *ModuleHandle);
|
||||
|
||||
typedef NTSTATUS (*P_LdrGetProcedureAddress)(
|
||||
HANDLE ModuleHandle, ANSI_STRING *ProcName, ULONG ProcNum,
|
||||
ULONG_PTR *Address);
|
||||
|
||||
typedef NTSTATUS (*P_NtProtectVirtualMemory)(
|
||||
HANDLE ProcessHandle, PVOID *BaseAddress,
|
||||
PSIZE_T RegionSize, ULONG NewProtect, PULONG OldProtect);
|
||||
|
||||
typedef NTSTATUS (*P_NtRaiseHardError)(
|
||||
NTSTATUS ErrorStatus, ULONG NumberOfParameters, ULONG UnicodeBitMask,
|
||||
ULONG_PTR *Parameters, ULONG ErrorOption, ULONG *ErrorReturn);
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
#define SBIELOW_CALL(x) ((P_##x)&data->x##_code)
|
||||
|
||||
|
@ -176,34 +194,135 @@ _FX UCHAR *FindDllExport2(
|
|||
return proc;
|
||||
}
|
||||
|
||||
#ifdef _M_ARM64
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// MyGetProcedureAddress
|
||||
// DetourFunc
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX NTSTATUS MyGetProcedureAddress(HMODULE ModuleHandle, PANSI_STRING FunctionName, WORD Ordinal, PVOID*FunctionAddress, INJECT_DATA *inject)
|
||||
ULONG_PTR DetourFunc(INJECT_DATA *inject)
|
||||
{
|
||||
SBIELOW_DATA* data = (SBIELOW_DATA*)*(ULONG64*)inject;
|
||||
//
|
||||
// Note: this function is invoked from the detour code, hence when running in WoW64,
|
||||
// the used instance of this function will be from the 32 bit version,
|
||||
// in which case we are unable to use SBIELOW_CALL and need to have a
|
||||
// pointer to the appropriate 32 bit function
|
||||
//
|
||||
// Furthermore, on ARM64 the SBIELOW_DATA will be allocated past the 4 GB boundary
|
||||
// hence in 32 bit mode we can not access it, only INJECT_DATA is available
|
||||
//
|
||||
|
||||
typedef (*P_LdrGetProcedureAddress)(HMODULE, PANSI_STRING, WORD, PVOID*);
|
||||
NTSTATUS status = ((P_LdrGetProcedureAddress)inject->LdrGetProcAddr)(ModuleHandle, FunctionName, Ordinal, FunctionAddress);
|
||||
NTSTATUS status;
|
||||
UNICODE_STRING* pDllPath;
|
||||
HANDLE ModuleHandle;
|
||||
typedef VOID(*P_Dll_Ordinal1)(INJECT_DATA* inject);
|
||||
P_Dll_Ordinal1 SbieDllOrdinal1;
|
||||
void *RegionBase;
|
||||
SIZE_T RegionSize;
|
||||
ULONG OldProtect;
|
||||
|
||||
#ifdef _WIN64
|
||||
SBIELOW_DATA* data = (SBIELOW_DATA*)inject->sbielow_data;
|
||||
#endif
|
||||
|
||||
//
|
||||
// in ARM64EC mode unwrap the FFS and return the native function
|
||||
// restore original function
|
||||
//
|
||||
|
||||
RegionBase = (void*)inject->RtlFindActCtx;
|
||||
#ifdef _WIN64
|
||||
#ifdef _M_ARM64
|
||||
RegionSize = 16;
|
||||
memcpy((void*)inject->RtlFindActCtx, inject->RtlFindActCtx_Bytes, 16);
|
||||
|
||||
SBIELOW_CALL(NtFlushInstructionCache)(
|
||||
NtCurrentProcess(), (void*)inject->RtlFindActCtx, 16);
|
||||
#else
|
||||
RegionSize = 12;
|
||||
memcpy((void*)inject->RtlFindActCtx, inject->RtlFindActCtx_Bytes, 12);
|
||||
#endif
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
inject->RtlFindActCtx_Protect, &OldProtect);
|
||||
#else
|
||||
RegionSize = 5;
|
||||
memcpy((void*)inject->RtlFindActCtx, inject->RtlFindActCtx_Bytes, 5);
|
||||
|
||||
((P_NtProtectVirtualMemory)inject->NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
inject->RtlFindActCtx_Protect, &OldProtect);
|
||||
#endif
|
||||
|
||||
//
|
||||
// load kernel32.dll
|
||||
//
|
||||
|
||||
pDllPath = (UNICODE_STRING*)&inject->KernelDll;
|
||||
|
||||
status = ((P_LdrLoadDll)inject->LdrLoadDll)(NULL, 0, pDllPath, &ModuleHandle);
|
||||
|
||||
//
|
||||
// load sbiedll.dll
|
||||
//
|
||||
|
||||
if (status == 0) {
|
||||
|
||||
pDllPath = (UNICODE_STRING*)&inject->SbieDll;
|
||||
|
||||
status = ((P_LdrLoadDll)inject->LdrLoadDll)(NULL, 0, pDllPath, &ModuleHandle);
|
||||
}
|
||||
|
||||
//
|
||||
// get ordinal 1 from sbiedll
|
||||
//
|
||||
|
||||
if (status == 0) {
|
||||
|
||||
status = ((P_LdrGetProcedureAddress)inject->LdrGetProcAddr)(ModuleHandle, NULL, 1, (ULONG_PTR*)&SbieDllOrdinal1);
|
||||
#ifdef _M_ARM64
|
||||
//
|
||||
// on ARM64EC we hook the native code, hence we need to obtain the address of the native ordinal 1 from our SbieDll.dll
|
||||
// instead of the FFS sequence as given by NtGetProcedureAddress when in ARM64EC mode
|
||||
//
|
||||
|
||||
if (data->flags.is_arm64ec && status >= 0) {
|
||||
*FunctionAddress = Hook_GetFFSTarget(*FunctionAddress);
|
||||
if (!*FunctionAddress)
|
||||
return STATUS_ENTRYPOINT_NOT_FOUND;
|
||||
SbieDllOrdinal1 = (P_Dll_Ordinal1)Hook_GetFFSTarget((UCHAR*)SbieDllOrdinal1);
|
||||
//if (!SbieDllOrdinal1)
|
||||
// status = STATUS_ENTRYPOINT_NOT_FOUND;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
//
|
||||
// call ordinal 1 of sbiedll.dll
|
||||
//
|
||||
|
||||
if (status == 0) {
|
||||
|
||||
SbieDllOrdinal1(inject);
|
||||
}
|
||||
|
||||
//
|
||||
// or report error if one occurred instead
|
||||
//
|
||||
|
||||
else {
|
||||
|
||||
wchar_t text[] = { 0 };
|
||||
SbieApi_LogMsg(inject->NtDeviceIoControlFile, inject->api_device_handle, 2181, text);
|
||||
|
||||
status = 0xC0000142; // = STATUS_DLL_INIT_FAILED
|
||||
ULONG_PTR Parameters[1] = { (ULONG_PTR)pDllPath };
|
||||
ULONG ErrorReturn;
|
||||
((P_NtRaiseHardError)inject->NtRaiseHardError)(
|
||||
status | 0x10000000, // | FORCE_ERROR_MESSAGE_BOX
|
||||
1, 1, Parameters, 1, &ErrorReturn);
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// InitInject
|
||||
|
@ -216,7 +335,7 @@ _FX void InitInject(SBIELOW_DATA *data, void *DetourCode)
|
|||
SYSCALL_DATA* syscall_data;
|
||||
INJECT_DATA *inject;
|
||||
SBIELOW_EXTRA_DATA *extra;
|
||||
UCHAR *LdrCode, *MyHookCode;
|
||||
UCHAR *HookTarget, *HookCode;
|
||||
void *RegionBase;
|
||||
SIZE_T RegionSize;
|
||||
ULONG OldProtect;
|
||||
|
@ -264,12 +383,12 @@ _FX void InitInject(SBIELOW_DATA *data, void *DetourCode)
|
|||
//ntdll_base = (void *)(ULONG_PTR)ntdll32_base;
|
||||
|
||||
//
|
||||
// (prior to Windows 8, the base address of ntdll32 is recorded
|
||||
// (Prior to Windows 8, the base address of ntdll32 is recorded
|
||||
// in offset 0x036C of the KUSER_SHARED_DATA structure, which always
|
||||
// has a fixed base address of 0x7FFE0000. this is not available
|
||||
// has a fixed base address of 0x7FFE0000. This is not available
|
||||
// in Windows 8, so we have to rely on the driver to track this
|
||||
// base address via Process_NotifyImage in core/drv/process.c.
|
||||
// so we might as well use this approach for all 64-bit Windows.)
|
||||
// So we might as well use this approach for all 64-bit Windows.)
