mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

1.0.17

This commit is contained in:
DavidXanatos 2022-04-02 17:01:13 +02:00
parent f75cae0bb4
commit 32132affb6
11 changed files with 79 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CHANGELOG.md
View File

@ -3,6 +3,18 @@ All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).
## [1.0.17 / 5.55.17] - 2022-04-??
### Fixed
- Fixed crash issue with the new monitor mode
## [1.0.16 / 5.55.16] - 2022-04-02
### Added

4
Sandboxie/common/my_version.h
View File

@ -21,8 +21,8 @@
#ifndef _MY_VERSION_H
#define _MY_VERSION_H
#define MY_VERSION_BINARY 5,55,16
#define MY_VERSION_STRING "5.55.16"
#define MY_VERSION_BINARY 5,55,17
#define MY_VERSION_STRING "5.55.17"
#define MY_VERSION_COMPAT "5.55.0" // this refers to the driver ABI compatibility
// These #defines are used by either Resource Compiler or NSIS installer

13
Sandboxie/core/drv/syscall_open.c
View File

@ -192,6 +192,16 @@ _FX NTSTATUS Syscall_CheckObject(
status = syscall_entry->handler2_func(
proc, OpenedObject, &Name->Name, HandleInfo->GrantedAccess);
//
// process/thread access has an own loggin routine
//
if ((syscall_entry->name_len == 11 && memcmp(syscall_entry->name, "OpenProcess", 11) == 0) ||
(syscall_entry->name_len == 10 && memcmp(syscall_entry->name, "OpenThread", 10) == 0) ||
(syscall_entry->name_len == 21 && memcmp(syscall_entry->name, "AlpcOpenSenderProcess", 21) == 0) ||
(syscall_entry->name_len == 20 && memcmp(syscall_entry->name, "AlpcOpenSenderThread", 20) == 0))
goto skip_log;
if ((status != STATUS_SUCCESS)
&& (status != STATUS_BAD_INITIAL_PC)) {
@ -200,9 +210,10 @@ _FX NTSTATUS Syscall_CheckObject(
WCHAR msg[256];
RtlStringCbPrintfW(msg, sizeof(msg), L"%S (%08X) access=%08X initialized=%d", syscall_entry->name, status, HandleInfo->GrantedAccess, proc->initialized);
Log_Msg_Process(MSG_2101, msg, puName != NULL ? puName->Buffer : L"Unnamed object", -1, proc->pid);
Log_Msg_Process(MSG_2112, msg, puName != NULL ? puName->Buffer : L"Unnamed object", -1, proc->pid);
}
skip_log:
if (Name != &Obj_Unnamed)
Mem_Free(Name, NameLength);
}

64
Sandboxie/core/drv/thread.c
View File

@ -979,7 +979,7 @@ _FX NTSTATUS Thread_CheckThreadObject(
_FX NTSTATUS Thread_CheckObject_Common(
PROCESS *proc, PEPROCESS ProcessObject,
ACCESS_MASK GrantedAccess, BOOLEAN EntireProcess,
BOOLEAN AllowTerminating)
BOOLEAN ExplicitAccess)
{
ULONG_PTR pid;
const WCHAR *pSetting;
@ -988,6 +988,11 @@ _FX NTSTATUS Thread_CheckObject_Common(
ACCESS_MASK WriteAccess;
ACCESS_MASK ReadAccess;
BOOLEAN ShouldMonitorAccess = FALSE;
void *nbuf;
ULONG nlen;
WCHAR *nptr;
if (EntireProcess) {
Letter1 = L'P';
WriteAccess = (GrantedAccess & PROCESS_DENIED_ACCESS_MASK);
@ -1033,7 +1038,7 @@ _FX NTSTATUS Thread_CheckObject_Common(
// (e.g. VS2012 MSBuild.exe does this with the csc.exe compiler)
//
if (AllowTerminating && PsGetProcessExitProcessCalled(ProcessObject))
if (ExplicitAccess && PsGetProcessExitProcessCalled(ProcessObject))
goto finish;
@ -1061,37 +1066,28 @@ _FX NTSTATUS Thread_CheckObject_Common(
}
}
//
// log the cross-sandbox access attempt, based on the status code
//
if (Session_MonitorCount && !proc->disable_monitor) {
void *nbuf;
ULONG nlen;
WCHAR *nptr;
Process_GetProcessName(proc->pool, pid, &nbuf, &nlen, &nptr);
if (nbuf) {
ULONG mon_type = MONITOR_IPC;
if (NT_SUCCESS(status))
mon_type |= MONITOR_OPEN;
else
mon_type |= MONITOR_DENY;
--nptr; *nptr = L':';
--nptr; *nptr = L'$';
Session_MonitorPut(mon_type, nptr, proc->pid);
Mem_Free(nbuf, nlen);
}
}
ShouldMonitorAccess = TRUE;
finish:
Process_GetProcessName(proc->pool, pid, &nbuf, &nlen, &nptr);
if (nbuf) {
--nptr; *nptr = L':';
--nptr; *nptr = L'$';
}
ULONG mon_type = MONITOR_IPC;
if(!NT_SUCCESS(status))
mon_type |= MONITOR_DENY;
else if (WriteAccess || ReadAccess)
mon_type |= MONITOR_OPEN;
if (!ShouldMonitorAccess)
mon_type |= MONITOR_TRACE;
//
// trace
//
@ -1111,9 +1107,23 @@ finish:
if (Letter2) {
RtlStringCbPrintfW(str, sizeof(str), L"(%c%c) %08X %06d",
Letter1, Letter2, GrantedAccess, (int)pid);
Log_Debug_Msg(MONITOR_IPC | MONITOR_TRACE, str, Driver_Empty);
Log_Debug_Msg(mon_type, str, nptr ? nptr : Driver_Empty);
}
}
else if (ShouldMonitorAccess && Session_MonitorCount && !proc->disable_monitor && nbuf != NULL) {
Session_MonitorPut(mon_type, nptr, proc->pid);
}
if (ExplicitAccess && (status != STATUS_SUCCESS) && (status != STATUS_BAD_INITIAL_PC)) {
WCHAR msg[256];
RtlStringCbPrintfW(msg, sizeof(msg), L"%s (%08X) access=%08X initialized=%d", EntireProcess ? L"OpenProcess" : L"OpenThread", status, GrantedAccess, proc->initialized);
Log_Msg_Process(MSG_2111, msg, nptr != NULL ? nptr : L"Unnamed process", -1, proc->pid);
}
if (nbuf)
Mem_Free(nbuf, nlen);
return status;
}