|
||||
//
|
||||
//ULONG ntdll32_base = *(ULONG *)(0x7FFE0000 + 0x036C);
|
||||
//ntdll_base = (void *)(ULONG_PTR)ntdll32_base;
|
||||
|
@ -284,67 +403,65 @@ _FX void InitInject(SBIELOW_DATA *data, void *DetourCode)
|
|||
// and RtlFindActivationContextSectionString
|
||||
//
|
||||
|
||||
LdrCode = FindDllExport(ntdll_base,
|
||||
inject->LdrLoadDll = (ULONG_PTR)FindDllExport(ntdll_base,
|
||||
(UCHAR *)extra + extra->LdrLoadDll_offset, &uError);
|
||||
if (!LdrCode) {
|
||||
#ifdef _M_ARM64
|
||||
if (inject->LdrLoadDll && data->flags.is_arm64ec)
|
||||
inject->LdrLoadDll = (ULONG_PTR)Hook_GetFFSTarget((UCHAR*)inject->LdrLoadDll);
|
||||
#endif
|
||||
if (!inject->LdrLoadDll) {
|
||||
SbieApi_DebugError(data, (0x01 << 4) | uError);
|
||||
return;
|
||||
}
|
||||
#ifdef _M_ARM64
|
||||
if (data->flags.is_arm64ec)
|
||||
LdrCode = Hook_GetFFSTarget(LdrCode);
|
||||
#endif
|
||||
if (!LdrCode) {
|
||||
SbieApi_DebugError(data, 0x01d);
|
||||
return;
|
||||
}
|
||||
inject->LdrLoadDll = (ULONG_PTR)LdrCode;
|
||||
|
||||
LdrCode = FindDllExport(ntdll_base,
|
||||
inject->LdrGetProcAddr = (ULONG_PTR)FindDllExport(ntdll_base,
|
||||
(UCHAR *)extra + extra->LdrGetProcAddr_offset, &uError);
|
||||
if (!LdrCode) {
|
||||
#ifdef _M_ARM64
|
||||
if (inject->LdrGetProcAddr && data->flags.is_arm64ec)
|
||||
inject->LdrGetProcAddr = (ULONG_PTR)Hook_GetFFSTarget((UCHAR*)inject->LdrGetProcAddr);
|
||||
#endif
|
||||
if (!inject->LdrGetProcAddr) {
|
||||
SbieApi_DebugError(data, (0x02 << 4) | uError);
|
||||
return;
|
||||
}
|
||||
#ifdef _M_ARM64
|
||||
if (data->flags.is_arm64ec)
|
||||
LdrCode = Hook_GetFFSTarget(LdrCode);
|
||||
#endif
|
||||
if (!LdrCode) {
|
||||
SbieApi_DebugError(data, 0x02d);
|
||||
return;
|
||||
}
|
||||
inject->LdrGetProcAddr = (ULONG_PTR)LdrCode;
|
||||
|
||||
#ifdef _M_ARM64
|
||||
|
||||
//
|
||||
// on ARM64EC we hook the native code hence we need the custom MyGetProcedureAddress
|
||||
// to obtain the address of the native original 1 from our SbieDll.dll
|
||||
// instead of the FFS sequence as given by NtGetProcedureAddress
|
||||
//
|
||||
|
||||
inject->MyGetProcAddr = (ULONG_PTR)MyGetProcedureAddress;
|
||||
#endif
|
||||
|
||||
#ifdef _WIN64
|
||||
if (data->flags.is_wow64) {
|
||||
LdrCode = FindDllExport(ntdll_base,
|
||||
(UCHAR*)extra + extra->NtRaiseHardError_offset, &uError);
|
||||
if (!LdrCode) {
|
||||
|
||||
inject->NtProtectVirtualMemory = (ULONG_PTR)FindDllExport(ntdll_base,
|
||||
(UCHAR*)extra + extra->NtProtectVirtualMemory_offset, &uError);
|
||||
if (!inject->NtProtectVirtualMemory) {
|
||||
SbieApi_DebugError(data, (0x03 << 4) | uError);
|
||||
return;
|
||||
}
|
||||
inject->NtRaiseHardError = (ULONG_PTR)LdrCode;
|
||||
|
||||
inject->NtRaiseHardError = (ULONG_PTR)FindDllExport(ntdll_base,
|
||||
(UCHAR*)extra + extra->NtRaiseHardError_offset, &uError);
|
||||
if (!inject->NtRaiseHardError) {
|
||||
SbieApi_DebugError(data, (0x04 << 4) | uError);
|
||||
return;
|
||||
}
|
||||
|
||||
inject->NtDeviceIoControlFile = (ULONG_PTR)FindDllExport(ntdll_base,
|
||||
(UCHAR*)extra + extra->NtDeviceIoControlFile_offset, &uError);
|
||||
if (!inject->NtDeviceIoControlFile) {
|
||||
SbieApi_DebugError(data, (0x05 << 4) | uError);
|
||||
return;
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif
|
||||
|
||||
{
|
||||
//
|
||||
// for ARM64EC we need native functions, FindDllExport can manage FFS's
|
||||
// for ARM64EC we need native functions, FindDllExport can manage FFS
|
||||
// however this does not work for syscalls, hence we use the native function directly
|
||||
//
|
||||
|
||||
inject->NtProtectVirtualMemory = data->NativeNtProtectVirtualMemory;
|
||||
inject->NtRaiseHardError = data->NativeNtRaiseHardError;
|
||||
inject->NtDeviceIoControlFile = data->NtDeviceIoControlFile;
|
||||
}
|
||||
inject->api_device_handle = data->api_device_handle;
|
||||
|
||||
#ifdef _M_ARM64
|
||||
|
||||
|
@ -355,226 +472,168 @@ _FX void InitInject(SBIELOW_DATA *data, void *DetourCode)
|
|||
//
|
||||
|
||||
if (!data->flags.is_wow64)
|
||||
LdrCode = (UCHAR*)inject->LdrLoadDll;
|
||||
HookTarget = (UCHAR*)inject->LdrLoadDll;
|
||||
else
|
||||
#endif
|
||||
{
|
||||
LdrCode = FindDllExport(ntdll_base,
|
||||
HookTarget = FindDllExport(ntdll_base,
|
||||
(UCHAR *)extra + extra->RtlFindActCtx_offset, &uError);
|
||||
if (!LdrCode) {
|
||||
SbieApi_DebugError(data, (0x04 << 4) | uError);
|
||||
if (!HookTarget) {
|
||||
SbieApi_DebugError(data, (0x05 << 4) | uError);
|
||||
return;
|
||||
}
|
||||
}
|
||||
inject->RtlFindActCtx = (ULONG_PTR)LdrCode;
|
||||
inject->RtlFindActCtx = (ULONG_PTR)HookTarget;
|
||||
|
||||
|
||||
//
|
||||
// prepare unicode strings
|
||||
//
|
||||
|
||||
inject->KernelDll_Length = (USHORT)extra->KernelDll_length;
|
||||
inject->KernelDll_MaxLen = inject->KernelDll_Length + sizeof(WCHAR);
|
||||
inject->KerneDll_Buf32 =
|
||||
inject->KernelDll.Length = (USHORT)extra->KernelDll_length;
|
||||
inject->KernelDll.MaxLen = inject->KernelDll.Length + sizeof(WCHAR);
|
||||
inject->KernelDll.Buf32 =
|
||||
(ULONG)((ULONG_PTR)extra + extra->KernelDll_offset);
|
||||
inject->KerneDll_Buf64 =
|
||||
(ULONG64)((ULONG_PTR)extra + extra->KernelDll_offset);
|
||||
|
||||
|
||||
#ifdef _WIN64
|
||||
if (data->flags.is_wow64) {
|
||||
inject->KernelDll.Buf64 =
|
||||
(ULONG64)((ULONG_PTR)extra + extra->KernelDll_offset);
|
||||
#endif
|
||||
|
||||
InitInjectWow64(data);
|
||||
return;
|
||||
}
|
||||
#endif _WIN64
|
||||
//
|
||||
// select the right version of SbieDll.dll
|
||||
//
|
||||
|
||||
#ifdef _M_ARM64
|
||||
if (data->flags.is_arm64ec) {
|
||||
|
||||
inject->SbieDll_Length = (SHORT)extra->Arm64ecSbieDll_length;
|
||||
inject->SbieDll_MaxLen = inject->SbieDll_Length + sizeof(WCHAR);
|
||||
inject->SbieDll_Buf64 =
|
||||
inject->SbieDll.Length = (SHORT)extra->Arm64ecSbieDll_length;
|
||||
inject->SbieDll.MaxLen = inject->SbieDll.Length + sizeof(WCHAR);
|
||||
inject->SbieDll.Buf64 =
|
||||
(ULONG64)((ULONG_PTR)extra + extra->Arm64ecSbieDll_offset);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef _WIN64
|
||||
if (data->flags.is_wow64)
|
||||
{
|
||||
inject->SbieDll_Length = (SHORT)extra->NativeSbieDll_length;
|
||||
inject->SbieDll_MaxLen = inject->SbieDll_Length + sizeof(WCHAR);
|
||||
inject->SbieDll_Buf32 =
|
||||
(ULONG)((ULONG_PTR)extra + extra->NativeSbieDll_offset);
|
||||
inject->SbieDll_Buf64 =
|
||||
(ULONG64)((ULONG_PTR)extra + extra->NativeSbieDll_offset);
|
||||
inject->SbieDll.Length = (SHORT)extra->Wow64SbieDll_length;
|
||||
inject->SbieDll.MaxLen = inject->SbieDll.Length + sizeof(WCHAR);
|
||||
inject->SbieDll.Buf32 =
|
||||
(ULONG)((ULONG_PTR)extra + extra->Wow64SbieDll_offset);
|
||||
}
|
||||
|
||||
|
||||
//
|
||||
// select version of RtlFindActivationContextSectionString detour code:
|
||||
// because both the 32-bit and 64-bit versions of this SbieLow code must
|
||||
// handle 32-bit programs, both versions include the 32-bit detour code.
|
||||
// (see entry.asm)
|
||||
//
|
||||
|
||||
|
||||
//
|
||||
// modify our RtlFindActivationContextSectionString detour code in
|
||||
// entry.asm to include a hard coded pointer to the inject data area.
|
||||
|
||||
#ifdef _M_ARM64
|
||||
|
||||
MyHookCode = (UCHAR *) DetourCode;
|
||||
RegionBase = (void *)(MyHookCode - 8);
|
||||
RegionSize = sizeof(ULONG_PTR);
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
|
||||
*(ULONG_PTR *)(MyHookCode - 8) = (ULONG_PTR)inject;
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
OldProtect, &OldProtect);
|
||||
|
||||
RegionBase = (void *)&LdrCode[0]; // RtlFindActCtx
|
||||
RegionSize = 16;
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &inject->RtlFindActCtx_Protect);
|
||||
memcpy(&inject->RtlFindActCtx_Bytes, LdrCode, 16);
|
||||
|
||||
ULONG* aCode = (ULONG*)LdrCode;
|
||||
*aCode++ = 0x58000048; // ldr x8, 8
|
||||
*aCode++ = 0xD61F0100; // br x8
|
||||
*(DWORD64*)aCode = (DWORD64)MyHookCode;
|
||||
|
||||
SBIELOW_CALL(NtFlushInstructionCache)(
|
||||
NtCurrentProcess(), RegionBase, (ULONG)RegionSize);
|
||||
|
||||
#elif _WIN64
|
||||
|
||||
MyHookCode = (UCHAR *) DetourCode;
|
||||
RegionBase = (void *)(MyHookCode - 8);
|
||||
RegionSize = sizeof(ULONG_PTR);
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
|
||||
*(ULONG_PTR *)(MyHookCode - 8) = (ULONG_PTR)inject;
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
OldProtect, &OldProtect);
|
||||
|
||||
RegionBase = (void *)&LdrCode[0]; // RtlFindActCtx
|
||||
RegionSize = 12;
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &inject->RtlFindActCtx_Protect);
|
||||
memcpy(&inject->RtlFindActCtx_Bytes, LdrCode, 12);
|
||||
|
||||
LdrCode[0] = 0x48;
|
||||
LdrCode[1] = 0xb8;
|
||||
*(ULONG_PTR *)&LdrCode[2] = (ULONG_PTR)MyHookCode;
|
||||
LdrCode[10] = 0xff;
|
||||
LdrCode[11] = 0xe0;
|
||||
|
||||
else
|
||||
#endif
|
||||
{
|
||||
inject->SbieDll.Length = (SHORT)extra->NativeSbieDll_length;
|
||||
inject->SbieDll.MaxLen = inject->SbieDll.Length + sizeof(WCHAR);
|
||||
#ifdef _WIN64
|
||||
inject->SbieDll.Buf64 =
|
||||
(ULONG64)((ULONG_PTR)extra + extra->NativeSbieDll_offset);
|
||||
#else
|
||||
|
||||
MyHookCode = (UCHAR *)DetourCode;
|
||||
RegionBase = (void *)(MyHookCode + 1);
|
||||
RegionSize = sizeof(ULONG_PTR);
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
|
||||
*(ULONG *)(MyHookCode + 1) = (ULONG)(ULONG_PTR)inject;
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
OldProtect, &OldProtect);
|
||||
|
||||
RegionBase = (void *)LdrCode; // RtlFindActCtx
|
||||
RegionSize = 5;
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &inject->RtlFindActCtx_Protect);
|
||||
|
||||
memcpy(&inject->RtlFindActCtx_Bytes, LdrCode, 5);
|
||||
|
||||
LdrCode[0] = 0xE9;
|
||||
*(ULONG *)&LdrCode[1] = (ULONG)(MyHookCode - (LdrCode + 5));
|
||||
|
||||
inject->SbieDll.Buf32 =
|
||||
(ULONG)((ULONG_PTR)extra + extra->NativeSbieDll_offset);
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// InitInjectWow64
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
//
|
||||
// modify our detour code in entry.asm to include a hard coded pointer to the inject data area.
|
||||
//
|
||||
|
||||
#ifdef _WIN64
|
||||
_FX void InitInjectWow64(SBIELOW_DATA *data)
|
||||
if (!data->flags.is_wow64) {
|
||||
|
||||
#ifdef _M_ARM64
|
||||
|
||||
HookCode = (UCHAR*)DetourCode;
|
||||
RegionBase = (void*)(HookCode - 8);
|
||||
RegionSize = sizeof(ULONG_PTR);
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
|
||||
*(ULONG_PTR*)(HookCode - 8) = (ULONG_PTR)inject;
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
OldProtect, &OldProtect);
|
||||
|
||||
RegionBase = (void*)&HookTarget[0]; // RtlFindActCtx
|
||||
RegionSize = 16;
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &inject->RtlFindActCtx_Protect);
|
||||
memcpy(inject->RtlFindActCtx_Bytes, HookTarget, 16);
|
||||
|
||||
ULONG* aCode = (ULONG*)HookTarget;
|
||||
*aCode++ = 0x58000048; // ldr x8, 8
|
||||
*aCode++ = 0xD61F0100; // br x8
|
||||
*(DWORD64*)aCode = (DWORD64)HookCode;
|
||||
|
||||
SBIELOW_CALL(NtFlushInstructionCache)(
|
||||
NtCurrentProcess(), RegionBase, (ULONG)RegionSize);
|
||||
|
||||
#else
|
||||
|
||||
HookCode = (UCHAR*)DetourCode;
|
||||
RegionBase = (void*)(HookCode - 8);
|
||||
RegionSize = sizeof(ULONG_PTR);
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
|
||||
*(ULONG_PTR*)(HookCode - 8) = (ULONG_PTR)inject;
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
OldProtect, &OldProtect);
|
||||
|
||||
RegionBase = (void*)&HookTarget[0]; // RtlFindActCtx
|
||||
RegionSize = 12;
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &inject->RtlFindActCtx_Protect);
|
||||
memcpy(inject->RtlFindActCtx_Bytes, HookTarget, 12);
|
||||
|
||||
HookTarget[0] = 0x48;
|
||||
HookTarget[1] = 0xb8;
|
||||
*(ULONG_PTR*)&HookTarget[2] = (ULONG_PTR)HookCode;
|
||||
HookTarget[10] = 0xff;
|
||||
HookTarget[11] = 0xe0;
|
||||
|
||||
#endif
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
SYSCALL_DATA* syscall_data;
|
||||
INJECT_DATA *inject;
|
||||
SBIELOW_EXTRA_DATA *extra;
|
||||
UCHAR *LdrCode, *MyCode;
|
||||
void *RegionBase;
|
||||
SIZE_T RegionSize;
|
||||
HookCode = (UCHAR*)data->ptr_32bit_detour;
|
||||
#else
|
||||
{
|
||||
HookCode = (UCHAR*)DetourCode;
|
||||
#endif
|
||||
RegionBase = (void*)(HookCode + 1);
|
||||
RegionSize = sizeof(ULONG_PTR);
|
||||
|
||||
//
|
||||
// find inject and extra data areas, same as in InitInject()
|
||||
//
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &OldProtect);
|
||||
|
||||
syscall_data = (SYSCALL_DATA *)data->syscall_data;
|
||||
*(ULONG*)(HookCode + 1) = (ULONG)(ULONG_PTR)inject;
|
||||
|
||||
extra = (SBIELOW_EXTRA_DATA *) (data->syscall_data + syscall_data->extra_data_offset);
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
OldProtect, &OldProtect);
|
||||
|
||||
inject = (INJECT_DATA *) ((UCHAR *)extra + extra->InjectData_offset);
|
||||
|
||||
//
|
||||
// prepare unicode strings
|
||||
//
|
||||
|
||||
inject->SbieDll_Length = (SHORT)extra->Wow64SbieDll_length;
|
||||
inject->SbieDll_MaxLen = inject->SbieDll_Length + sizeof(WCHAR);
|
||||
inject->SbieDll_Buf32 =
|
||||
(ULONG)((ULONG_PTR)extra + extra->Wow64SbieDll_offset);
|
||||
|
||||
//
|
||||
// the service fills INJECT_DATA.DetourCode_x86 with the right non native code
|
||||
//
|
||||
|
||||
MyCode = inject->DetourCode_x86;
|
||||
|
||||
//
|
||||
// modify our copied detour code to include a hard coded pointer to
|
||||
// the inject data area (which is the syscall data area)
|
||||
//
|
||||
|
||||
*(ULONG *)(MyCode + 1) = (ULONG)(ULONG_PTR)inject;
|
||||
|
||||
//
|
||||
// hook the top of RtlFindActivationContextSectionString
|
||||
// to jump to our copied detour
|
||||
//
|
||||
|
||||
LdrCode = (UCHAR *)inject->RtlFindActCtx;
|
||||
|
||||
RegionBase = (void *)LdrCode;
|
||||
RegionBase = (void*)HookTarget; // RtlFindActCtx
|
||||
RegionSize = 5;
|
||||
|
||||
SBIELOW_CALL(NtProtectVirtualMemory)(
|
||||
NtCurrentProcess(), &RegionBase, &RegionSize,
|
||||
PAGE_EXECUTE_READWRITE, &inject->RtlFindActCtx_Protect);
|
||||
|
||||
memcpy(&inject->RtlFindActCtx_Bytes, LdrCode, 5);
|
||||
memcpy(inject->RtlFindActCtx_Bytes, HookTarget, 5);
|
||||
|
||||
LdrCode[0] = 0xE9;
|
||||
*(ULONG *)&LdrCode[1] = (ULONG)(MyCode - (LdrCode + 5));
|
||||
HookTarget[0] = 0xE9;
|
||||