2
Sandboxie/core/drv/thread.h
View File

@ -97,7 +97,7 @@ THREAD *Thread_GetByThreadId(PROCESS *proc, HANDLE tid);
NTSTATUS Thread_CheckObject_Common(
PROCESS *proc, PEPROCESS ProcessObject,
ACCESS_MASK GrantedAccess, BOOLEAN EntireProcess,
BOOLEAN AllowTerminating);
BOOLEAN ExplicitAccess);
//---------------------------------------------------------------------------

8
Sandboxie/msgs/Sbie-English-1033.txt
View File

@ -354,6 +354,14 @@ SBIE2108 Faking successful completion for program '%2'
# SBIE2110 Preparing WinSxS dependencies for '%2'
# .
2111;pop;inf;01
SBIE2111 Process is not accessible: %3, call %2
.
2112;pop;inf;01
SBIE2112 Object is not accessible: %3, call %2
.
# %2 = Mozilla Firefox
2191;pop;inf;01
SBIE2191 %2 should not be updated while running under Sandboxie.

5
SandboxiePlus/QSbieAPI/Sandboxie/SandBox.cpp
View File

@ -135,7 +135,10 @@ SB_STATUS CSandBox::RunSandboxed(const QString& Command)
SB_STATUS CSandBox::TerminateAll()
{
return m_pAPI->TerminateAll(m_Name);
SB_STATUS Status = m_pAPI->TerminateAll(m_Name);
if(!Status.IsError())
m_ActiveProcessCount = 0;
return Status;
}
bool CSandBox::IsEmpty() const

2
SandboxiePlus/QSbieAPI/SbieAPI.cpp
View File

@ -2412,8 +2412,6 @@ bool CSbieAPI::GetMonitor()
QStringList LogData;
for (size_t pos = 0; pos < log_buffer.Length; ) {
size_t len = wcslen((WCHAR*)(log_buffer.Buffer + pos));
if (len == 0)
break;
LogData.append(QString::fromWCharArray((WCHAR*)(log_buffer.Buffer + pos), len));
pos += (len + 1) * sizeof(WCHAR);
}

2
SandboxiePlus/QSbieAPI/SbieTrace.cpp
View File

@ -63,7 +63,7 @@ CTraceEntry::CTraceEntry(quint32 ProcessId, quint32 ThreadId, quint32 Type, cons
{
m_ProcessId = ProcessId;
m_ThreadId = ThreadId;
m_Name = LogData.first();
m_Name = LogData.length() > 0 ? LogData.at(0) : QString("(empty)");
m_Message = LogData.length() > 1 ? LogData.at(1) : QString();
m_Type.Flags = Type;

6
SandboxiePlus/SandMan/Windows/OptionsAccess.cpp
View File

@ -229,8 +229,6 @@ void COptionsWindow::ParseAndAddAccessEntry(EAccessEntry EntryType, const QStrin
QStringList Values = Value.split(",");
if (Values.count() >= 2)
AddAccessEntry(Type, Mode, Values[0], Values[1], disabled, Template);
else if (Values[0].left(2) == "$:") // special cases
AddAccessEntry(Type, Mode, Values[0].mid(2), "$", disabled, Template);
else // all programs
AddAccessEntry(Type, Mode, "", Values[0], disabled, Template);
}
@ -571,9 +569,7 @@ void COptionsWindow::SaveAccessList()
int Mode = pItem->data(2, Qt::UserRole).toInt();
QString Program = pItem->data(1, Qt::UserRole).toString();
QString Value = pItem->data(3, Qt::UserRole).toString();
if (Value == "$") // special cases
Value = "$:" + Program;
else if (!Program.isEmpty())
if (!Program.isEmpty())
Value.prepend(Program + ",");
QString AccessStr = MakeAccessStr((EAccessType)Type, (EAccessMode)Mode);

2
SandboxiePlus/version.h
View File

@ -2,7 +2,7 @@
#define VERSION_MJR 1
#define VERSION_MIN 0
#define VERSION_REV 16
#define VERSION_REV 17
#define VERSION_UPD 0
#ifndef STR