*(ULONG*)&HookTarget[1] = (ULONG)(HookCode - (HookTarget + 5));
|
||||
}
|
||||
}
|
||||
#endif _WIN64
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
* Copyright 2020-2022 David Xanatos, xanasoft.com
|
||||
* Copyright 2020-2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
@ -103,16 +103,16 @@ typedef struct _SBIELOW_DATA {
|
|||
|
||||
ULONG64 RealNtDeviceIoControlFile; // offset 224
|
||||
ULONG64 NtDeviceIoControlFile; // for ARM64 // offset 232
|
||||
ULONG64 NativeNtRaiseHardError; // offset 240
|
||||
ULONG64 NativeNtProtectVirtualMemory; // offset 240
|
||||
ULONG64 NativeNtRaiseHardError; // offset 248
|
||||
|
||||
ULONG64 pSystemService;
|
||||
|
||||
ULONG64 DebugData[16];
|
||||
|
||||
#ifdef _WIN64
|
||||
SBIELOW_J_TABLE * Sbie64bitJumpTable;
|
||||
|
||||
ULONG64 ntdll_wow64_base;
|
||||
ULONG64 ptr_32bit_detour;
|
||||
#endif
|
||||
|
||||
#ifdef _M_ARM64
|
||||
|
@ -142,7 +142,9 @@ typedef struct _SBIELOW_EXTRA_DATA {
|
|||
|
||||
ULONG LdrLoadDll_offset;
|
||||
ULONG LdrGetProcAddr_offset;
|
||||
ULONG NtProtectVirtualMemory_offset;
|
||||
ULONG NtRaiseHardError_offset;
|
||||
ULONG NtDeviceIoControlFile_offset;
|
||||
ULONG RtlFindActCtx_offset;
|
||||
#ifdef _M_ARM64
|
||||
ULONG RtlImageOptionsEx_offset;
|
||||
|
@ -206,51 +208,45 @@ typedef struct _SYSCALL_DATA32 { // win32u.dll
|
|||
|
||||
} SYSCALL_DATA32;
|
||||
|
||||
//
|
||||
// UNICIDE_STRING compatible with 32 and 64 bit API
|
||||
//
|
||||
|
||||
typedef struct _UNIVERSAL_STRING {
|
||||
USHORT Length;
|
||||
USHORT MaxLen;
|
||||
ULONG Buf32;
|
||||
ULONG64 Buf64;
|
||||
} UNIVERSAL_STRING;
|
||||
|
||||
|
||||
//
|
||||
// temporary data used by the Detour Code any changed to
|
||||
// this structure must be synchronized with all 3 versions of the
|
||||
// Detour Code as well as with the binary copies of the x86 and x64 code
|
||||
//
|
||||
// entry_asm.asm, entry_arm.asm and lowlevel_code.c
|
||||
// in entry_asm.asm and entry_arm.asm
|
||||
//
|
||||
|
||||
typedef struct _INJECT_DATA {
|
||||
|
||||
ULONG64 sbielow_data; // 0
|
||||
|
||||
union {
|
||||
ULONG64 LdrLoadDll; // 8
|
||||
ULONG64 RtlFindActCtx_SavedArg1; // todo: split this
|
||||
};
|
||||
ULONG64 LdrGetProcAddr; // 16
|
||||
ULONG64 NtRaiseHardError; // 24
|
||||
ULONG64 RtlFindActCtx; // 32
|
||||
ULONG64 RtlFindActCtx; // 8
|
||||
ULONG RtlFindActCtx_Protect;
|
||||
UCHAR RtlFindActCtx_Bytes[20];
|
||||
|
||||
ULONG RtlFindActCtx_Protect; // 40
|
||||
UCHAR RtlFindActCtx_Bytes[20]; // 44
|
||||
ULONG64 LdrLoadDll;
|
||||
ULONG64 LdrGetProcAddr;
|
||||
ULONG64 NtProtectVirtualMemory;
|
||||
ULONG64 NtRaiseHardError;
|
||||
ULONG64 NtDeviceIoControlFile;
|
||||
ULONG64 api_device_handle;
|
||||
|
||||
USHORT KernelDll_Length; // 64
|
||||
USHORT KernelDll_MaxLen;
|
||||
ULONG KerneDll_Buf32;
|
||||
ULONG64 KerneDll_Buf64;
|
||||
|
||||
USHORT SbieDll_Length; // 80
|
||||
USHORT SbieDll_MaxLen;
|
||||
ULONG SbieDll_Buf32;
|
||||
ULONG64 SbieDll_Buf64;
|
||||
|
||||
ULONG64 ModuleHandle; // 96
|
||||
ULONG64 SbieDllOrdinal1; // 104
|
||||
|
||||
ULONG64 MyGetProcAddr; // 112
|
||||
|
||||
#ifdef _WIN64
|
||||
UCHAR DetourCode_x86[128]; // 120
|
||||
#endif _WIN64
|
||||
UNIVERSAL_STRING KernelDll;
|
||||
UNIVERSAL_STRING SbieDll;
|
||||
|
||||
} INJECT_DATA;
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
|
|
@ -1,279 +0,0 @@
|
|||
/*
|
||||
* Copyright 2004-2020 Sandboxie Holdings, LLC
|
||||
* Copyright 2020-2022 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifdef _WIN64
|
||||
|
||||
//
|
||||
// we need the 32-bit version of RtlFindActivationContextSectionString
|
||||
// on both 32-bit and 64-bit versions of SbieLow, because of wow64
|
||||
//
|
||||
// it will not compile correctly as assembly on 64-bit, so we simply
|
||||
// dump the machine code bytes here
|
||||
//
|
||||
|
||||
UCHAR SbieDll_ShellCode_x86[] =
|
||||
{
|
||||
0xBA, 0, 0, 0, 0, // mov edx, 0 ; edx -> inject data area
|
||||
|
||||
//0xCC, // int3
|
||||
|
||||
0x56, // push esi
|
||||
0x8B, 0xF2, // mov esi, edx ; esi -> inject data area
|
||||
|
||||
//
|
||||
// restore bytes
|
||||
//
|
||||
|
||||
0x8B, 0x46, 0x20, // mov eax,dword ptr [esi+20h] ; ... [esi].InjectData.RtlFindActCtx
|
||||
0x8A, 0x56, 0x2C, // mov dl,byte ptr [esi+2Ch] ; ... [esi].InjectData.RtlFindActCtx_Bytes
|
||||
0x88, 0x10, // mov byte ptr [eax],dl
|
||||
0x8B, 0x56, 0x2D, // mov edx,dword ptr [esi+2Dh] ; ... [esi].InjectData.RtlFindActCtx_Bytes+1
|
||||
0x89, 0x50, 0x01, // mov dword ptr [eax+1],edx
|
||||
|
||||
//
|
||||
// call LdrLoadDll for kernel32
|
||||
//
|
||||
|
||||
0xb9, 0x10, 0, 0, 0, // mov ecx, 10h
|
||||
// LdrLoadDll_Retry:
|
||||
//for(i = 0; i < 0x10; i++) {
|
||||
0x51, // push ecx
|
||||
0x8D, 0x46, 0x60, // lea eax,[esi+60h] ; ... [esi].InjectData.ModuleHandle
|
||||
0x50, // push eax
|
||||
0x8D, 0x46, 0x40, // lea eax,[esi+40h] ; ... [esi].InjectData.KernelDll_Unicode
|
||||
0x50, // push eax
|
||||
0x6A, 0x00, // push 0
|
||||
0x6A, 0x00, // push 0
|
||||
0xFF, 0x56, 0x08, // call dword ptr [esi+8] ; ... [esi].InjectData.LdrLoadDll
|
||||
0x59, // pop ecx
|
||||
0x85, 0xC0, // test eax,eax
|
||||
0x74, 0x04, // jz LdrLoadDll_Good
|
||||
//}
|
||||
0xE2, 0xE9, // loop LdrLoadDll_Retry
|
||||
0xEB, 0x34, // jmp error
|
||||
// LdrLoadDll_Good:
|
||||
|
||||
//
|
||||
// call LdrLoadDll for sbiedll
|
||||
//
|
||||
|
||||
0x8D, 0x46, 0x60, // lea eax,[esi+60h] ; ... [esi].InjectData.ModuleHandle
|
||||
0x50, // push eax
|
||||
0x8D, 0x46, 0x50, // lea eax,[esi+50h] ; ... [esi].InjectData.SbieDll_Unicode
|
||||
0x50, // push eax
|
||||
0x6A, 0x00, // push 0
|
||||
0x6A, 0x00, // push 0
|
||||
0xFF, 0x56, 0x08, // call dword ptr [esi+8] ; ... [esi].InjectData.LdrLoadDll
|
||||
|
||||
0x85, 0xC0, // test eax,eax
|
||||
0x75, 0x21, // jnz RtlFindActivationContextSectionStringError
|
||||
|
||||
//
|
||||
// call LdrGetProcedureAddress for sbiedll ordinal 1,
|
||||
// which forces ntdll to initialize sbiedll
|
||||
//
|
||||
|
||||
0x8D, 0x46, 0x68, // lea eax,[esi+68h] ; ... [esi].InjectData.SbieDllOrdinal1
|
||||
0x50, // push eax
|
||||
0x6A, 0x01, // push 1
|
||||
0x6A, 0x00, // push 0
|
||||
0xFF, 0x76, 0x60, // push dword ptr [esi+60h] ; ... [esi].InjectData.ModuleHandle
|
||||
0xFF, 0x56, 0x10, // call dword ptr [esi+10h] ; ... [esi].InjectData.LdrGetProcAddr
|
||||
|
||||
0x85, 0xC0, // test eax,eax
|
||||
0x75, 0x0F, // jnz RtlFindActivationContextSectionStringError
|
||||
|
||||
//
|
||||
// pass control to ordinal 1 ...
|
||||
//
|
||||
|
||||
0x8B, 0xC6, // mov eax, esi
|
||||
0x87, 0x44, 0x24, 0x08, // xchg eax, dword ptr [esp+8]
|
||||
0x89, 0x46, 0x08, // mov dword ptr [esi+8],eax ; ... [esi].InjectData.LdrLoadDll ...
|
||||
0x8B, 0xC6, // mov eax, esi
|
||||
0x5E, // pop esi
|
||||
0xFF, 0x60, 0x68, // jmp dword ptr [eax+68h] ; ... [eax].InjectData.SbieDllOrdinal1
|
||||
|
||||
//
|
||||
// display error message ...
|
||||
//
|
||||
|
||||
// RtlFindActivationContextSectionStringError:
|
||||
0x50, // push eax
|
||||
|
||||
0x8D, 0x56, 0x50, // lea edx,[esi+50h] ; ... [esi].InjectData.SbieDll_Unicode
|
||||
0x89, 0x56, 0x08, // mov dword ptr [esi+8],edx ; ... [esi].InjectData.LdrLoadDll ...
|
||||
|
||||
0x8d, 0x56, 0x10, // lea edx,[esi+10h] ; ... [esi].InjectData.LdrGetProcAddr
|
||||
0x52, // push edx
|
||||
0x6A, 0x01, // push 1
|
||||
0x8D, 0x56, 0x08, // lea edx,[esi+8] ; ... [esi].InjectData.LdrLoadDll
|
||||
0x52, // push edx
|
||||
0x6A, 0x01, // push 1
|
||||
0x6A, 0x01, // push 1
|
||||
0x68, 0x42, 0x01, 0x00, 0xD0, // push 0D0000142h
|
||||
0xFF, 0x56, 0x18, // call dword ptr [esi+18h] ; ... [esi].InjectData.NtRaiseHardError
|
||||
|
||||
0x58, // pop eax
|
||||
0x5E, // pop esi
|
||||
0xC2, 0x14, 0 // ret 14h
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef _M_ARM64
|
||||
|
||||
//
|
||||
// we need the x64 version of RtlFindActivationContextSectionString
|
||||
//
|
||||
// it will not compile correctly as assembly on arm64, so we simply
|
||||
// dump the machine code bytes here
|
||||
//
|
||||
|
||||
//UCHAR SbieDll_ShellCode_x64[] =
|
||||
//{
|
||||
//
|
||||
// 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // inject data area address
|
||||
//
|
||||
// 0x48, 0x8B, 0x05, 0xF1, 0xFF, 0xFF, 0xFF, // mov rax, qword ptr [rip - 0xf] ; rax -> inject data area
|
||||
//
|
||||
// // 0xCC, // int3
|
||||
//
|
||||
// 0x56, // push rsi ; save rsi, and align stack
|
||||
// 0x48, 0x83, 0xEC, 0x40, // sub rsp, 0x40 ; set up local stack
|
||||
//
|
||||
// 0x48, 0x89, 0x4C, 0x24, 0x20, // mov qword ptr [rsp + 0x20], rcx
|
||||
// 0x48, 0x89, 0x54, 0x24, 0x28, // mov qword ptr [rsp + 0x28], rdx
|
||||
// 0x4C, 0x89, 0x44, 0x24, 0x30, // mov qword ptr [rsp + 0x30], r8
|
||||
// 0x4C, 0x89, 0x4C, 0x24, 0x38, // mov qword ptr [rsp + 0x38], r9
|
||||
//
|
||||
// 0x48, 0x8B, 0xF0, // mov rsi, rax ; rsi -> inject data area
|
||||
//
|
||||
// 0x48, 0x8B, 0x46, 0x20, // mov rax, qword ptr [rsi + 0x20] ; ... [rsi].InjectData.RtlFindActCtx
|
||||
//
|
||||
// // replace 12bytes
|
||||
// 0x48, 0x8B, 0x56, 0x2C, // mov rdx, qword ptr [rsi + 0x2c] ; ... [rsi].InjectData.RtlFindActCtx_Bytes
|
||||
// 0x48, 0x89, 0x10, // mov qword ptr [rax], rdx
|
||||
// 0x8B, 0x56, 0x34, // mov edx, dword ptr [rsi + 0x34] ; ... [rsi].InjectData.RtlFindActCtx_Bytes + 8
|
||||
// 0x89, 0x50, 0x08, // mov dword ptr [rax + 8], edx
|
||||
//
|
||||
// //
|
||||
// // call LdrLoadDll for kernel32
|
||||
// //
|
||||
// //// retry loop
|
||||
// 0x48, 0x89, 0x5E, 0x2C, // mov qword ptr [rsi + 0x2c], rbx ; ... [rsi].InjectData.RtlFindActCtx_Bytes ...
|
||||
// 0x48, 0xC7, 0xC3, 0x10, 0x00, 0x00, 0x00, // mov rbx, 0x10
|
||||
//
|
||||
// // LdrLoadRetry:
|
||||
// 0x48, 0x33, 0xC9, // xor rcx, rcx
|
||||
// 0x48, 0x33, 0xD2, // xor rdx, rdx
|
||||
// 0x4C, 0x8D, 0x46, 0x40, // lea r8, [rsi + 0x40] ; ... [rsi].InjectData.KernelDll_Unicode
|
||||
// 0x4C, 0x8D, 0x4E, 0x60, // lea r9, [rsi + 0x60] ; ... [rsi].InjectData.ModuleHandle
|
||||
// //cmp rbx,1
|
||||
// //jnz LdrTestLoop
|
||||
// 0xFF, 0x56, 0x08, // call qword ptr [rsi + 8] ; ... [rsi].InjectData.LdrLoadDll
|
||||
// 0x85, 0xC0, // test eax, eax
|
||||
// 0x74, 0x0A, // je 0x5e ; LdrLoadGood
|
||||
// ////LdrTestLoop:
|
||||
// 0x48, 0xFF, 0xCB, // dec rbx
|
||||
// 0x48, 0x85, 0xDB, // test rbx, rbx
|
||||
// 0x75, 0xE3, // jne 0x3f ; ;loop LdrLoadRetry
|
||||
// 0xEB, 0x54, // jmp 0xb2 ; RtlFindActivationContextSectionStringError
|
||||
//
|
||||
// //
|
||||
// // call LdrLoadDll for sbiedll
|
||||
// //
|
||||
// // LdrLoadGood:
|
||||
// 0x48, 0x8B, 0x5E, 0x2C, // mov rbx, qword ptr [rsi + 0x2c] ; ... [rsi].InjectData.RtlFindActCtx_Bytes
|
||||
// 0x48, 0x33, 0xC9, // xor rcx, rcx
|
||||
// 0x48, 0x33, 0xD2, // xor rdx, rdx
|
||||
// 0x4C, 0x8D, 0x46, 0x50, // lea r8, [rsi + 0x50] ; ... [rsi].InjectData.SbieDll_Unicode
|
||||
// 0x4C, 0x8D, 0x4E, 0x60, // lea r9, [rsi + 0x60] ; ... [rsi].InjectData.ModuleHandle
|
||||
// 0xFF, 0x56, 0x08, // call qword ptr [rsi + 8] ; ... [rsi].InjectData.LdrLoadDll
|
||||
//
|
||||
// 0x85, 0xC0, // test eax, eax
|
||||
// 0x75, 0x3B, // jne 0xb2 ; RtlFindActivationContextSectionStringError
|
||||
//
|
||||
// //
|
||||
// // call LdrGetProcedureAddress for sbiedll ordinal 1,
|
||||
// // which forces ntdll to initialize sbiedll
|
||||
// //
|
||||
//
|
||||
// 0x48, 0x8B, 0x4E, 0x60, // mov rcx, qword ptr [rsi + 0x60] ; ... [rsi].InjectData.ModuleHandle
|
||||
// 0x48, 0x33, 0xD2, // xor rdx, rdx
|
||||
// 0x4D, 0x33, 0xC0, // xor r8, r8
|
||||
// 0x49, 0xFF, 0xC0, // inc r8
|
||||
// 0x4C, 0x8D, 0x4E, 0x68, // lea r9, [rsi + 0x68] ; ... [rsi].InjectData.SbieDllOrdinal1
|
||||
// 0xFF, 0x56, 0x10, // call qword ptr [rsi + 0x10] ; ... [rsi].InjectData.LdrGetProcAddr
|
||||
//
|
||||
// 0x85, 0xC0, // test eax, eax
|
||||
// 0x75, 0x23, // jne 0xb2 ; RtlFindActivationContextSectionStringError
|
||||
//
|
||||
// //
|
||||
// // pass control to ordinal 1, which will free the inject
|
||||
// // data area, and pass control to the original function
|
||||
// // RtlFindActivationContextSectionString
|
||||
// //
|
||||
// // note that we need to pass the address of the inject
|
||||
// // data area to ordinal 1, which we do by overwriting the
|
||||
// // first argument. the original argument is saved in
|
||||
// // the inject data area
|
||||
// //
|
||||
//
|
||||
// 0x48, 0x8B, 0x44, 0x24, 0x20, // mov rax, qword ptr [rsp + 0x20]
|
||||
// 0x48, 0x89, 0x46, 0x08, // mov qword ptr [rsi + 8], rax ; ... [rsi].InjectData.LdrLoadDll ...
|
||||
// 0x48, 0x8B, 0xCE, // mov rcx, rsi
|
||||
// 0x48, 0x8B, 0x54, 0x24, 0x28, // mov rdx, qword ptr [rsp + 0x28]
|
||||
// 0x4C, 0x8B, 0x44, 0x24, 0x30, // mov r8, qword ptr [rsp + 0x30]
|
||||
// 0x4C, 0x8B, 0x4C, 0x24, 0x38, // mov r9, qword ptr [rsp + 0x38]
|
||||
//
|
||||
// 0x48, 0x83, 0xC4, 0x40, // add rsp, 0x40
|
||||
// 0x5E, // pop rsi
|
||||
// 0xFF, 0x61, 0x68, // jmp qword ptr [rcx + 0x68] ; [rcx].InjectData.SbieDllOrdinal1
|
||||
//
|
||||
// //
|
||||
// // display error message, invoke NtRaiseHardError(
|
||||
// // NTSTATUS ntstatus_message_code,
|
||||
// // ULONG number_of_parameters_in_list,
|
||||
// // ULONG mask_of_strings_in_list,
|
||||
// // ULONG_PTR *list_of_pointers_to_parameters,
|
||||
// // ULONG response_buttons,
|
||||
// // ULONG *out_response)
|
||||
// //
|
||||
//
|
||||
// //RtlFindActivationContextSectionStringError:
|
||||
//
|
||||
// 0x48, 0x89, 0x44, 0x24, 0x38, // mov qword ptr [rsp + 0x38], rax ; save ntstatus
|
||||
// 0xB9, 0x42, 0x01, 0x00, 0xD0, // mov ecx, 0xd0000142 ; ntstatus_message_code
|
||||
// 0x48, 0x33, 0xD2, // xor rdx, rdx ; number_of_parameters_in_list
|
||||
// 0x48, 0xFF, 0xC2, // inc rdx
|
||||
// 0x4C, 0x8B, 0xC2, // mov r8, rdx ; mask_of_strings_in_list
|
||||
// 0x67, 0x4C, 0x8D, 0x4E, 0x08, // lea r9, [esi + 8] ; ... [esi].InjectData.LdrLoadDll ; list_of_pointers_to_parameters
|
||||
// 0x48, 0x8D, 0x46, 0x50, // lea rax, [rsi + 0x50] ; ... [rsi].InjectData.SbieDll_Unicode
|
||||
// 0x49, 0x89, 0x01, // mov qword ptr [r9], rax
|
||||
// 0x48, 0x89, 0x54, 0x24, 0x20, // mov qword ptr [rsp + 0x20], rdx ; response_buttons - ERROR_OK
|
||||
// 0x48, 0x8D, 0x46, 0x10, // lea rax, [rsi + 0x10] ; ... [rsi].InjectData.LdrGetProcAddr
|
||||
// 0x48, 0x89, 0x44, 0x24, 0x28, // mov qword ptr [rsp + 0x28], rax ; out_response
|
||||
// 0xFF, 0x56, 0x18, // call qword ptr [rsi + 0x18] ; ... [rsi].InjectData.NtRaiseHardError
|
||||
// 0x48, 0x8B, 0x4C, 0x24, 0x38, // mov rcx, qword ptr [rsp + 0x38] ; restore ntstatus
|
||||
// 0x48, 0x83, 0xC4, 0x40, // add rsp, 0x40
|
||||
// 0x5E, // pop rsi
|
||||
// 0xC3 // ret ; return to caller with error
|
||||
//};
|
||||
|
||||
#endif
|
|
@ -2237,7 +2237,7 @@ MSG_HEADER *SbieIniServer::RunSbieCtrl(MSG_HEADER *msg, HANDLE idProcess, bool i
|
|||
NTSTATUS status = STATUS_UNSUCCESSFUL;
|
||||
HANDLE hToken = NULL;
|
||||
BOOL ok = TRUE;
|
||||
WCHAR ctrlName[64] = { 0 };
|
||||
WCHAR ctrlCmd[128] = { 0 };
|
||||
|
||||
//
|
||||
// get token from caller session or caller process. note that on
|
||||
|
@ -2311,19 +2311,19 @@ MSG_HEADER *SbieIniServer::RunSbieCtrl(MSG_HEADER *msg, HANDLE idProcess, bool i
|
|||
bool ok2 = SetUserSettingsSectionName(hToken);
|
||||
if (ok2) {
|
||||
SbieApi_QueryConfAsIs(
|
||||
m_sectionname, _Setting2, 0, ctrlName, sizeof(ctrlName) - 2);
|
||||
m_sectionname, _Setting2, 0, ctrlCmd, sizeof(ctrlCmd) - 2);
|
||||
}
|
||||
else {
|
||||
wcscpy(m_sectionname + 13, L"Default"); // UserSettings_Default
|
||||
SbieApi_QueryConfAsIs(
|
||||
m_sectionname, _Setting2, 0, ctrlName, sizeof(ctrlName) - 2);
|
||||
m_sectionname, _Setting2, 0, ctrlCmd, sizeof(ctrlCmd) - 2);
|
||||
}
|
||||
|
||||
} else if (msg->length > sizeof(MSG_HEADER)) {
|
||||
|
||||
ULONG len = (ULONG)(msg->length - sizeof(MSG_HEADER));
|
||||
memcpy(ctrlName, (UCHAR*)msg + sizeof(MSG_HEADER), len);
|
||||
ctrlName[len / sizeof(WCHAR)] = L'\0';
|
||||
memcpy(ctrlCmd, (UCHAR*)msg + sizeof(MSG_HEADER), len);
|
||||
ctrlCmd[len / sizeof(WCHAR)] = L'\0';
|
||||
}
|
||||
|
||||
//
|
||||
|
@ -2334,17 +2334,24 @@ MSG_HEADER *SbieIniServer::RunSbieCtrl(MSG_HEADER *msg, HANDLE idProcess, bool i
|
|||
|
||||
STARTUPINFO si;
|
||||
PROCESS_INFORMATION pi;
|
||||
|
||||
WCHAR *args = NULL;
|
||||
if (isSandboxed) {
|
||||
if (*ctrlName)
|
||||
args = L" -autorun";
|
||||
} else {
|
||||
if (!*ctrlName)
|
||||
args = L" /open /sync";
|
||||
|
||||
//
|
||||
// split the agent executable name from the arguments
|
||||
//
|
||||
|
||||
WCHAR* end = (WCHAR*)SbieDll_FindArgumentEnd(ctrlCmd);
|
||||
if (*end) {
|
||||
*end++ = 0;
|
||||
args = end;
|
||||
}
|
||||
|
||||
if (SbieDll_RunFromHome(*ctrlName ? ctrlName : SBIECTRL_EXE, args, &si, NULL)) {
|
||||
//
|
||||
// run the agent executable from the sbie home directory,
|
||||
// when none was specified fallback to SBIECTRL_EXE
|
||||
//
|
||||
|
||||
if (SbieDll_RunFromHome(*ctrlCmd ? ctrlCmd : SBIECTRL_EXE, args, &si, NULL)) {
|
||||
|
||||
WCHAR *CmdLine = (WCHAR *)si.lpReserved;
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
Copyright 2020 – 2023 David Xanatos (xanasoft.com)
|
||||
Copyright 2004 – 2020 Sandboxie Holdings, LLC
|
||||
Copyright 2020 - 2023 David Xanatos (xanasoft.com)
|
||||
Copyright 2004 - 2020 Sandboxie Holdings, LLC
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
|
|
@ -1092,6 +1092,8 @@ WriteLoop:
|
|||
|
||||
File /oname=${SBIEINI_EXE} "${BIN_ROOT}\SbieIni.exe"
|
||||
|
||||
File "whatsnew.html"
|
||||
|
||||
;File "${BIN_ROOT}\License.exe"
|
||||
|
||||
File "LICENSE.TXT"
|
||||
|
@ -1210,6 +1212,8 @@ Function DeleteProgramFiles
|
|||
Delete "$INSTDIR\${SBIEINI_EXE}"
|
||||
Delete "$INSTDIR\${SBIEINI_EXE}.sig" ; leftover
|
||||
|
||||
Delete "$INSTDIR\whatsnew.html"
|
||||
|
||||
Delete "$INSTDIR\LICENSE.EXE"
|
||||
|
||||
Delete "$INSTDIR\LICENSE.TXT"
|
||||
|
@ -1680,7 +1684,8 @@ Function .onGUIEnd
|
|||
|
||||
StrCmp $LaunchControl "Y" 0 Done
|
||||
|
||||
ExecWait '"$INSTDIR\${START_EXE}" run_sbie_ctrl' $0
|
||||
; ExecWait '"$INSTDIR\${START_EXE}" run_sbie_ctrl' $0
|
||||
ExecWait '"$INSTDIR\${START_EXE}" open_agent:"${SBIECTRL_EXE} /open /sync /postsetup"' $0
|
||||
|
||||
Done:
|
||||
|
||||
|
|
|
@ -150,6 +150,9 @@ OpenFilePath=\Device\NamedPipe\XTIERRPCPIPE
|
|||
# is a security attack, and must be closed
|
||||
ClosedFilePath=\Device\LanmanRedirector
|
||||
ClosedFilePath=\Device\Mup
|
||||
#
|
||||
# Block access to imdisk, force terminated proxy processes can result in a BSOD
|
||||
ClosedFilePath=\Device\ImDiskCtl
|
||||
|
||||
# IPC
|
||||
OpenIpcPath=\Windows\ApiPort
|
||||
|
@ -3556,16 +3559,6 @@ ForceRestart=PicoTorrent.exe
|
|||
# Download Managers
|
||||
#
|
||||
|
||||
[Template_InternetDownloadManager]
|
||||
Tmpl.Title=Internet Download Manager
|
||||
Tmpl.Class=Download
|
||||
Tmpl.Url=http://www.internetdownloadmanager.com/
|
||||
Tmpl.Scan=s
|
||||
# Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{AC746233-E9D3-49CD-862F-068F7B7CCCA4}
|
||||
Tmpl.ScanProduct=Internet Download Manager
|
||||
OpenClsid={AC746233-E9D3-49CD-862F-068F7B7CCCA4}
|
||||
# prevent access to host port
|
||||
# BlockPort=1001
|
||||
|
||||
[Template_FreeDownloadManager]
|
||||
Tmpl.Title=Free Download Manager
|
||||
|
@ -3669,9 +3662,8 @@ Tmpl.Class=Security
|
|||
OpenIpcPath=\RPC Control\keysvc
|
||||
|
||||
[Template_Chrome_KB5027231_fix]
|
||||
Tmpl.Title=Chromium fix for windows 11 with KB5027231
|
||||
Tmpl.Title=Chromium fix for Windows 11 with KB5027231
|
||||
Tmpl.Class=WebBrowser
|
||||
Tmpl.Scan=x
|
||||
#Tmpl.Scan=u
|
||||
#Tmpl.ScanUpd=KB5027231
|
||||
Tmpl.ScanScript=if(system.version().major != 11) return false; return system.checkUpdates("KB5027231");
|
||||
|
@ -4175,3 +4167,5 @@ Tmpl.Entry=StrokeIt | StrokeIt
|
|||
[Template_VPNTunnel]
|
||||
|
||||
[Template_Edge_Win11Fix]
|
||||
|
||||
[Template_InternetDownloadManager]
|
||||
|
|
|
@ -0,0 +1,215 @@
|
|||
/*
|
||||
* Copyright 2023 David Xanatos, xanasoft.com
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include "stdafx.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include <Windows.h>
|
||||
#include <AclAPI.h>
|
||||
#include <Sddl.h>
|
||||
#include "common/defines.h"
|
||||
#include "common/my_version.h"
|
||||
#include "core/dll/sbieapi.h"
|
||||
#include <string>
|
||||
#include <map>
|
||||
|
||||
extern "C" void Display_Error(PWSTR SubFuncName, DWORD LastError);
|
||||
|
||||
struct SDaclEntry
|
||||
{
|
||||
SDaclEntry() : pSid(NULL), AllowMask(0),DenyMask(0) {}
|
||||
BYTE bSid[68];
|
||||
PSID pSid;
|
||||
ACCESS_MASK AllowMask;
|
||||
ACCESS_MASK DenyMask;
|
||||
};
|
||||
|
||||
std::map<std::wstring, SDaclEntry> ListFolderDACLs(const wchar_t* folderPath)
|
||||
{
|
||||
std::map<std::wstring, SDaclEntry> map;
|
||||
|
||||
PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
|
||||
DWORD result = GetNamedSecurityInfoW(folderPath, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL, &pSecurityDescriptor);
|
||||
if (result != ERROR_SUCCESS) {
|
||||
Display_Error(L"GetNamedSecurityInfoW", result);
|
||||
return map;
|
||||
}
|
||||
|
||||
BOOL ok;
|
||||
PACL pDacl = NULL;
|
||||
BOOL bDaclPresent = FALSE;
|
||||
BOOL bDaclDefaulted = FALSE;
|
||||
ok = GetSecurityDescriptorDacl(pSecurityDescriptor, &bDaclPresent, &pDacl, &bDaclDefaulted);
|
||||
if (!ok) {
|
||||
Display_Error(L"GetSecurityDescriptorDacl", 0);
|
||||
return map;
|
||||
}
|
||||
if (!bDaclPresent)
|
||||
return map; // empty not an error
|
||||
|
||||
for (DWORD i = 0; i < pDacl->AceCount; ++i) {
|
||||
|
||||
PACE_HEADER pAceHeader = NULL;
|
||||
if (!GetAce(pDacl, i, (LPVOID*)&pAceHeader)) {
|
||||
//Display_Error(L"GetAce", 0);
|
||||
continue;
|
||||
}
|
||||
|
||||
PSID pSid = NULL;
|
||||
ACCESS_MASK AllowMask = 0;
|
||||
ACCESS_MASK DenyMask = 0;
|
||||
switch (pAceHeader->AceType) {
|
||||
case ACCESS_ALLOWED_ACE_TYPE: {
|
||||
PACCESS_ALLOWED_ACE pAce = (PACCESS_ALLOWED_ACE)pAceHeader;
|
||||
pSid = (PSID)&pAce->SidStart;
|
||||
AllowMask = pAce->Mask;
|
||||
break;
|
||||
}
|
||||
case ACCESS_DENIED_ACE_TYPE: {
|
||||
PACCESS_DENIED_ACE pAce = (PACCESS_DENIED_ACE)pAceHeader;
|
||||
pSid = (PSID)&pAce->SidStart;
|
||||
DenyMask = pAce->Mask;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (pSid) {
|
||||
LPWSTR pSidString = NULL;
|
||||
if (ConvertSidToStringSidW(pSid, &pSidString)) {
|
||||
SDaclEntry& entry = map[pSidString];
|
||||
if (!entry.pSid) {
|
||||
CopySid(sizeof(entry.bSid), entry.bSid, pSid);
|
||||
entry.pSid = entry.bSid;
|
||||
}
|
||||
entry.AllowMask |= AllowMask;
|
||||
entry.DenyMask |= DenyMask;
|
||||
LocalFree(pSidString);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
LocalFree(pSecurityDescriptor);
|
||||
|
||||
return map;
|
||||
}
|
||||
|
||||
BOOL UpdateFolderDACLs(const wchar_t* folderPath, EXPLICIT_ACCESS *ea)
|
||||
{
|
||||
PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
|
||||
DWORD result = GetNamedSecurityInfoW(folderPath, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL, &pSecurityDescriptor);
|
||||
if (result != ERROR_SUCCESS) {
|
||||
Display_Error(L"GetNamedSecurityInfoW", result);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
BOOL ok;
|
||||
PACL pDacl = NULL;
|
||||
BOOL bDaclPresent = FALSE;
|
||||
BOOL bDaclDefaulted = FALSE;
|
||||
ok = GetSecurityDescriptorDacl(pSecurityDescriptor, &bDaclPresent, &pDacl, &bDaclDefaulted);
|
||||
if (!ok) {
|
||||
Display_Error(L"GetSecurityDescriptorDacl", 0);
|
||||
return FALSE;
|
||||
}
|
||||
if (!bDaclPresent) {
|
||||
Display_Error(L"GetSecurityDescriptorDacl", ERROR_INVALID_ACCESS);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
result = SetEntriesInAclW(1, ea, pDacl, &pDacl);
|
||||
if (result != ERROR_SUCCESS)
|
||||
Display_Error(L"SetEntriesInAclW", result);
|
||||
else {
|
||||
result = SetNamedSecurityInfoW((LPWSTR)folderPath, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, pDacl, NULL);
|
||||
if (result != ERROR_SUCCESS)
|
||||
Display_Error(L"SetNamedSecurityInfoW", result);
|
||||
}
|
||||
|
||||
LocalFree(pSecurityDescriptor);
|
||||
return result == ERROR_SUCCESS;
|
||||
}
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Kmd_FixDacls
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
extern "C" BOOL Kmd_FixDacls()
|
||||
{
|
||||
WCHAR HomePath[MAX_PATH];
|
||||
SbieApi_GetHomePath(NULL, 0, HomePath, MAX_PATH);
|
||||
if (!*HomePath) // sbie not installed or not running
|
||||
return FALSE;
|
||||
|
||||
//
|
||||
// remove problematic permissions created when the
|
||||
// win 11 shell extension was registered
|
||||
// for a folder not being under program files
|
||||
//
|
||||
|
||||
std::map<std::wstring, SDaclEntry> map = ListFolderDACLs(HomePath);
|
||||
|
||||
for (auto I = map.begin(); I != map.end(); ++I) {
|
||||
|
||||
if (I->first.length() > 44 && (
|
||||
(I->first.substr(0, 13) == L"S-1-15-3-1024")
|
||||
|| (I->first.substr(0, 8) == L"S-1-15-2") )) {
|
||||
|
||||
EXPLICIT_ACCESS ea_clear =
|
||||
{
|
||||
GENERIC_ALL,
|
||||
REVOKE_ACCESS,
|
||||
SUB_CONTAINERS_AND_OBJECTS_INHERIT,
|
||||
{
|
||||
NULL,
|
||||
NO_MULTIPLE_TRUSTEE,
|
||||
TRUSTEE_IS_SID,
|
||||
TRUSTEE_IS_GROUP,
|
||||
reinterpret_cast<LPTSTR>(I->second.pSid)
|
||||
}
|
||||
};
|
||||
|
||||
UpdateFolderDACLs(HomePath, &ea_clear);
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// add read access for ALL_APP_PACKAGES
|
||||
//
|
||||
|
||||
PSID pSid = NULL; // ALL_APP_PACKAGES
|
||||
ConvertStringSidToSidW(L"S-1-15-2-1", &pSid);
|
||||
|
||||
EXPLICIT_ACCESS ea_set =
|
||||
{
|
||||
GENERIC_READ | GENERIC_EXECUTE,
|
||||
SET_ACCESS,
|
||||
SUB_CONTAINERS_AND_OBJECTS_INHERIT,
|
||||
{
|
||||
NULL,
|
||||
NO_MULTIPLE_TRUSTEE,
|
||||
TRUSTEE_IS_SID,
|
||||
TRUSTEE_IS_GROUP,
|
||||
reinterpret_cast<LPTSTR>(pSid)
|
||||
}
|
||||
};
|
||||
|
||||
UpdateFolderDACLs(HomePath, &ea_set);
|
||||
|
||||
LocalFree(pSid);
|
||||
|
||||
return TRUE;
|
||||
}
|
|
@ -30,6 +30,8 @@
|
|||
|
||||
extern void Kmd_ScanDll(BOOLEAN silent);
|
||||
|
||||
extern BOOL Kmd_FixDacls();
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Defines
|
||||
|
@ -43,7 +45,8 @@ typedef enum _COMMAND {
|
|||
CMD_STOP,
|
||||
CMD_SCANDLL,
|
||||
CMD_SCANDLL_SILENT,
|
||||
CMD_MESSAGE
|
||||
CMD_MESSAGE,
|
||||
CMD_FIXDACLS
|
||||
} COMMAND;
|
||||
|
||||
typedef enum _OPTIONS {
|
||||
|
@ -224,6 +227,10 @@ BOOL Parse_Command_Line(
|
|||
*Command = CMD_MESSAGE;
|
||||
num_args_needed = 2;
|
||||
|
||||
} else if (_wcsicmp(args[1], L"fixdacls") == 0) {
|
||||
*Command = CMD_FIXDACLS;
|
||||
num_args_needed = 0;
|
||||
|
||||
} else {
|
||||
*Command = CMD_ERROR;
|
||||
MessageBox(NULL, L"Invalid command", L"KmdUtil",
|
||||
|
@ -761,6 +768,16 @@ int __stdcall WinMain(
|
|||
&Options))
|
||||
return EXIT_FAILURE;
|
||||
|
||||
if (Command == CMD_MESSAGE) {
|
||||
ok = Kmd_Show_Message(Driver_Name, Driver_Path);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
if (Command == CMD_FIXDACLS) {
|
||||
ok = Kmd_FixDacls();
|
||||
goto finish;
|
||||
}
|
||||
|
||||
ScMgr = OpenSCManager(
|
||||
NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_CREATE_SERVICE);
|
||||
|
||||
|
@ -803,9 +820,7 @@ int __stdcall WinMain(
|
|||
if (Command == CMD_STOP)
|
||||
ok = Kmd_Stop_Service(Driver_Name);
|
||||
|
||||
if (Command == CMD_MESSAGE)
|
||||
ok = Kmd_Show_Message(Driver_Name, Driver_Path);
|
||||
|
||||
finish:
|
||||
if (! ok)
|
||||
return EXIT_FAILURE;
|
||||
|
||||
|
|
|
@ -183,6 +183,20 @@
|
|||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="fixdacls.cpp">
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|ARM64'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|ARM64'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">NotUsing</PrecompiledHeader>
|
||||
<ExceptionHandling Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">Sync</ExceptionHandling>
|
||||
<ExceptionHandling Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">Sync</ExceptionHandling>
|
||||
<ExceptionHandling Condition="'$(Configuration)|$(Platform)'=='SbieRelease|ARM64'">Sync</ExceptionHandling>
|
||||
<ExceptionHandling Condition="'$(Configuration)|$(Platform)'=='SbieDebug|ARM64'">Sync</ExceptionHandling>
|
||||
<ExceptionHandling Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">Sync</ExceptionHandling>
|
||||
<ExceptionHandling Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">Sync</ExceptionHandling>
|
||||
</ClCompile>
|
||||
<ClCompile Include="KmdUtil.c" />
|
||||
<ClCompile Include="sbiedrv.c" />
|
||||
<ClCompile Include="scandll.c" />
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -386,6 +386,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
# %2 = Mozilla Firefox
|
||||
2191;pop;inf;01
|
||||
SBIE2191 %2 should not be updated while running under Sandboxie.
|
||||
|
@ -1351,6 +1359,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3471;txt;01
|
||||
&Terminate Programs
|
||||
.
|
||||
|
@ -4097,7 +4109,7 @@ Select NO to delete the Sandboxie.ini file and lose your configuration settings.
|
|||
.
|
||||
|
||||
8055;ins;01
|
||||
There is an online update of the Templates.ini and/or the translations for this version of sandboxie available, do you want to install it?
|
||||
There is an online update of the Templates.ini and/or the translations for this version of Sandboxie available, do you want to install it?
|
||||
.
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
|
|
|
@ -707,7 +707,7 @@ Zadejte název programu nebo složky a Sandboxie je pro Vás otevře.
|
|||
.
|
||||
|
||||
3104;txt;01
|
||||
Zadejte . (cílový charakter) k prozkoumání plochy Sanboxie.
|
||||
Zadejte . (cílový charakter) k prozkoumání plochy Sandboxie.
|
||||
.
|
||||
|
||||
3105;txt;01
|
||||
|
@ -1495,7 +1495,7 @@ Kontrola aktualizace
|
|||
.
|
||||
|
||||
3622;txt;01
|
||||
Chcete se připojit na web Sanboxie a zjistit, zda je k dispozici nová verze programu?
|
||||
Chcete se připojit na web Sandboxie a zjistit, zda je k dispozici nová verze programu?
|
||||
.
|
||||
|
||||
3623;txt;01
|
||||
|
|
|
@ -3476,7 +3476,7 @@ Wilt u Sandboxie-Plus nu downloaden?
|
|||
.
|
||||
|
||||
6002;txt;01
|
||||
Bezoek <a ID="whats_new">sandboxie-plus.com</a> voor meer informatie over de nieuwe functies van Sanboxie-Plus,
|
||||
Bezoek <a ID="whats_new">sandboxie-plus.com</a> voor meer informatie over de nieuwe functies van Sandboxie-Plus,
|
||||
of klik <a ID="upgrade">hier</a> om de laatste versie van het Sandboxie-Plus-installatiebestand te downloaden.
|
||||
.
|
||||
|
||||
|
|
|
@ -1208,7 +1208,7 @@ Re&charger la configuration
|
|||
.
|
||||
|
||||
3505;txt;01
|
||||
Contribuer à Sanboxie
|
||||
Contribuer à Sandboxie
|
||||
.
|
||||
|
||||
3451;txt;01
|
||||
|
|
|
@ -338,6 +338,14 @@ SBIE2114 Die Datei ist zu groß, um sie in die Sandbox zu kopieren, verweigere Z
|
|||
SBIE2115 Die Datei ist zu groß, um sie in die Sandbox zu kopieren, öffne Datei nur schreibgeschützt - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll Fehler %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 Die LowLevel.dll Umleitung konnte SbieDll.dll nicht in den Zielprozess laden.
|
||||
.
|
||||
|
||||
2191;pop;inf;01
|
||||
SBIE2191 %2 sollte nicht aktualisiert werden, wenn es mit Sandboxie ausgeführt wird.
|
||||
.
|
||||
|
@ -1184,6 +1192,10 @@ Upgrade zu Sandboxie-Plus
|
|||
Sandboxie-Plus Migrationsanleitung
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
Was ist neu in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3471;txt;01
|
||||
Programme &beenden
|
||||
.
|
||||
|
|
|
@ -821,7 +821,7 @@ Sandboxie の個人使用は、期間を定めることなく、無償で許諾
|
|||
.
|
||||
|
||||
3235;txt;01
|
||||
この制限は、送金頂いたバージョンの Sanboxie では解除されます。
|
||||
この制限は、送金頂いたバージョンの Sandboxie では解除されます。
|
||||
.
|
||||
|
||||
3236;txt;01
|
||||
|
|
|
@ -386,6 +386,14 @@ SBIE2114 파일이 너무 커서 샌드박스에 복사할 수 없으므로 액
|
|||
SBIE2115 파일이 너무 커서 샌드박스에 복사할 수 없으므로 읽기 전용으로 열림니다 - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll 오류 %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll 우회가 SbieDll.dll을 대상 프로세스로 로드하지 못했습니다.
|
||||
.
|
||||
|
||||
# %2 = Mozilla Firefox
|
||||
2191;pop;inf;01
|
||||
SBIE2191 %2은(는) Sandboxie에서 실행되는 동안에는 업데이트하면 안됩니다.
|
||||
|
@ -1351,6 +1359,10 @@ Sandboxie-Plus로 업그레이드
|
|||
Sandboxie-Plus 마이그레이션 안내
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
Sandboxie-Plus의 새로운 기능
|
||||
.
|
||||
|
||||
3471;txt;01
|
||||
프로그램 끝내기(&T)
|
||||
.
|
||||
|
@ -3973,7 +3985,7 @@ Sandboxie의 기본 설정은 완전한 보호를 제공하지만 Sandboxie 제
|
|||
.
|
||||
|
||||
8012;ins;01
|
||||
Sanboxie 시스템 수준 드라이버를 설치하고 활성화하려면 다음을 누르십시오. 이 드라이버는 Sanboxie 응용 프로그램의 핵심입니다.
|
||||
Sandboxie 시스템 수준 드라이버를 설치하고 활성화하려면 다음을 누르십시오. 이 드라이버는 Sandboxie 응용 프로그램의 핵심입니다.
|
||||
.
|
||||
|
||||
8013;ins;01
|
||||
|
|
|
@ -386,6 +386,14 @@ SBIE2114 文件太大无法复制到沙箱, 拒绝访问 - %2
|
|||
SBIE2115 文件太大无法复制到沙箱, 以只读模式打开 - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll 错误 %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll 绕行无法将 SbieDll.dll 加载到目标进程中。
|
||||
.
|
||||
|
||||
# %2 = Mozilla Firefox
|
||||
2191;pop;inf;01
|
||||
SBIE2191 不建议更新在沙盒中运行的 %2
|
||||
|
@ -4054,7 +4062,7 @@ Sandboxie 控制程序正在运行。
|
|||
.
|
||||
|
||||
8055;ins;01
|
||||
有可用的 Templates.ini 和/或此版本沙盒的翻译的在线更新,您要安装它吗?
|
||||
有可用的 Templates.ini 和/或此版本 Sandboxie 的翻译的在线更新,您要安装它吗?
|
||||
.
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
|
|
|
@ -1160,6 +1160,10 @@ Sandboxie-Plus'a Yükseltin
|
|||
Sandboxie-Plus Taşıma Kılavuzu
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
Sandboxie-Plus'taki Yenilikler
|
||||
.
|
||||
|
||||
3471;txt;01
|
||||
Programları &Kapat
|
||||
.
|
||||
|
|
|
@ -62,6 +62,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -198,6 +206,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -58,6 +58,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -178,6 +186,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -58,6 +58,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -178,6 +186,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -58,6 +58,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -178,6 +186,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -50,6 +50,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -154,6 +162,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -78,6 +78,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -255,6 +263,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -34,6 +34,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2195;pop;inf;01
|
||||
SBIE2195 To run Explorer.exe sandboxed, the access for COM infrastructure must not be Open.
|
||||
.
|
||||
|
@ -94,6 +102,10 @@ Apply Supporter Certificate
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
4342;txt;01
|
||||
Enable %2 compatibility workaround
|
||||
.
|
||||
|
|
|
@ -78,6 +78,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -260,6 +268,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -50,6 +50,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -154,6 +162,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -58,6 +58,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -186,6 +194,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -22,6 +22,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2196;pop;inf;01
|
||||
SBIE2196 To run the MSI Installer sandboxed, the access for COM infrastructure must not be Open.
|
||||
.
|
||||
|
@ -38,6 +46,10 @@ Get Supporter Certificate
|
|||
Apply Supporter Certificate
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
7988;txt;01
|
||||
Your Supporter Certificate is valid, Thank You :-)
|
||||
.
|
||||
|
|
|
@ -58,6 +58,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -178,6 +186,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -50,6 +50,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -154,6 +162,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -58,6 +58,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -178,6 +186,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -58,6 +58,14 @@ SBIE2114 File is too large to copy into sandbox, denying access - %2
|
|||
SBIE2115 File is too large to copy into sandbox, opening in read only - %2
|
||||
.
|
||||
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
2194;pop;inf;01
|
||||
SBIE2194 MSI installer requires %2 option to be set in the ini, what however weakens the isolation.
|
||||
.
|
||||
|
@ -178,6 +186,10 @@ Upgrade to Sandboxie-Plus
|
|||
Sandboxie-Plus Migration Guide
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
3484;txt;01
|
||||
Resource Access
|
||||
.
|
||||
|
|
|
@ -2,5 +2,15 @@
|
|||
* Missing Messages in Text-Italian-1040.txt
|
||||
*==========
|
||||
|
||||
There are no missing messages.
|
||||
2180;pop;inf;01
|
||||
SBIE2180 LowLevel.dll error %2
|
||||
.
|
||||
|
||||
2181;pop;inf;01
|
||||
SBIE2181 LowLevel.dll detour failed to load SbieDll.dll into target process.
|
||||
.
|
||||
|
||||
3469;txt;01
|
||||
What's new in Sandboxie-Plus
|
||||
.
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue