commit
3d5e098d40
58
CHANGELOG.md
58
CHANGELOG.md
|
@ -9,17 +9,45 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## [0.7.0 / 5.48.0] - 2021-02-14
|
||||||
|
|
||||||
|
### Added
|
||||||
|
- sandboxed indicator for tray icons, the tooltip now contains [#] if enabled
|
||||||
|
- the trace log buffer can now be adjusted with "TraceBufferPages=2560"
|
||||||
|
-- the value denotes the count of 4K large pages to be used; here for a total of 10 MB
|
||||||
|
- new functionality for the list finder
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
- improved RPC debugging
|
||||||
|
- improved IPC handling around RpcMgmtSetComTimeout; "RpcMgmtSetComTimeout=n" is now the default behaviour
|
||||||
|
-- required exceptions have been hard-coded for specific calling DLLs
|
||||||
|
- the LogApi dll is now using Sbie's tracing facility to log events instead of its own pipe server
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
- FIXED SECURITY ISSUE: elevated sandboxed processes could access volumes/disks for reading (thanks hg421)
|
||||||
|
- fixed crash issue around SetCurrentProcessExplicitAppUserModelID observed with GoogleUpdate.exe
|
||||||
|
- fixed issue with resource monitor sort by timestamp
|
||||||
|
- FIXED SECURITY ISSUE: a race condition in the driver allowed to obtain an elevated rights handle to a process (thanks typpos)
|
||||||
|
- FIXED SECURITY ISSUE: "\RPC Control\samss lpc" is now filtered by the driver (thanks hg421)
|
||||||
|
-- this allowed elevated processes to change passwords, delete users and alike; to disable filtering use "OpenSamEndpoint=y"
|
||||||
|
- FIXED SECURITY ISSUE: "\Device\DeviceApi\CMApi" is now filtered by the driver (thanks hg421)
|
||||||
|
-- this allowed elevated processes to change hardware configuration; to disable filtering use "OpenDevCMApi=y"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [0.6.7 / 5.47.1] - 2021-02-01
|
## [0.6.7 / 5.47.1] - 2021-02-01
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
- added UI Language auto detection
|
- added UI language auto-detection
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- fixed brave.exe is now properly recognized as chrome based not firefox based
|
- fixed Brave.exe now being properly recognized as Chrome-, not Firefox-based
|
||||||
- fixed issue introduced in 0.6.5 with recent edge builds
|
- fixed issue introduced in 0.6.5 with recent Edge builds
|
||||||
-- the 0.6.5 behavioure can be set ona per process basis using "RpcMgmtSetComTimeout=POPPeeper.exe,n"
|
-- the 0.6.5 behaviour can be set on a per-process basis using "RpcMgmtSetComTimeout=POPPeeper.exe,n"
|
||||||
- fixed grouping issues
|
- fixed grouping issues
|
||||||
- fixed main windows restore state from tray
|
- fixed main window restore state from tray
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -123,7 +151,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
- refactored some IPC code in the driver
|
- refactored some IPC code in the driver
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- fixed issue allowing to bypass the registry isolation, present since Windows 10 Creators Update
|
- FIXED SECURITY ISSUE: the registry isolation could be bypassed, present since Windows 10 Creators Update
|
||||||
- fixed creation time not always being properly updated in the SandMan UI
|
- fixed creation time not always being properly updated in the SandMan UI
|
||||||
|
|
||||||
|
|
||||||
|
@ -163,12 +191,12 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
## [0.5.4 / 5.46.0] - 2021-01-06
|
## [0.5.4 / 5.46.0] - 2021-01-06
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
- Sandboxie now strips particularly problematic privileges from sandboxed system tokens
|
- FIXED SECURITY ISSUE: Sandboxie now strips particularly problematic privileges from sandboxed system tokens
|
||||||
-- with those a process could attempt to bypass the sandbox isolation (thanks Diversenok)
|
-- with those a process could attempt to bypass the sandbox isolation (thanks Diversenok)
|
||||||
-- old legacy behaviour can be enabled with "StripSystemPrivileges=n" (absolutely NOT Recommended)
|
-- old legacy behaviour can be enabled with "StripSystemPrivileges=n" (absolutely NOT Recommended)
|
||||||
- added new isolation options "ClosePrintSpooler=y" and "OpenSmartCard=n"
|
- added new isolation options "ClosePrintSpooler=y" and "OpenSmartCard=n"
|
||||||
-- those resources are open by default but for a hardened box it’s desired to close them
|
-- those resources are open by default but for a hardened box it’s desired to close them
|
||||||
- added print spooler filter to prevent printers from being set up outside the sandbox
|
- FIXED SECURITY ISSUE: added print spooler filter to prevent printers from being set up outside the sandbox
|
||||||
-- the filter can be disabled with "OpenPrintSpooler=y"
|
-- the filter can be disabled with "OpenPrintSpooler=y"
|
||||||
- added overwrite prompt when recovering an already existing file
|
- added overwrite prompt when recovering an already existing file
|
||||||
- added "StartProgram=", "StartService=" and "AutoExec=" options to the SandMan UI
|
- added "StartProgram=", "StartService=" and "AutoExec=" options to the SandMan UI
|
||||||
|
@ -184,10 +212,10 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
- Improved Resource Monitor status strings
|
- Improved Resource Monitor status strings
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- fixed a critical issue that allowed to create processes outside the sandbox (thanks Diversenok)
|
- FIXED SECURITY ISSUE: processes could spawn processes outside the sandbox (thanks Diversenok)
|
||||||
- fixed issues with dynamic IPC port handling that allowed to bypass IPC isolation
|
- FIXED SECURITY ISSUE: bug in the dynamic IPC port handling allowed to bypass IPC isolation
|
||||||
- fixed issue with IPC tracing
|
- fixed issue with IPC tracing
|
||||||
- fixed CVE-2019-13502 "\RPC Control\LSARPC_ENDPOINT" is now filtered by the driver (thanks Diversenok)
|
- FIXED SECURITY ISSUE: CVE-2019-13502 "\RPC Control\LSARPC_ENDPOINT" is now filtered by the driver (thanks Diversenok)
|
||||||
-- this allowed some system options to be changed, to disable filtering use "OpenLsaEndpoint=y"
|
-- this allowed some system options to be changed, to disable filtering use "OpenLsaEndpoint=y"
|
||||||
- fixed hooking issues SBIE2303 with Chrome, Edge and possibly others
|
- fixed hooking issues SBIE2303 with Chrome, Edge and possibly others
|
||||||
- fixed failed check for running processes when performing snapshot operations
|
- fixed failed check for running processes when performing snapshot operations
|
||||||
|
@ -552,9 +580,9 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- added missing PreferExternalManifest initialization to portable mode
|
- added missing PreferExternalManifest initialization to portable mode
|
||||||
- fixed permission issues with sandboxed system processes
|
- FIXED SECURITY ISSUE: fixed permission issues with sandboxed system processes
|
||||||
-- Note: you can use "ExposeBoxedSystem=y" for the old behaviour (debug option)
|
-- Note: you can use "ExposeBoxedSystem=y" for the old behaviour (debug option)
|
||||||
- fixed missing SCM access check for sandboxed services
|
- FIXED SECURITY ISSUE: fixed missing SCM access check for sandboxed services (thanks Diversenok)
|
||||||
-- Note: to disable the access check use "UnrestrictedSCM=y" (debug option)
|
-- Note: to disable the access check use "UnrestrictedSCM=y" (debug option)
|
||||||
- fixed missing initialization in service server that caused sandboxed programs to crash when querying service status
|
- fixed missing initialization in service server that caused sandboxed programs to crash when querying service status
|
||||||
- fixed many bugs that caused the SbieDrv.sys to BSOD when run with MSFT Driver Verifier active
|
- fixed many bugs that caused the SbieDrv.sys to BSOD when run with MSFT Driver Verifier active
|
||||||
|
@ -613,7 +641,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
- Sbie driver now first checks the home path for the Sbie ini before checking SystemRoot
|
- Sbie driver now first checks the home path for the Sbie ini before checking SystemRoot
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- Fixed a resource leak when running sandboxed
|
- FIXED SECURITY ISSUE: sandboxed processes could obtain a write handle on non sandboxed processes (thanks Diversenok)
|
||||||
|
-- this allowed to inject code in non sandboxed processes
|
||||||
- Fixed issue boxed services not starting when the path contained a space
|
- Fixed issue boxed services not starting when the path contained a space
|
||||||
- NtQueryInformationProcess now returns the proper sandboxed path for sandboxed processes
|
- NtQueryInformationProcess now returns the proper sandboxed path for sandboxed processes
|
||||||
|
|
||||||
|
@ -641,3 +670,4 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- fixed "Windows Installer Service could not be accessed" that got introduced with Windows 1903
|
- fixed "Windows Installer Service could not be accessed" that got introduced with Windows 1903
|
||||||
|
|
||||||
|
|
|
@ -103,6 +103,7 @@
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
|
<ClCompile Include="..\..\common\my_ntdll.c" />
|
||||||
<ClCompile Include="BoxOrder.c" />
|
<ClCompile Include="BoxOrder.c" />
|
||||||
<ClCompile Include="DlgTmplRtl.cpp" />
|
<ClCompile Include="DlgTmplRtl.cpp" />
|
||||||
<ClCompile Include="MyFileOp.c" />
|
<ClCompile Include="MyFileOp.c" />
|
||||||
|
@ -110,7 +111,9 @@
|
||||||
<ClCompile Include="MyMsgBox.c" />
|
<ClCompile Include="MyMsgBox.c" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
|
<ClInclude Include="..\..\common\my_shlwapi.h" />
|
||||||
<ClInclude Include="..\..\common\my_version.h" />
|
<ClInclude Include="..\..\common\my_version.h" />
|
||||||
|
<ClInclude Include="..\..\common\my_xeb.h" />
|
||||||
<ClInclude Include="BoxOrder.h" />
|
<ClInclude Include="BoxOrder.h" />
|
||||||
<ClInclude Include="CommonUtils.h" />
|
<ClInclude Include="CommonUtils.h" />
|
||||||
<ClInclude Include="MyGdi.h" />
|
<ClInclude Include="MyGdi.h" />
|
||||||
|
|
|
@ -148,11 +148,11 @@ CAppPage::CAppPage(TMPL_INFO *info, const CString &BoxName)
|
||||||
if (m_tmpl_info.ClassModifier & MODIF_IEXPLORE)
|
if (m_tmpl_info.ClassModifier & MODIF_IEXPLORE)
|
||||||
m_titleForPage = L"Internet Explorer";
|
m_titleForPage = L"Internet Explorer";
|
||||||
if (m_tmpl_info.ClassModifier & MODIF_EDGE)
|
if (m_tmpl_info.ClassModifier & MODIF_EDGE)
|
||||||
m_titleForPage = "Microsoft Edge";
|
m_titleForPage = L"Microsoft Edge";
|
||||||
if (m_tmpl_info.ClassModifier & MODIF_FIREFOX)
|
if (m_tmpl_info.ClassModifier & MODIF_FIREFOX)
|
||||||
m_titleForPage = L"Firefox";
|
m_titleForPage = L"Mozilla Firefox";
|
||||||
if (m_tmpl_info.ClassModifier & MODIF_CHROME)
|
if (m_tmpl_info.ClassModifier & MODIF_CHROME)
|
||||||
m_titleForPage = "Google Chrome";
|
m_titleForPage = L"Google Chrome";
|
||||||
if (m_tmpl_info.ClassModifier & MODIF_OTHERWB)
|
if (m_tmpl_info.ClassModifier & MODIF_OTHERWB)
|
||||||
m_titleForPage = CMyMsg(MSG_4357);
|
m_titleForPage = CMyMsg(MSG_4357);
|
||||||
|
|
||||||
|
@ -1002,7 +1002,7 @@ void CAppPage::AddPages(CPropertySheet &sheet, const CString &BoxName)
|
||||||
m_app_pages.AddTail(new CAppPage(&info, BoxName));
|
m_app_pages.AddTail(new CAppPage(&info, BoxName));
|
||||||
info.ClassModifier = MODIF_EDGE; // Microsoft Edge
|
info.ClassModifier = MODIF_EDGE; // Microsoft Edge
|
||||||
m_app_pages.AddTail(new CAppPage(&info, BoxName));
|
m_app_pages.AddTail(new CAppPage(&info, BoxName));
|
||||||
info.ClassModifier = MODIF_FIREFOX; // Firefox
|
info.ClassModifier = MODIF_FIREFOX; // Mozilla Firefox
|
||||||
m_app_pages.AddTail(new CAppPage(&info, BoxName));
|
m_app_pages.AddTail(new CAppPage(&info, BoxName));
|
||||||
info.WithLink = TRUE;
|
info.WithLink = TRUE;
|
||||||
info.ClassModifier |= MODIF_ADDONS; // Firefox Add-ons
|
info.ClassModifier |= MODIF_ADDONS; // Firefox Add-ons
|
||||||
|
@ -1135,7 +1135,7 @@ void CAppPage::UpdateTemplates(CBox &box)
|
||||||
UpdateEmailTemplates(box);
|
UpdateEmailTemplates(box);
|
||||||
|
|
||||||
//
|
//
|
||||||
// finaly, enable default templates
|
// finally, enable default templates
|
||||||
//
|
//
|
||||||
|
|
||||||
SetDefaultTemplates6(box);
|
SetDefaultTemplates6(box);
|
||||||
|
@ -1169,38 +1169,49 @@ void CAppPage::UpdateWebTemplates(CBox &box)
|
||||||
// find and remove:
|
// find and remove:
|
||||||
// OpenFilePath=seamonkey.exe,%AppData%\Mozilla\Profiles\*\bookmark*
|
// OpenFilePath=seamonkey.exe,%AppData%\Mozilla\Profiles\*\bookmark*
|
||||||
// OpenFilePath=seamonkey.exe,%AppData%\Mozilla\Profiles\*\places*
|
// OpenFilePath=seamonkey.exe,%AppData%\Mozilla\Profiles\*\places*
|
||||||
// OpenFilePath=seamon~1.exe,%AppData%\Mozilla\Profiles\*\bookmark*
|
|
||||||
// OpenFilePath=seamon~1.exe,%AppData%\Mozilla\Profiles\*\places*
|
|
||||||
//
|
//
|
||||||
// replace with: Template=SeaMonkey_Bookmarks_DirectAccess
|
// replace with: Template=SeaMonkey_Bookmarks_DirectAccess
|
||||||
//
|
//
|
||||||
|
|
||||||
//const CString &SeaMonkeyTemplate(L"SeaMonkey_Bookmarks_DirectAccess");
|
const CString &SeaMonkeyTemplate(L"SeaMonkey_Bookmarks_DirectAccess");
|
||||||
//const CString &SeaMonkeyPath1(
|
const CString &SeaMonkeyPath1(
|
||||||
// L"%AppData%\\Mozilla\\Profiles\\*\\bookmark*");
|
L"%AppData%\\Mozilla\\SeaMonkey\\Profiles\\*\\bookmark*");
|
||||||
//const CString &SeaMonkeyPath2(
|
const CString &SeaMonkeyPath2(
|
||||||
// L"%AppData%\\Mozilla\\Profiles\\*\\places*");
|
L"%AppData%\\Mozilla\\SeaMonkey\\Profiles\\*\\places*");
|
||||||
|
|
||||||
//UpdateTemplates2(
|
UpdateTemplates2(
|
||||||
// box, L"seamonkey.exe", SeaMonkeyTemplate,
|
box, L"seamonkey.exe", SeaMonkeyTemplate,
|
||||||
// SeaMonkeyPath1, SeaMonkeyPath2);
|
SeaMonkeyPath1, SeaMonkeyPath2);
|
||||||
|
|
||||||
//UpdateTemplates2(
|
|
||||||
// box, L"seamon~1.exe", SeaMonkeyTemplate,
|
|
||||||
// SeaMonkeyPath1, SeaMonkeyPath2);
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// find and remove:
|
// find and remove:
|
||||||
// OpenFilePath=opera.exe,%AppData%\Opera\Opera\Profile\opera6.adr
|
// OpenFilePath=opera.exe,%AppData%\Opera Software\Opera Stable\Bookmarks
|
||||||
// OpenFilePath=opera.exe,%AppData%\Opera\Opera\Profile\notes.adr
|
// OpenFilePath=opera.exe,%AppData%\Opera Software\Opera Stable\Bookmarks.bak
|
||||||
|
// OpenFilePath=opera.exe,%AppData%\Opera Software\Opera Stable\BookmarksExtras
|
||||||
//
|
//
|
||||||
// replace with: Template=SeaMonkey_Bookmarks_DirectAccess
|
// replace with: Template=Opera_Bookmarks_DirectAccess
|
||||||
//
|
//
|
||||||
|
|
||||||
//UpdateTemplates2(
|
const CString &OperaBookmarksTmpl(L"Opera_Bookmarks_DirectAccess");
|
||||||
// box, L"opera.exe", L"Opera_Bookmarks_DirectAccess",
|
const CString &OperaBookmarks1(L"%AppData%\\Opera Software\\Opera Stable\\Bookmarks");
|
||||||
// L"%AppData%\\Opera\\Opera\\Profile\\opera6.adr",
|
const CString &OperaBookmarks2(L"%AppData%\\Opera Software\\Opera Stable\\Bookmarks.bak");
|
||||||
// L"%AppData%\\Opera\\Opera\\Profile\\notes.adr");
|
const CString &OperaBookmarks3(L"%AppData%\\Opera Software\\Opera Stable\\BookmarksExtras");
|
||||||
|
|
||||||
|
UpdateTemplates2(
|
||||||
|
box, L"opera.exe", OperaBookmarksTmpl, OperaBookmarks1, OperaBookmarks2);
|
||||||
|
|
||||||
|
UpdateTemplates2(
|
||||||
|
box, L"opera.exe", OperaBookmarksTmpl, OperaBookmarks3, OperaBookmarks3);
|
||||||
|
|
||||||
|
//
|
||||||
|
// find and remove invalid OpenFilePath reference:
|
||||||
|
// OpenFilePath=bookmarks.exe,bookmarks*
|
||||||
|
//
|
||||||
|
|
||||||
|
const CString &InvalidEntry1(L"bookmarks*");
|
||||||
|
|
||||||
|
UpdateTemplates2(
|
||||||
|
box, L"bookmarks.exe", L'\0', InvalidEntry1, InvalidEntry1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1211,51 +1222,6 @@ void CAppPage::UpdateWebTemplates(CBox &box)
|
||||||
|
|
||||||
void CAppPage::UpdateEmailTemplates(CBox &box)
|
void CAppPage::UpdateEmailTemplates(CBox &box)
|
||||||
{
|
{
|
||||||
//
|
|
||||||
// find and remove:
|
|
||||||
// OpenFilePath=msimn.exe,%AppData%\Identities
|
|
||||||
// OpenFilePath=msimn.exe,%Local AppData%\Identities
|
|
||||||
// OpenFilePath=msimn.exe,%AppData%\Microsoft\Address Book
|
|
||||||
// OpenFilePath=msimn.exe,*.eml
|
|
||||||
//
|
|
||||||
// replace with: Template=Outlook_Express
|
|
||||||
//
|
|
||||||
// discard:
|
|
||||||
// OpenKeyPath=msimn.exe,HKEY_CURRENT_USER\Identities
|
|
||||||
// OpenKeyPath=msimn.exe,
|
|
||||||
// HKEY_CURRENT_USER\Software\Microsoft\Outlook Express
|
|
||||||
// OpenKeyPath=msimn.exe,
|
|
||||||
// HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager
|
|
||||||
// OpenKeyPath=msimn.exe,
|
|
||||||
// HKEY_LOCAL_MACHINE\Software\Microsoft\Outlook Express
|
|
||||||
// OpenKeyPath=msimn.exe,
|
|
||||||
// HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\
|
|
||||||
// Outlook Express
|
|
||||||
//
|
|
||||||
|
|
||||||
//CStringList _OutlookExpressFiles;
|
|
||||||
//CStringList _OutlookExpressKeys;
|
|
||||||
|
|
||||||
//_OutlookExpressFiles.AddTail(L"%AppData%\\Identities");
|
|
||||||
//_OutlookExpressFiles.AddTail(L"%Local AppData%\\Identities");
|
|
||||||
//_OutlookExpressFiles.AddTail(L"%AppData%\\Microsoft\\Address Book");
|
|
||||||
//_OutlookExpressFiles.AddTail(L"*.eml");
|
|
||||||
|
|
||||||
//_OutlookExpressKeys.AddTail(L"HKEY_CURRENT_USER\\Identities");
|
|
||||||
//_OutlookExpressKeys.AddTail(
|
|
||||||
// L"HKEY_CURRENT_USER\\Software\\Microsoft\\Outlook Express");
|
|
||||||
//_OutlookExpressKeys.AddTail(
|
|
||||||
// L"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Account Manager");
|
|
||||||
//_OutlookExpressKeys.AddTail(
|
|
||||||
// L"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Outlook Express");
|
|
||||||
//_OutlookExpressKeys.AddTail(
|
|
||||||
// L"HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\"
|
|
||||||
// L"Microsoft\\Outlook Express");
|
|
||||||
|
|
||||||
//UpdateTemplates3(
|
|
||||||
// box, L"msimn.exe", L"Outlook_Express",
|
|
||||||
// _OutlookExpressFiles, _OutlookExpressKeys);
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// find and remove:
|
// find and remove:
|
||||||
// OpenFilePath=outlook.exe,%AppData%\Microsoft\Outlook
|
// OpenFilePath=outlook.exe,%AppData%\Microsoft\Outlook
|
||||||
|
@ -1383,15 +1349,10 @@ void CAppPage::UpdateEmailTemplates(CBox &box)
|
||||||
box, L"thunderbird.exe", _Thunderbird,
|
box, L"thunderbird.exe", _Thunderbird,
|
||||||
_ThunderbirdFiles, _ThunderbirdKeys);
|
_ThunderbirdFiles, _ThunderbirdKeys);
|
||||||
|
|
||||||
//UpdateTemplates3(
|
|
||||||
// box, L"thunde~1.exe", _Thunderbird,
|
|
||||||
// _ThunderbirdFiles, _ThunderbirdKeys);
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// find and remove:
|
// find and remove:
|
||||||
// OpenFilePath=seamonkey.exe,%AppData%\Mozilla\Profiles\*\Mail*
|
// OpenFilePath=seamonkey.exe,%AppData%\Mozilla\Profiles\*\Mail*
|
||||||
// OpenFilePath=seamonkey.exe,
|
// OpenFilePath=seamonkey.exe,%Local AppData%\Mozilla\Profiles\*\Mail*
|
||||||
// %Local AppData%\Mozilla\Profiles\*\Mail*
|
|
||||||
//
|
//
|
||||||
// replace with: Template=SeaMonkey
|
// replace with: Template=SeaMonkey
|
||||||
//
|
//
|
||||||
|
@ -1423,10 +1384,6 @@ void CAppPage::UpdateEmailTemplates(CBox &box)
|
||||||
box, L"seamonkey.exe", _SeaMonkey,
|
box, L"seamonkey.exe", _SeaMonkey,
|
||||||
_SeaMonkeyFiles, _SeaMonkeyKeys);
|
_SeaMonkeyFiles, _SeaMonkeyKeys);
|
||||||
|
|
||||||
//UpdateTemplates3(
|
|
||||||
// box, L"seamon~1.exe", _SeaMonkey,
|
|
||||||
// _SeaMonkeyFiles, _SeaMonkeyKeys);
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// find and remove:
|
// find and remove:
|
||||||
// OpenFilePath=opera.exe,%AppData%\Opera\Opera\mail
|
// OpenFilePath=opera.exe,%AppData%\Opera\Opera\mail
|
||||||
|
@ -1434,10 +1391,10 @@ void CAppPage::UpdateEmailTemplates(CBox &box)
|
||||||
// replace with: Template=Opera_Mail
|
// replace with: Template=Opera_Mail
|
||||||
//
|
//
|
||||||
|
|
||||||
CString _OperaPath1(L"%AppData%\\Opera\\Opera\\mail");
|
CString _OperaMailPath1(L"%AppData%\\Opera\\Opera\\mail");
|
||||||
|
|
||||||
UpdateTemplates2(
|
UpdateTemplates2(
|
||||||
box, L"opera.exe", L"Opera_Mail", _OperaPath1, _OperaPath1);
|
box, L"opera.exe", L"Opera_Mail", _OperaMailPath1, _OperaMailPath1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1582,6 +1539,6 @@ void CAppPage::SetDefaultTemplates7(CBox &box)
|
||||||
|
|
||||||
void CAppPage::SetDefaultTemplates8(CBox& box)
|
void CAppPage::SetDefaultTemplates8(CBox& box)
|
||||||
{
|
{
|
||||||
box.EnableTemplate(L"FileCppy", TRUE);
|
box.EnableTemplate(L"FileCopy", TRUE);
|
||||||
box.EnableTemplate(L"SkipHook", TRUE);
|
box.EnableTemplate(L"SkipHook", TRUE);
|
||||||
}
|
}
|
||||||
|
|
|
@ -38,6 +38,7 @@ struct BoxBorderParms {
|
||||||
WCHAR boxname[48];
|
WCHAR boxname[48];
|
||||||
COLORREF color;
|
COLORREF color;
|
||||||
BOOL title;
|
BOOL title;
|
||||||
|
int width;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@ -468,12 +469,13 @@ void CBorderGuard::RefreshBorder(
|
||||||
else
|
else
|
||||||
ah += desktop->bottom;
|
ah += desktop->bottom;
|
||||||
|
|
||||||
int bb = 6;
|
//int bb = 6;
|
||||||
if (rect->left <= desktop->left &&
|
//if (rect->left <= desktop->left &&
|
||||||
rect->top <= desktop->top &&
|
// rect->top <= desktop->top &&
|
||||||
rect->right >= desktop->right &&
|
// rect->right >= desktop->right &&
|
||||||
rect->bottom >= desktop->bottom)
|
// rect->bottom >= desktop->bottom)
|
||||||
bb = 4;
|
// bb = 4;
|
||||||
|
int bb = boxparm->width;
|
||||||
|
|
||||||
//
|
//
|
||||||
// don't display the border if any of it would be obscured by
|
// don't display the border if any of it would be obscured by
|
||||||
|
@ -594,12 +596,14 @@ void CBorderGuard::RefreshConf2()
|
||||||
if (! box.GetName().IsEmpty()) {
|
if (! box.GetName().IsEmpty()) {
|
||||||
COLORREF color;
|
COLORREF color;
|
||||||
BOOL title;
|
BOOL title;
|
||||||
BOOL enabled = box.GetBorder(&color, &title);
|
int width;
|
||||||
|
BOOL enabled = box.GetBorder(&color, &title, &width);
|
||||||
if (enabled) {
|
if (enabled) {
|
||||||
boxparm = new BoxBorderParms;
|
boxparm = new BoxBorderParms;
|
||||||
wcscpy(boxparm->boxname, box.GetName());
|
wcscpy(boxparm->boxname, box.GetName());
|
||||||
boxparm->color = color;
|
boxparm->color = color;
|
||||||
boxparm->title = title;
|
boxparm->title = title;
|
||||||
|
boxparm->width = width;
|
||||||
m_boxes.Add(boxparm);
|
m_boxes.Add(boxparm);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -77,8 +77,8 @@ static const CString _NotifyInternetAccessDenied(
|
||||||
static const CString _NotifyStartRunAccessDenied(
|
static const CString _NotifyStartRunAccessDenied(
|
||||||
L"NotifyStartRunAccessDenied");
|
L"NotifyStartRunAccessDenied");
|
||||||
|
|
||||||
static const WCHAR *BorderColor_off = L",off";
|
//static const WCHAR *BorderColor_off = L",off";
|
||||||
static const WCHAR *BorderColor_ttl = L",ttl";
|
//static const WCHAR *BorderColor_ttl = L",ttl";
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
@ -278,7 +278,7 @@ void CBox::SetDefaultSettings()
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ok)
|
if (ok)
|
||||||
ok = SetBorder(TRUE, RGB(255,255,0), TRUE);
|
ok = SetBorder(TRUE, RGB(255,255,0), TRUE, 6);
|
||||||
|
|
||||||
done:
|
done:
|
||||||
|
|
||||||
|
@ -1226,9 +1226,9 @@ BOOL CBox::SetBoxNameTitle(UCHAR enabled)
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
BOOL CBox::GetBorder(COLORREF *color, BOOL *title)
|
BOOL CBox::GetBorder(COLORREF *color, BOOL *title, int* width)
|
||||||
{
|
{
|
||||||
*color = RGB(255,255,0);
|
/*color = RGB(255,255,0);
|
||||||
*title = FALSE;
|
*title = FALSE;
|
||||||
|
|
||||||
CString text;
|
CString text;
|
||||||
|
@ -1253,7 +1253,9 @@ BOOL CBox::GetBorder(COLORREF *color, BOOL *title)
|
||||||
} else if (text.Mid(7).CompareNoCase(BorderColor_off) == 0)
|
} else if (text.Mid(7).CompareNoCase(BorderColor_off) == 0)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
return TRUE;
|
return TRUE;*/
|
||||||
|
|
||||||
|
return SbieDll_GetBorderColor(m_name, color, title, width);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1262,14 +1264,17 @@ BOOL CBox::GetBorder(COLORREF *color, BOOL *title)
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
BOOL CBox::SetBorder(BOOL enabled, COLORREF color, BOOL title)
|
BOOL CBox::SetBorder(BOOL enabled, COLORREF color, BOOL title, int width)
|
||||||
{
|
{
|
||||||
WCHAR text[32];
|
WCHAR text[32];
|
||||||
swprintf(text, L"#%06X", color);
|
swprintf(text, L"#%06X,%s,%d", color, !enabled ? L"off" : (title ? L"ttl" : L"on"), width);
|
||||||
|
|
||||||
|
/*swprintf(text, L"#%06X", color);
|
||||||
if (title)
|
if (title)
|
||||||
wcscat(text, BorderColor_ttl);
|
wcscat(text, BorderColor_ttl);
|
||||||
if (! enabled)
|
if (! enabled)
|
||||||
wcscat(text, BorderColor_off);
|
wcscat(text, BorderColor_off);*/
|
||||||
|
|
||||||
CSbieIni &ini = CSbieIni::GetInstance();
|
CSbieIni &ini = CSbieIni::GetInstance();
|
||||||
return ini.SetText(m_name, _BorderColor, text);
|
return ini.SetText(m_name, _BorderColor, text);
|
||||||
}
|
}
|
||||||
|
|
|
@ -104,8 +104,8 @@ public:
|
||||||
|
|
||||||
UCHAR GetBoxNameTitle() const;
|
UCHAR GetBoxNameTitle() const;
|
||||||
BOOL SetBoxNameTitle(UCHAR enabled);
|
BOOL SetBoxNameTitle(UCHAR enabled);
|
||||||
BOOL GetBorder(COLORREF *color, BOOL *title);
|
BOOL GetBorder(COLORREF *color, BOOL *title, int *width);
|
||||||
BOOL SetBorder(BOOL enabled, COLORREF color, BOOL title);
|
BOOL SetBorder(BOOL enabled, COLORREF color, BOOL title, int width);
|
||||||
|
|
||||||
BOOL GetSetBlock(WCHAR type, BOOL set, BOOL newval = FALSE);
|
BOOL GetSetBlock(WCHAR type, BOOL set, BOOL newval = FALSE);
|
||||||
|
|
||||||
|
|
|
@ -96,6 +96,7 @@ BEGIN_MESSAGE_MAP(CBoxPage, CPropertyPage)
|
||||||
ON_COMMAND(ID_SHOW_BORDER, Appearance_OnShowBorder)
|
ON_COMMAND(ID_SHOW_BORDER, Appearance_OnShowBorder)
|
||||||
ON_COMMAND(ID_BORDER_COLOR, Appearance_OnBorderColor)
|
ON_COMMAND(ID_BORDER_COLOR, Appearance_OnBorderColor)
|
||||||
ON_COMMAND(ID_BORDER_TITLE, Appearance_OnBorderTitle)
|
ON_COMMAND(ID_BORDER_TITLE, Appearance_OnBorderTitle)
|
||||||
|
ON_CONTROL(EN_CHANGE, ID_BORDER_WIDTH, OnModified)
|
||||||
|
|
||||||
ON_COMMAND(ID_DELETE_AUTO, AutoDelete_OnAuto)
|
ON_COMMAND(ID_DELETE_AUTO, AutoDelete_OnAuto)
|
||||||
ON_COMMAND(ID_DELETE_NEVER, AutoDelete_OnNever)
|
ON_COMMAND(ID_DELETE_NEVER, AutoDelete_OnNever)
|
||||||
|
@ -920,9 +921,17 @@ void CBoxPage::Appearance_OnInitDialog(CBox &box)
|
||||||
}
|
}
|
||||||
|
|
||||||
BOOL title;
|
BOOL title;
|
||||||
BOOL enabled = box.GetBorder(&Appearance_BorderColor, &title);
|
int width;
|
||||||
|
BOOL enabled = box.GetBorder(&Appearance_BorderColor, &title, &width);
|
||||||
if (! enabled)
|
if (! enabled)
|
||||||
GetDlgItem(ID_BORDER_COLOR)->ShowWindow(SW_HIDE);
|
GetDlgItem(ID_BORDER_COLOR)->ShowWindow(SW_HIDE);
|
||||||
|
|
||||||
|
CEdit* edit = (CEdit*)GetDlgItem(ID_BORDER_WIDTH);
|
||||||
|
edit->SetLimitText(3);
|
||||||
|
CString str;
|
||||||
|
str.Format(L"%d", width);
|
||||||
|
edit->SetWindowText(str);
|
||||||
|
|
||||||
Appearance_SetBorderColor();
|
Appearance_SetBorderColor();
|
||||||
|
|
||||||
CButton *pCheckBox3 = (CButton *)GetDlgItem(ID_SHOW_BORDER);
|
CButton *pCheckBox3 = (CButton *)GetDlgItem(ID_SHOW_BORDER);
|
||||||
|
@ -956,7 +965,10 @@ void CBoxPage::Appearance_OnOK(CBox &box)
|
||||||
CButton *pCheckBox4 = (CButton *)GetDlgItem(ID_BORDER_TITLE);
|
CButton *pCheckBox4 = (CButton *)GetDlgItem(ID_BORDER_TITLE);
|
||||||
BOOL enable = (pCheckBox3->GetCheck() == BST_CHECKED ? TRUE : FALSE);
|
BOOL enable = (pCheckBox3->GetCheck() == BST_CHECKED ? TRUE : FALSE);
|
||||||
BOOL title = (pCheckBox4->GetCheck() == BST_CHECKED ? TRUE : FALSE);
|
BOOL title = (pCheckBox4->GetCheck() == BST_CHECKED ? TRUE : FALSE);
|
||||||
ok = box.SetBorder(enable, Appearance_BorderColor, title);
|
CString str;
|
||||||
|
GetDlgItem(ID_MIGRATE_KB)->GetWindowText(str);
|
||||||
|
int width = _wtoi(str);
|
||||||
|
ok = box.SetBorder(enable, Appearance_BorderColor, title, width);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ok)
|
if (ok)
|
||||||
|
|
|
@ -117,7 +117,8 @@ void CMonitorDialog::OnIdle()
|
||||||
ULONG seq_num = m_last_entry_seq_num;
|
ULONG seq_num = m_last_entry_seq_num;
|
||||||
USHORT type;
|
USHORT type;
|
||||||
ULONG64 pid;
|
ULONG64 pid;
|
||||||
ULONG status = SbieApi_MonitorGetEx(&seq_num, &type, &pid, &name[12]);
|
ULONG64 tid;
|
||||||
|
ULONG status = SbieApi_MonitorGetEx(&seq_num, &type, &pid, &tid, &name[12]);
|
||||||
if (status != 0)
|
if (status != 0)
|
||||||
break; // error or no more entries
|
break; // error or no more entries
|
||||||
|
|
||||||
|
|
Binary file not shown.
|
@ -15,6 +15,7 @@
|
||||||
#define ID_SANDBOX_RUN_MENU 11
|
#define ID_SANDBOX_RUN_MENU 11
|
||||||
#define ID_SANDBOX_RUN_EXPLORER 13
|
#define ID_SANDBOX_RUN_EXPLORER 13
|
||||||
#define ID_SANDBOX_MENU_SIZE 15
|
#define ID_SANDBOX_MENU_SIZE 15
|
||||||
|
#define ID_BORDER_WIDTH 1001
|
||||||
#define ID_SANDBOX_REVEAL 9990
|
#define ID_SANDBOX_REVEAL 9990
|
||||||
#define ID_SANDBOX_SET_LAYOUT 9997
|
#define ID_SANDBOX_SET_LAYOUT 9997
|
||||||
#define ID_SANDBOX_SET_FOLDER 9998
|
#define ID_SANDBOX_SET_FOLDER 9998
|
||||||
|
@ -249,9 +250,9 @@
|
||||||
//
|
//
|
||||||
#ifdef APSTUDIO_INVOKED
|
#ifdef APSTUDIO_INVOKED
|
||||||
#ifndef APSTUDIO_READONLY_SYMBOLS
|
#ifndef APSTUDIO_READONLY_SYMBOLS
|
||||||
#define _APS_NEXT_RESOURCE_VALUE 104
|
#define _APS_NEXT_RESOURCE_VALUE 105
|
||||||
#define _APS_NEXT_COMMAND_VALUE 40013
|
#define _APS_NEXT_COMMAND_VALUE 40013
|
||||||
#define _APS_NEXT_CONTROL_VALUE 1001
|
#define _APS_NEXT_CONTROL_VALUE 1002
|
||||||
#define _APS_NEXT_SYMED_VALUE 103
|
#define _APS_NEXT_SYMED_VALUE 103
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -21,9 +21,9 @@
|
||||||
#ifndef _MY_VERSION_H
|
#ifndef _MY_VERSION_H
|
||||||
#define _MY_VERSION_H
|
#define _MY_VERSION_H
|
||||||
|
|
||||||
#define MY_VERSION_BINARY 5,47,1
|
#define MY_VERSION_BINARY 5,48,0
|
||||||
#define MY_VERSION_STRING "5.47.1"
|
#define MY_VERSION_STRING "5.48.0"
|
||||||
#define MY_VERSION_COMPAT "5.46.0" // this refers to the driver ABI compatibility
|
#define MY_VERSION_COMPAT "5.48.0" // this refers to the driver ABI compatibility
|
||||||
|
|
||||||
// These #defines are used by either Resource Compiler, or by NSIC installer
|
// These #defines are used by either Resource Compiler, or by NSIC installer
|
||||||
#define SBIE_INSTALLER_PATH "..\\Bin\\"
|
#define SBIE_INSTALLER_PATH "..\\Bin\\"
|
||||||
|
|
|
@ -0,0 +1,388 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2020-2021 DavidXanatos, xanasoft.com
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _XEB_
|
||||||
|
#define _XEB_
|
||||||
|
|
||||||
|
#define GDI_HANDLE_BUFFER_SIZE32 34
|
||||||
|
#define GDI_HANDLE_BUFFER_SIZE64 60
|
||||||
|
|
||||||
|
#if !defined(_M_X64)
|
||||||
|
#define GDI_HANDLE_BUFFER_SIZE GDI_HANDLE_BUFFER_SIZE32
|
||||||
|
#else
|
||||||
|
#define GDI_HANDLE_BUFFER_SIZE GDI_HANDLE_BUFFER_SIZE64
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef ULONG GDI_HANDLE_BUFFER32[GDI_HANDLE_BUFFER_SIZE32];
|
||||||
|
typedef ULONG GDI_HANDLE_BUFFER64[GDI_HANDLE_BUFFER_SIZE64];
|
||||||
|
typedef ULONG GDI_HANDLE_BUFFER[GDI_HANDLE_BUFFER_SIZE];
|
||||||
|
|
||||||
|
typedef struct _PEB_LDR_DATA
|
||||||
|
{
|
||||||
|
ULONG Length;
|
||||||
|
BOOLEAN Initialized;
|
||||||
|
HANDLE SsHandle;
|
||||||
|
LIST_ENTRY InLoadOrderModuleList;
|
||||||
|
LIST_ENTRY InMemoryOrderModuleList;
|
||||||
|
LIST_ENTRY InInitializationOrderModuleList;
|
||||||
|
PVOID EntryInProgress;
|
||||||
|
BOOLEAN ShutdownInProgress;
|
||||||
|
HANDLE ShutdownThreadId;
|
||||||
|
} PEB_LDR_DATA, *PPEB_LDR_DATA;
|
||||||
|
|
||||||
|
typedef struct _PEB
|
||||||
|
{
|
||||||
|
BOOLEAN InheritedAddressSpace;
|
||||||
|
BOOLEAN ReadImageFileExecOptions;
|
||||||
|
BOOLEAN BeingDebugged;
|
||||||
|
union
|
||||||
|
{
|
||||||
|
BOOLEAN BitField;
|
||||||
|
struct
|
||||||
|
{
|
||||||
|
BOOLEAN ImageUsesLargePages : 1;
|
||||||
|
BOOLEAN IsProtectedProcess : 1;
|
||||||
|
BOOLEAN IsLegacyProcess : 1;
|
||||||
|
BOOLEAN IsImageDynamicallyRelocated : 1;
|
||||||
|
BOOLEAN SkipPatchingUser32Forwarders : 1;
|
||||||
|
BOOLEAN SpareBits : 3;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
HANDLE Mutant;
|
||||||
|
|
||||||
|
PVOID ImageBaseAddress;
|
||||||
|
PPEB_LDR_DATA Ldr;
|
||||||
|
PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
|
||||||
|
PVOID SubSystemData;
|
||||||
|
PVOID ProcessHeap;
|
||||||
|
PRTL_CRITICAL_SECTION FastPebLock;
|
||||||
|
PVOID AtlThunkSListPtr;
|
||||||
|
PVOID IFEOKey;
|
||||||
|
union
|
||||||
|
{
|
||||||
|
ULONG CrossProcessFlags;
|
||||||
|
struct
|
||||||
|
{
|
||||||
|
ULONG ProcessInJob : 1;
|
||||||
|
ULONG ProcessInitializing : 1;
|
||||||
|
ULONG ProcessUsingVEH : 1;
|
||||||
|
ULONG ProcessUsingVCH : 1;
|
||||||
|
ULONG ProcessUsingFTH : 1;
|
||||||
|
ULONG ReservedBits0 : 27;
|
||||||
|
};
|
||||||
|
ULONG EnvironmentUpdateCount;
|
||||||
|
};
|
||||||
|
union
|
||||||
|
{
|
||||||
|
PVOID KernelCallbackTable;
|
||||||
|
PVOID UserSharedInfoPtr;
|
||||||
|
};
|
||||||
|
ULONG SystemReserved[1];
|
||||||
|
ULONG AtlThunkSListPtr32;
|
||||||
|
PVOID ApiSetMap;
|
||||||
|
ULONG TlsExpansionCounter;
|
||||||
|
PVOID TlsBitmap;
|
||||||
|
ULONG TlsBitmapBits[2];
|
||||||
|
PVOID ReadOnlySharedMemoryBase;
|
||||||
|
PVOID HotpatchInformation;
|
||||||
|
PVOID *ReadOnlyStaticServerData;
|
||||||
|
PVOID AnsiCodePageData;
|
||||||
|
PVOID OemCodePageData;
|
||||||
|
PVOID UnicodeCaseTableData;
|
||||||
|
|
||||||
|
ULONG NumberOfProcessors;
|
||||||
|
ULONG NtGlobalFlag;
|
||||||
|
|
||||||
|
LARGE_INTEGER CriticalSectionTimeout;
|
||||||
|
SIZE_T HeapSegmentReserve;
|
||||||
|
SIZE_T HeapSegmentCommit;
|
||||||
|
SIZE_T HeapDeCommitTotalFreeThreshold;
|
||||||
|
SIZE_T HeapDeCommitFreeBlockThreshold;
|
||||||
|
|
||||||
|
ULONG NumberOfHeaps;
|
||||||
|
ULONG MaximumNumberOfHeaps;
|
||||||
|
PVOID *ProcessHeaps;
|
||||||
|
|
||||||
|
PVOID GdiSharedHandleTable;
|
||||||
|
PVOID ProcessStarterHelper;
|
||||||
|
ULONG GdiDCAttributeList;
|
||||||
|
|
||||||
|
PRTL_CRITICAL_SECTION LoaderLock;
|
||||||
|
|
||||||
|
ULONG OSMajorVersion;
|
||||||
|
ULONG OSMinorVersion;
|
||||||
|
USHORT OSBuildNumber;
|
||||||
|
USHORT OSCSDVersion;
|
||||||
|
ULONG OSPlatformId;
|
||||||
|
ULONG ImageSubsystem;
|
||||||
|
ULONG ImageSubsystemMajorVersion;
|
||||||
|
ULONG ImageSubsystemMinorVersion;
|
||||||
|
ULONG_PTR ImageProcessAffinityMask;
|
||||||
|
GDI_HANDLE_BUFFER GdiHandleBuffer;
|
||||||
|
PVOID PostProcessInitRoutine;
|
||||||
|
|
||||||
|
PVOID TlsExpansionBitmap;
|
||||||
|
ULONG TlsExpansionBitmapBits[32];
|
||||||
|
|
||||||
|
ULONG SessionId;
|
||||||
|
|
||||||
|
ULARGE_INTEGER AppCompatFlags;
|
||||||
|
ULARGE_INTEGER AppCompatFlagsUser;
|
||||||
|
PVOID pShimData;
|
||||||
|
PVOID AppCompatInfo;
|
||||||
|
|
||||||
|
UNICODE_STRING CSDVersion;
|
||||||
|
|
||||||
|
PVOID ActivationContextData;
|
||||||
|
PVOID ProcessAssemblyStorageMap;
|
||||||
|
PVOID SystemDefaultActivationContextData;
|
||||||
|
PVOID SystemAssemblyStorageMap;
|
||||||
|
|
||||||
|
SIZE_T MinimumStackCommit;
|
||||||
|
|
||||||
|
PVOID *FlsCallback;
|
||||||
|
LIST_ENTRY FlsListHead;
|
||||||
|
PVOID FlsBitmap;
|
||||||
|
ULONG FlsBitmapBits[FLS_MAXIMUM_AVAILABLE / (sizeof(ULONG) * 8)];
|
||||||
|
ULONG FlsHighIndex;
|
||||||
|
|
||||||
|
PVOID WerRegistrationData;
|
||||||
|
PVOID WerShipAssertPtr;
|
||||||
|
PVOID pContextData;
|
||||||
|
PVOID pImageHeaderHash;
|
||||||
|
union
|
||||||
|
{
|
||||||
|
ULONG TracingFlags;
|
||||||
|
struct
|
||||||
|
{
|
||||||
|
ULONG HeapTracingEnabled : 1;
|
||||||
|
ULONG CritSecTracingEnabled : 1;
|
||||||
|
ULONG SpareTracingBits : 30;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
} PEB, *PPEB;
|
||||||
|
|
||||||
|
#define GDI_BATCH_BUFFER_SIZE 310
|
||||||
|
|
||||||
|
typedef struct _GDI_TEB_BATCH {
|
||||||
|
ULONG Offset;
|
||||||
|
UCHAR Alignment[4];
|
||||||
|
ULONG_PTR HDC;
|
||||||
|
ULONG Buffer[GDI_BATCH_BUFFER_SIZE];
|
||||||
|
} GDI_TEB_BATCH, *PGDI_TEB_BATCH;
|
||||||
|
|
||||||
|
typedef struct _TEB_ACTIVE_FRAME_CONTEXT
|
||||||
|
{
|
||||||
|
ULONG Flags;
|
||||||
|
PSTR FrameName;
|
||||||
|
} TEB_ACTIVE_FRAME_CONTEXT, *PTEB_ACTIVE_FRAME_CONTEXT;
|
||||||
|
|
||||||
|
// 17/3/2011 updated
|
||||||
|
typedef struct _TEB_ACTIVE_FRAME
|
||||||
|
{
|
||||||
|
ULONG Flags;
|
||||||
|
struct _TEB_ACTIVE_FRAME *Previous;
|
||||||
|
PTEB_ACTIVE_FRAME_CONTEXT Context;
|
||||||
|
} TEB_ACTIVE_FRAME, *PTEB_ACTIVE_FRAME;
|
||||||
|
|
||||||
|
typedef struct _TEB
|
||||||
|
{
|
||||||
|
NT_TIB NtTib;
|
||||||
|
|
||||||
|
PVOID EnvironmentPointer;
|
||||||
|
CLIENT_ID ClientId;
|
||||||
|
PVOID ActiveRpcHandle;
|
||||||
|
PVOID ThreadLocalStoragePointer;
|
||||||
|
PPEB ProcessEnvironmentBlock;
|
||||||
|
|
||||||
|
ULONG LastErrorValue;
|
||||||
|
ULONG CountOfOwnedCriticalSections;
|
||||||
|
PVOID CsrClientThread;
|
||||||
|
PVOID Win32ThreadInfo;
|
||||||
|
ULONG User32Reserved[26];
|
||||||
|
ULONG UserReserved[5];
|
||||||
|
PVOID WOW32Reserved;
|
||||||
|
LCID CurrentLocale;
|
||||||
|
ULONG FpSoftwareStatusRegister;
|
||||||
|
PVOID SystemReserved1[54];
|
||||||
|
NTSTATUS ExceptionCode;
|
||||||
|
PVOID ActivationContextStackPointer;
|
||||||
|
#if defined(_M_X64)
|
||||||
|
UCHAR SpareBytes[24];
|
||||||
|
#else
|
||||||
|
UCHAR SpareBytes[36];
|
||||||
|
#endif
|
||||||
|
ULONG TxFsContext;
|
||||||
|
|
||||||
|
GDI_TEB_BATCH GdiTebBatch;
|
||||||
|
CLIENT_ID RealClientId;
|
||||||
|
HANDLE GdiCachedProcessHandle;
|
||||||
|
ULONG GdiClientPID;
|
||||||
|
ULONG GdiClientTID;
|
||||||
|
PVOID GdiThreadLocalInfo;
|
||||||
|
ULONG_PTR Win32ClientInfo[62];
|
||||||
|
PVOID glDispatchTable[233];
|
||||||
|
ULONG_PTR glReserved1[29];
|
||||||
|
PVOID glReserved2;
|
||||||
|
PVOID glSectionInfo;
|
||||||
|
PVOID glSection;
|
||||||
|
PVOID glTable;
|
||||||
|
PVOID glCurrentRC;
|
||||||
|
PVOID glContext;
|
||||||
|
|
||||||
|
NTSTATUS LastStatusValue;
|
||||||
|
UNICODE_STRING StaticUnicodeString;
|
||||||
|
WCHAR StaticUnicodeBuffer[261];
|
||||||
|
|
||||||
|
PVOID DeallocationStack;
|
||||||
|
PVOID TlsSlots[64];
|
||||||
|
LIST_ENTRY TlsLinks;
|
||||||
|
|
||||||
|
PVOID Vdm;
|
||||||
|
PVOID ReservedForNtRpc;
|
||||||
|
PVOID DbgSsReserved[2];
|
||||||
|
|
||||||
|
ULONG HardErrorMode;
|
||||||
|
#if defined(_M_X64)
|
||||||
|
PVOID Instrumentation[11];
|
||||||
|
#else
|
||||||
|
PVOID Instrumentation[9];
|
||||||
|
#endif
|
||||||
|
GUID ActivityId;
|
||||||
|
|
||||||
|
PVOID SubProcessTag;
|
||||||
|
PVOID EtwLocalData;
|
||||||
|
PVOID EtwTraceData;
|
||||||
|
PVOID WinSockData;
|
||||||
|
ULONG GdiBatchCount;
|
||||||
|
|
||||||
|
union
|
||||||
|
{
|
||||||
|
PROCESSOR_NUMBER CurrentIdealProcessor;
|
||||||
|
ULONG IdealProcessorValue;
|
||||||
|
struct
|
||||||
|
{
|
||||||
|
UCHAR ReservedPad0;
|
||||||
|
UCHAR ReservedPad1;
|
||||||
|
UCHAR ReservedPad2;
|
||||||
|
UCHAR IdealProcessor;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
ULONG GuaranteedStackBytes;
|
||||||
|
PVOID ReservedForPerf;
|
||||||
|
PVOID ReservedForOle;
|
||||||
|
ULONG WaitingOnLoaderLock;
|
||||||
|
PVOID SavedPriorityState;
|
||||||
|
ULONG_PTR SoftPatchPtr1;
|
||||||
|
PVOID ThreadPoolData;
|
||||||
|
PVOID *TlsExpansionSlots;
|
||||||
|
#if defined(_M_X64)
|
||||||
|
PVOID DeallocationBStore;
|
||||||
|
PVOID BStoreLimit;
|
||||||
|
#endif
|
||||||
|
ULONG MuiGeneration;
|
||||||
|
ULONG IsImpersonating;
|
||||||
|
PVOID NlsCache;
|
||||||
|
PVOID pShimData;
|
||||||
|
ULONG HeapVirtualAffinity;
|
||||||
|
HANDLE CurrentTransactionHandle;
|
||||||
|
PTEB_ACTIVE_FRAME ActiveFrame;
|
||||||
|
PVOID FlsData;
|
||||||
|
|
||||||
|
PVOID PreferredLanguages;
|
||||||
|
PVOID UserPrefLanguages;
|
||||||
|
PVOID MergedPrefLanguages;
|
||||||
|
ULONG MuiImpersonation;
|
||||||
|
|
||||||
|
union
|
||||||
|
{
|
||||||
|
USHORT CrossTebFlags;
|
||||||
|
USHORT SpareCrossTebBits : 16;
|
||||||
|
};
|
||||||
|
union
|
||||||
|
{
|
||||||
|
USHORT SameTebFlags;
|
||||||
|
struct
|
||||||
|
{
|
||||||
|
USHORT SafeThunkCall : 1;
|
||||||
|
USHORT InDebugPrint : 1;
|
||||||
|
USHORT HasFiberData : 1;
|
||||||
|
USHORT SkipThreadAttach : 1;
|
||||||
|
USHORT WerInShipAssertCode : 1;
|
||||||
|
USHORT RanProcessInit : 1;
|
||||||
|
USHORT ClonedThread : 1;
|
||||||
|
USHORT SuppressDebugMsg : 1;
|
||||||
|
USHORT DisableUserStackWalk : 1;
|
||||||
|
USHORT RtlExceptionAttached : 1;
|
||||||
|
USHORT InitialThread : 1;
|
||||||
|
USHORT SpareSameTebBits : 1;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
PVOID TxnScopeEnterCallback;
|
||||||
|
PVOID TxnScopeExitCallback;
|
||||||
|
PVOID TxnScopeContext;
|
||||||
|
ULONG LockCount;
|
||||||
|
ULONG SpareUlong0;
|
||||||
|
PVOID ResourceRetValue;
|
||||||
|
} TEB, *PTEB;
|
||||||
|
|
||||||
|
|
||||||
|
typedef struct _LDR_DATA_TABLE_ENTRY
|
||||||
|
{
|
||||||
|
LIST_ENTRY InLoadOrderLinks;
|
||||||
|
LIST_ENTRY InMemoryOrderLinks;
|
||||||
|
LIST_ENTRY InInitializationOrderLinks;
|
||||||
|
PVOID DllBase;
|
||||||
|
PVOID EntryPoint;
|
||||||
|
ULONG SizeOfImage;
|
||||||
|
UNICODE_STRING FullDllName;
|
||||||
|
UNICODE_STRING BaseDllName;
|
||||||
|
ULONG Flags;
|
||||||
|
USHORT LoadCount;
|
||||||
|
USHORT TlsIndex;
|
||||||
|
union
|
||||||
|
{
|
||||||
|
LIST_ENTRY HashLinks;
|
||||||
|
struct
|
||||||
|
{
|
||||||
|
PVOID SectionPointer;
|
||||||
|
ULONG CheckSum;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
union
|
||||||
|
{
|
||||||
|
ULONG TimeDateStamp;
|
||||||
|
PVOID LoadedImports;
|
||||||
|
};
|
||||||
|
PVOID EntryPointActivationContext;
|
||||||
|
PVOID PatchInformation;
|
||||||
|
LIST_ENTRY ForwarderLinks;
|
||||||
|
LIST_ENTRY ServiceTagLinks;
|
||||||
|
LIST_ENTRY StaticLinks;
|
||||||
|
PVOID ContextInformation;
|
||||||
|
ULONG_PTR OriginalBase;
|
||||||
|
LARGE_INTEGER LoadTime;
|
||||||
|
} LDR_DATA_TABLE_ENTRY, * PLDR_DATA_TABLE_ENTRY;
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef NtCurrentPeb
|
||||||
|
__inline struct _PEB * NtCurrentPeb() { return NtCurrentTeb()->ProcessEnvironmentBlock; }
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif // _XEB_
|
|
@ -35,7 +35,7 @@ SbieApi_IsBoxEnabled=_SbieApi_IsBoxEnabled@4
|
||||||
|
|
||||||
SbieApi_MonitorControl=_SbieApi_MonitorControl@8
|
SbieApi_MonitorControl=_SbieApi_MonitorControl@8
|
||||||
SbieApi_MonitorGet=_SbieApi_MonitorGet@8
|
SbieApi_MonitorGet=_SbieApi_MonitorGet@8
|
||||||
SbieApi_MonitorGetEx=_SbieApi_MonitorGetEx@16
|
SbieApi_MonitorGetEx=_SbieApi_MonitorGetEx@20
|
||||||
SbieApi_MonitorPut=_SbieApi_MonitorPut@8
|
SbieApi_MonitorPut=_SbieApi_MonitorPut@8
|
||||||
SbieApi_MonitorPut2=_SbieApi_MonitorPut2@12
|
SbieApi_MonitorPut2=_SbieApi_MonitorPut2@12
|
||||||
|
|
||||||
|
|
|
@ -343,3 +343,59 @@ _FX NTSTATUS Config_GetSettingsForImageName(
|
||||||
|
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// SbieDll_GetBorderColor
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
BOOLEAN SbieDll_GetBorderColor(const WCHAR* box_name, COLORREF* color, BOOL* title, int* width)
|
||||||
|
{
|
||||||
|
#ifndef RGB
|
||||||
|
#define RGB(r,g,b) ((COLORREF)(((BYTE)(r)|((WORD)((BYTE)(g))<<8))|(((DWORD)(BYTE)(b))<<16)))
|
||||||
|
#endif //RGB
|
||||||
|
|
||||||
|
*color = RGB(255, 255, 0);
|
||||||
|
if (title) *title = FALSE;
|
||||||
|
if (width) *width = 6;
|
||||||
|
|
||||||
|
NTSTATUS status;
|
||||||
|
WCHAR str[32];
|
||||||
|
status = SbieApi_QueryConfAsIs(box_name, L"BorderColor", 0, str, sizeof(str) - sizeof(WCHAR)); // BorderColor=#00ffff,ttl,6
|
||||||
|
|
||||||
|
if (!NT_SUCCESS(status) || wcslen(str) < 7 || str[0] != L'#')
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
WCHAR* ptr = str;
|
||||||
|
WCHAR* tmp = wcschr(ptr, L',');
|
||||||
|
if (tmp != NULL) *tmp = L'\0';
|
||||||
|
|
||||||
|
WCHAR* endptr;
|
||||||
|
*color = wcstol(ptr + 1, &endptr, 16);
|
||||||
|
if (*endptr != L'\0') {
|
||||||
|
*color = RGB(255, 255, 0);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (tmp == NULL) return TRUE;
|
||||||
|
ptr = tmp + 1;
|
||||||
|
tmp = wcschr(ptr, L',');
|
||||||
|
if (tmp != NULL) *tmp = L'\0';
|
||||||
|
|
||||||
|
if (_wcsicmp(ptr, L"ttl") == 0)
|
||||||
|
{
|
||||||
|
if (title) *title = TRUE;
|
||||||
|
}
|
||||||
|
else if (_wcsicmp(ptr, L"off") == 0)
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
if (tmp == NULL) return TRUE;
|
||||||
|
ptr = tmp + 1;
|
||||||
|
tmp = wcschr(ptr, L',');
|
||||||
|
if (tmp != NULL) *tmp = L'\0';
|
||||||
|
|
||||||
|
if (width) *width = _wtoi(ptr);
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
|
@ -2306,6 +2306,37 @@ _FX NTSTATUS File_NtCreateFile(
|
||||||
// File_NtCreateFileImpl
|
// File_NtCreateFileImpl
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
/*static P_NtCreateFile __sys_NtCreateFile_ = NULL;
|
||||||
|
|
||||||
|
_FX NTSTATUS File_MyCreateFile(
|
||||||
|
HANDLE* FileHandle,
|
||||||
|
ACCESS_MASK DesiredAccess,
|
||||||
|
OBJECT_ATTRIBUTES* ObjectAttributes,
|
||||||
|
IO_STATUS_BLOCK* IoStatusBlock,
|
||||||
|
LARGE_INTEGER* AllocationSize,
|
||||||
|
ULONG FileAttributes,
|
||||||
|
ULONG ShareAccess,
|
||||||
|
ULONG CreateDisposition,
|
||||||
|
ULONG CreateOptions,
|
||||||
|
void* EaBuffer,
|
||||||
|
ULONG EaLength)
|
||||||
|
{
|
||||||
|
NTSTATUS status = __sys_NtCreateFile_(
|
||||||
|
FileHandle, DesiredAccess, ObjectAttributes, IoStatusBlock,
|
||||||
|
AllocationSize, FileAttributes, ShareAccess, CreateDisposition,
|
||||||
|
CreateOptions, EaBuffer, EaLength);
|
||||||
|
|
||||||
|
if (ObjectAttributes && ObjectAttributes->ObjectName && ObjectAttributes->ObjectName->Buffer
|
||||||
|
&& _wcsicmp(ObjectAttributes->ObjectName->Buffer, L"\\??\\C:") == 0)
|
||||||
|
{
|
||||||
|
DebugBreak();
|
||||||
|
}
|
||||||
|
|
||||||
|
status = StopTailCallOptimization(status);
|
||||||
|
|
||||||
|
return status;
|
||||||
|
}*/
|
||||||
|
|
||||||
|
|
||||||
_FX NTSTATUS File_NtCreateFileImpl(
|
_FX NTSTATUS File_NtCreateFileImpl(
|
||||||
HANDLE *FileHandle,
|
HANDLE *FileHandle,
|
||||||
|
@ -2345,6 +2376,12 @@ _FX NTSTATUS File_NtCreateFileImpl(
|
||||||
// // __debugbreak();
|
// // __debugbreak();
|
||||||
//}
|
//}
|
||||||
|
|
||||||
|
//if (__sys_NtCreateFile_ == NULL)
|
||||||
|
//{
|
||||||
|
// __sys_NtCreateFile_ = __sys_NtCreateFile;
|
||||||
|
// __sys_NtCreateFile = File_MyCreateFile;
|
||||||
|
//}
|
||||||
|
|
||||||
//
|
//
|
||||||
// if this is a recursive invocation of NtCreateFile,
|
// if this is a recursive invocation of NtCreateFile,
|
||||||
// then pass it as-is down the chain
|
// then pass it as-is down the chain
|
||||||
|
@ -2471,6 +2508,22 @@ ReparseLoop:
|
||||||
CreateOptions &= ~FILE_DELETE_ON_CLOSE;
|
CreateOptions &= ~FILE_DELETE_ON_CLOSE;
|
||||||
DesiredAccess &= ~FILE_DENIED_ACCESS;
|
DesiredAccess &= ~FILE_DENIED_ACCESS;
|
||||||
|
|
||||||
|
//
|
||||||
|
// If this is an access on a raw disk device, adapt the requested permissions to what the drivers permits
|
||||||
|
//
|
||||||
|
|
||||||
|
if (ObjectAttributes->ObjectName && &ObjectAttributes->ObjectName->Buffer != NULL && ObjectAttributes->ObjectName->Length > (4 * sizeof(WCHAR))
|
||||||
|
&& wcsncmp(ObjectAttributes->ObjectName->Buffer, L"\\??\\", 4) == 0
|
||||||
|
&& (DesiredAccess & ~(SYNCHRONIZE | READ_CONTROL | FILE_READ_EA | FILE_READ_ATTRIBUTES)) != 0)
|
||||||
|
{
|
||||||
|
if ((ObjectAttributes->ObjectName->Length == (6 * sizeof(WCHAR)) && ObjectAttributes->ObjectName->Buffer[5] == L':') // \??\C:
|
||||||
|
|| wcsncmp(&ObjectAttributes->ObjectName->Buffer[4], L"PhysicalDrive", 13) == 0 // \??\PhysicalDrive1
|
||||||
|
|| wcsncmp(&ObjectAttributes->ObjectName->Buffer[4], L"Volume", 6) == 0) // \??\Volume{2b985816-4b6f-11ea-bd33-48a4725d5bbe}
|
||||||
|
{
|
||||||
|
DesiredAccess &= (SYNCHRONIZE | READ_CONTROL | FILE_READ_EA | FILE_READ_ATTRIBUTES);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
status = __sys_NtCreateFile(
|
status = __sys_NtCreateFile(
|
||||||
FileHandle, DesiredAccess, ObjectAttributes,
|
FileHandle, DesiredAccess, ObjectAttributes,
|
||||||
IoStatusBlock, AllocationSize, FileAttributes,
|
IoStatusBlock, AllocationSize, FileAttributes,
|
||||||
|
|
|
@ -49,7 +49,7 @@ static LIST File_MigrationOptions[NUM_COPY_MODES];
|
||||||
|
|
||||||
static BOOLEAN File_MigrationDenyWrite = FALSE;
|
static BOOLEAN File_MigrationDenyWrite = FALSE;
|
||||||
|
|
||||||
static ULONG File_CopyLimitKb = (80 * 1024); // 80 MB
|
static ULONGLONG File_CopyLimitKb = (80 * 1024); // 80 MB
|
||||||
static BOOLEAN File_CopyLimitSilent = FALSE;
|
static BOOLEAN File_CopyLimitSilent = FALSE;
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
@ -128,7 +128,7 @@ found_match:
|
||||||
// if tere is no configuration for this file type/path decide based on the file size
|
// if tere is no configuration for this file type/path decide based on the file size
|
||||||
//
|
//
|
||||||
|
|
||||||
if (File_CopyLimitKb == -1 || file_size < (File_CopyLimitKb * 1024))
|
if (File_CopyLimitKb == -1 || file_size < ((ULONGLONG)File_CopyLimitKb * 1024))
|
||||||
return FILE_COPY_CONTENT;
|
return FILE_COPY_CONTENT;
|
||||||
|
|
||||||
//
|
//
|
||||||
|
@ -223,7 +223,7 @@ _FX void File_InitCopyLimit(void)
|
||||||
if (NT_SUCCESS(status)) {
|
if (NT_SUCCESS(status)) {
|
||||||
ULONGLONG num = _wtoi64(str);
|
ULONGLONG num = _wtoi64(str);
|
||||||
if (num)
|
if (num)
|
||||||
File_CopyLimitKb = (num > 0x000000007fffffff) ? -1 : (ULONG)num;
|
File_CopyLimitKb = (num > 0x000000007fffffff) ? -1 : num;
|
||||||
else
|
else
|
||||||
SbieApi_Log(2207, _CopyLimitKb);
|
SbieApi_Log(2207, _CopyLimitKb);
|
||||||
}
|
}
|
||||||
|
|
|
@ -454,6 +454,8 @@ extern BOOLEAN Gui_RenameClasses;
|
||||||
extern BOOLEAN Gui_OpenAllWinClasses; // not running in a restricted job
|
extern BOOLEAN Gui_OpenAllWinClasses; // not running in a restricted job
|
||||||
|
|
||||||
extern BOOLEAN Gui_DisableTitle;
|
extern BOOLEAN Gui_DisableTitle;
|
||||||
|
extern ULONG Gui_BoxNameTitleLen;
|
||||||
|
extern WCHAR* Gui_BoxNameTitleW;
|
||||||
|
|
||||||
extern ATOM Gui_DropTargetProp_Atom;
|
extern ATOM Gui_DropTargetProp_Atom;
|
||||||
extern ATOM Gui_WindowProcOldW_Atom;
|
extern ATOM Gui_WindowProcOldW_Atom;
|
||||||
|
|
|
@ -51,7 +51,7 @@ const UCHAR *Gui_TitleSuffixA = TITLE_SUFFIX_A;
|
||||||
static ULONG Gui_TitleSuffixA_len = 0;
|
static ULONG Gui_TitleSuffixA_len = 0;
|
||||||
|
|
||||||
ULONG Gui_BoxNameTitleLen = 0;
|
ULONG Gui_BoxNameTitleLen = 0;
|
||||||
static WCHAR *Gui_BoxNameTitleW = NULL;
|
WCHAR *Gui_BoxNameTitleW = NULL;
|
||||||
static ANSI_STRING Gui_BoxNameTitleA;
|
static ANSI_STRING Gui_BoxNameTitleA;
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -395,9 +395,6 @@ _FX BOOLEAN Proc_Init(void)
|
||||||
SBIEDLL_HOOK(Proc_, SetProcessMitigationPolicy);
|
SBIEDLL_HOOK(Proc_, SetProcessMitigationPolicy);
|
||||||
}
|
}
|
||||||
|
|
||||||
// OriginalToken BEGIN
|
|
||||||
if (!SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
|
|
||||||
// OriginalToken END
|
|
||||||
if(Dll_OsBuild < 17677) {
|
if(Dll_OsBuild < 17677) {
|
||||||
|
|
||||||
SBIEDLL_HOOK(Proc_,CreateProcessInternalW);
|
SBIEDLL_HOOK(Proc_,CreateProcessInternalW);
|
||||||
|
@ -752,6 +749,21 @@ _FX BOOL Proc_CreateProcessInternalW(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// OriginalToken BEGIN
|
||||||
|
if (SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
|
||||||
|
{
|
||||||
|
ok = __sys_CreateProcessInternalW(
|
||||||
|
hToken, lpApplicationName, lpCommandLine,
|
||||||
|
lpProcessAttributes, lpThreadAttributes, bInheritHandles, dwCreationFlags,
|
||||||
|
lpEnvironment, lpCurrentDirectory,
|
||||||
|
lpStartupInfo, lpProcessInformation, hNewToken);
|
||||||
|
|
||||||
|
err = GetLastError();
|
||||||
|
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
|
// OriginalToken END
|
||||||
|
|
||||||
//
|
//
|
||||||
// create the new process
|
// create the new process
|
||||||
//
|
//
|
||||||
|
@ -1208,6 +1220,21 @@ _FX BOOL Proc_CreateProcessInternalW_RS5(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// OriginalToken BEGIN
|
||||||
|
if (SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
|
||||||
|
{
|
||||||
|
ok = __sys_CreateProcessInternalW_RS5(
|
||||||
|
hToken, lpApplicationName, lpCommandLine,
|
||||||
|
lpProcessAttributes, lpThreadAttributes, bInheritHandles,
|
||||||
|
dwCreationFlags, lpEnvironment, lpCurrentDirectory,
|
||||||
|
lpStartupInfo, lpProcessInformation, hNewToken);
|
||||||
|
|
||||||
|
err = GetLastError();
|
||||||
|
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
|
// OriginalToken END
|
||||||
|
|
||||||
if (!(dwCreationFlags & CREATE_SUSPENDED))
|
if (!(dwCreationFlags & CREATE_SUSPENDED))
|
||||||
resume_thread = TRUE;
|
resume_thread = TRUE;
|
||||||
dwCreationFlags |= CREATE_SUSPENDED;
|
dwCreationFlags |= CREATE_SUSPENDED;
|
||||||
|
@ -1338,6 +1365,8 @@ _FX BOOL Proc_CreateProcessInternalW_RS5(
|
||||||
// handle CreateProcessInternal returning ERROR_ELEVATION_REQUIRED
|
// handle CreateProcessInternal returning ERROR_ELEVATION_REQUIRED
|
||||||
//
|
//
|
||||||
|
|
||||||
|
finish:
|
||||||
|
|
||||||
--TlsData->proc_create_process;
|
--TlsData->proc_create_process;
|
||||||
|
|
||||||
if ((!ok) && (err == ERROR_ELEVATION_REQUIRED)) {
|
if ((!ok) && (err == ERROR_ELEVATION_REQUIRED)) {
|
||||||
|
|
|
@ -29,7 +29,7 @@
|
||||||
#include <psapi.h>
|
#include <psapi.h>
|
||||||
#define INITGUID
|
#define INITGUID
|
||||||
#include <guiddef.h>
|
#include <guiddef.h>
|
||||||
|
#include "trace.h"
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Functions
|
// Functions
|
||||||
|
@ -61,17 +61,23 @@ int Scm_Start_Sppsvc();
|
||||||
|
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
|
|
||||||
|
extern ULONG_PTR __cdecl RpcRt_NdrClientCall2(
|
||||||
|
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...);
|
||||||
|
|
||||||
extern ULONG_PTR __cdecl RpcRt_NdrClientCall3(
|
extern ULONG_PTR __cdecl RpcRt_NdrClientCall3(
|
||||||
MIDL_STUBLESS_PROXY_INFO* pProxyInfo, ULONG nProcNum, void* pReturnValue, ...);
|
MIDL_STUBLESS_PROXY_INFO* pProxyInfo, ULONG nProcNum, void* pReturnValue, ...);
|
||||||
|
|
||||||
#else
|
#else
|
||||||
|
|
||||||
//extern ULONG_PTR __cdecl RpcRt_NdrClientCall3(
|
extern ULONG_PTR __cdecl RpcRt_NdrClientCall(
|
||||||
// MIDL_STUBLESS_PROXY_INFO* pProxyInfo, ULONG nProcNum, void* pReturnValue, ULONG_PTR* Args);
|
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ULONG_PTR* Args);
|
||||||
|
|
||||||
extern ULONG_PTR __cdecl RpcRt_NdrClientCall2(
|
extern ULONG_PTR __cdecl RpcRt_NdrClientCall2(
|
||||||
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ULONG_PTR* Args);
|
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ULONG_PTR* Args);
|
||||||
|
|
||||||
|
extern ULONG_PTR __cdecl RpcRt_NdrClientCall4(
|
||||||
|
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ULONG_PTR* Args);
|
||||||
|
|
||||||
#endif _WIN64
|
#endif _WIN64
|
||||||
|
|
||||||
|
|
||||||
|
@ -112,12 +118,12 @@ typedef RPC_STATUS (*P_RpcMgmtSetComTimeout)(RPC_BINDING_HANDLE Binding, unsigne
|
||||||
|
|
||||||
typedef BOOL(WINAPI* P_GetModuleInformation)(_In_ HANDLE hProcess, _In_ HMODULE hModule, _Out_ LPMODULEINFO lpmodinfo, _In_ DWORD cb);
|
typedef BOOL(WINAPI* P_GetModuleInformation)(_In_ HANDLE hProcess, _In_ HMODULE hModule, _Out_ LPMODULEINFO lpmodinfo, _In_ DWORD cb);
|
||||||
|
|
||||||
|
typedef ULONG_PTR(__cdecl* P_NdrClientCallX)(
|
||||||
|
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...);
|
||||||
|
|
||||||
typedef ULONG_PTR(__cdecl* P_NdrClientCall3)(
|
typedef ULONG_PTR(__cdecl* P_NdrClientCall3)(
|
||||||
MIDL_STUBLESS_PROXY_INFO* pProxyInfo, ULONG nProcNum, void* pReturnValue, ...);
|
MIDL_STUBLESS_PROXY_INFO* pProxyInfo, ULONG nProcNum, void* pReturnValue, ...);
|
||||||
|
|
||||||
typedef ULONG_PTR(__cdecl* P_NdrClientCall2)(
|
|
||||||
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...);
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
@ -133,6 +139,7 @@ P_RpcBindingCreateW __sys_RpcBindingCreateW = NULL;
|
||||||
|
|
||||||
P_RpcMgmtSetComTimeout __sys_RpcMgmtSetComTimeout = NULL;
|
P_RpcMgmtSetComTimeout __sys_RpcMgmtSetComTimeout = NULL;
|
||||||
#define RPC_C_BINDING_TIMEOUT 4
|
#define RPC_C_BINDING_TIMEOUT 4
|
||||||
|
BOOLEAN __use_RpcMgmtSetComTimeout = FALSE;
|
||||||
|
|
||||||
P_UuidToStringW __sys_UuidToStringW = NULL;
|
P_UuidToStringW __sys_UuidToStringW = NULL;
|
||||||
|
|
||||||
|
@ -141,13 +148,17 @@ P_RpcStringFreeW __sys_RpcStringFreeW = NULL;
|
||||||
P_GetModuleInformation __sys_GetModuleInformation = NULL;
|
P_GetModuleInformation __sys_GetModuleInformation = NULL;
|
||||||
|
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
|
P_NdrClientCallX __sys_NdrClientCall2 = NULL;
|
||||||
P_NdrClientCall3 __sys_NdrClientCall3 = NULL;
|
P_NdrClientCall3 __sys_NdrClientCall3 = NULL;
|
||||||
#else
|
#else
|
||||||
P_NdrClientCall2 __sys_NdrClientCall2 = NULL;
|
P_NdrClientCallX __sys_NdrClientCall = NULL;
|
||||||
|
P_NdrClientCallX __sys_NdrClientCall2 = NULL;
|
||||||
|
P_NdrClientCallX __sys_NdrClientCall4 = NULL;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
extern WCHAR* g_Ipc_DynamicPortNames[NUM_DYNAMIC_PORTS];
|
extern WCHAR* g_Ipc_DynamicPortNames[NUM_DYNAMIC_PORTS];
|
||||||
|
|
||||||
|
BOOLEAN g_rpc_client_hooks = FALSE;
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// RpcRt_Init
|
// RpcRt_Init
|
||||||
|
@ -188,26 +199,51 @@ _FX BOOLEAN RpcRt_Init(HMODULE module)
|
||||||
|
|
||||||
SBIEDLL_HOOK(RpcRt_, RpcBindingCreateW);
|
SBIEDLL_HOOK(RpcRt_, RpcBindingCreateW);
|
||||||
|
|
||||||
if(Config_GetSettingsForImageName_bool(L"RpcMgmtSetComTimeout", TRUE))
|
|
||||||
__sys_RpcMgmtSetComTimeout = (P_RpcMgmtSetComTimeout)Ldr_GetProcAddrNew(DllName_rpcrt4, L"RpcMgmtSetComTimeout", "RpcMgmtSetComTimeout");
|
__sys_RpcMgmtSetComTimeout = (P_RpcMgmtSetComTimeout)Ldr_GetProcAddrNew(DllName_rpcrt4, L"RpcMgmtSetComTimeout", "RpcMgmtSetComTimeout");
|
||||||
|
__use_RpcMgmtSetComTimeout = Config_GetSettingsForImageName_bool(L"RpcMgmtSetComTimeout", FALSE);
|
||||||
}
|
}
|
||||||
|
|
||||||
WCHAR wsTraceOptions[4];
|
WCHAR wsTraceOptions[4];
|
||||||
if ((Dll_OsBuild >= 8400) // win8 and above
|
if ((Dll_OsBuild >= 8400) // win8 and above
|
||||||
&& SbieApi_QueryConf(NULL, L"IpcTrace", 0, wsTraceOptions, sizeof(wsTraceOptions)) == STATUS_SUCCESS && wsTraceOptions[0] != L'\0')
|
&& SbieApi_QueryConf(NULL, L"IpcTrace", 0, wsTraceOptions, sizeof(wsTraceOptions)) == STATUS_SUCCESS && wsTraceOptions[0] != L'\0')
|
||||||
{
|
{
|
||||||
|
g_rpc_client_hooks = TRUE;
|
||||||
|
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
|
|
||||||
|
P_NdrClientCallX NdrClientCall2;
|
||||||
|
NdrClientCall2 = (P_NdrClientCallX)Ldr_GetProcAddrNew(DllName_rpcrt4, L"NdrClientCall2", "NdrClientCall2");
|
||||||
|
SBIEDLL_HOOK(RpcRt_, NdrClientCall2);
|
||||||
|
|
||||||
P_NdrClientCall3 NdrClientCall3;
|
P_NdrClientCall3 NdrClientCall3;
|
||||||
NdrClientCall3 = (P_NdrClientCall3)Ldr_GetProcAddrNew(DllName_rpcrt4, L"NdrClientCall3", "NdrClientCall3");
|
NdrClientCall3 = (P_NdrClientCall3)Ldr_GetProcAddrNew(DllName_rpcrt4, L"NdrClientCall3", "NdrClientCall3");
|
||||||
SBIEDLL_HOOK(RpcRt_, NdrClientCall3);
|
SBIEDLL_HOOK(RpcRt_, NdrClientCall3);
|
||||||
|
|
||||||
|
//Ndr64AsyncServerCall64(PRPC_MESSAGE pRpcMsg)
|
||||||
|
//Ndr64AsyncServerCallAll(PRPC_MESSAGE pRpcMsg)
|
||||||
|
//NdrAsyncServerCall(PRPC_MESSAGE pRpcMsg)
|
||||||
|
//NdrServerCall2(PRPC_MESSAGE pRpcMsg)
|
||||||
|
//NdrServerCallAll(PRPC_MESSAGE pRpcMsg)
|
||||||
|
//NdrServerCallNdr64(PRPC_MESSAGE pRpcMsg)
|
||||||
|
|
||||||
#else
|
#else
|
||||||
|
|
||||||
P_NdrClientCall2 NdrClientCall2;
|
P_NdrClientCallX NdrClientCall;
|
||||||
NdrClientCall2 = (P_NdrClientCall2)Ldr_GetProcAddrNew(DllName_rpcrt4, L"NdrClientCall2", "NdrClientCall2");
|
NdrClientCall = (P_NdrClientCallX)Ldr_GetProcAddrNew(DllName_rpcrt4, L"NdrClientCall", "NdrClientCall");
|
||||||
|
SBIEDLL_HOOK(RpcRt_, NdrClientCall);
|
||||||
|
|
||||||
|
P_NdrClientCallX NdrClientCall2;
|
||||||
|
NdrClientCall2 = (P_NdrClientCallX)Ldr_GetProcAddrNew(DllName_rpcrt4, L"NdrClientCall2", "NdrClientCall2");
|
||||||
SBIEDLL_HOOK(RpcRt_, NdrClientCall2);
|
SBIEDLL_HOOK(RpcRt_, NdrClientCall2);
|
||||||
|
|
||||||
|
P_NdrClientCallX NdrClientCall4;
|
||||||
|
NdrClientCall4 = (P_NdrClientCallX)Ldr_GetProcAddrNew(DllName_rpcrt4, L"NdrClientCall4", "NdrClientCall4");
|
||||||
|
SBIEDLL_HOOK(RpcRt_, NdrClientCall4);
|
||||||
|
|
||||||
|
//NdrAsyncServerCall(PRPC_MESSAGE pRpcMsg)
|
||||||
|
//NdrServerCall2(PRPC_MESSAGE pRpcMsg)
|
||||||
|
//NdrServerCall(PRPC_MESSAGE pRpcMsg)
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -357,9 +393,6 @@ WCHAR* GetDynamicLpcPortName(ENUM_DYNAMIC_PORT_TYPE portType)
|
||||||
_FX ULONG RpcRt_RpcBindingFromStringBindingW(
|
_FX ULONG RpcRt_RpcBindingFromStringBindingW(
|
||||||
const WCHAR *StringBinding, void **OutBinding)
|
const WCHAR *StringBinding, void **OutBinding)
|
||||||
{
|
{
|
||||||
static const WCHAR *_old =
|
|
||||||
L"ncalrpc:[,Security=Impersonation Dynamic False]";
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// printing functions in winspool.drv talk to the Spooler service
|
// printing functions in winspool.drv talk to the Spooler service
|
||||||
// (process spoolsv.exe). prior to Windows 8.1, the service was
|
// (process spoolsv.exe). prior to Windows 8.1, the service was
|
||||||
|
@ -395,13 +428,19 @@ _FX ULONG RpcRt_RpcBindingFromStringBindingW(
|
||||||
return RPC_S_INVALID_ARG;
|
return RPC_S_INVALID_ARG;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static const WCHAR* dynamicFalse = L"ncalrpc:[,Security=Impersonation Dynamic False]";
|
||||||
|
static const WCHAR* dynamicTrue = L"ncalrpc:[,Security=Impersonation Dynamic True]";
|
||||||
|
|
||||||
|
BOOLEAN use_RpcMgmtSetComTimeout = __use_RpcMgmtSetComTimeout;
|
||||||
|
|
||||||
|
ULONG_PTR pRetAddr = (ULONG_PTR)_ReturnAddress();
|
||||||
|
|
||||||
WCHAR wstrPortName[DYNAMIC_PORT_NAME_CHARS];
|
WCHAR wstrPortName[DYNAMIC_PORT_NAME_CHARS];
|
||||||
memset(wstrPortName, 0, sizeof(wstrPortName));
|
memset(wstrPortName, 0, sizeof(wstrPortName));
|
||||||
|
|
||||||
if (_wcsicmp(StringBinding, _old) == 0) {
|
if (_wcsicmp(StringBinding, dynamicFalse) == 0) {
|
||||||
|
|
||||||
ULONG_PTR pWinSpool = (ULONG_PTR)GetModuleHandle(L"winspool.drv");
|
ULONG_PTR pWinSpool = (ULONG_PTR)GetModuleHandle(L"winspool.drv");
|
||||||
ULONG_PTR pRetAddr = (ULONG_PTR)_ReturnAddress();
|
|
||||||
|
|
||||||
if (RpcRt_TestCallingModule(pRetAddr, pWinSpool)) {
|
if (RpcRt_TestCallingModule(pRetAddr, pWinSpool)) {
|
||||||
|
|
||||||
|
@ -412,10 +451,9 @@ _FX ULONG RpcRt_RpcBindingFromStringBindingW(
|
||||||
|
|
||||||
wcscpy(wstrPortName, L"ncalrpc:[");
|
wcscpy(wstrPortName, L"ncalrpc:[");
|
||||||
wcscpy(wstrPortName + 9, pwszTempPortName);
|
wcscpy(wstrPortName + 9, pwszTempPortName);
|
||||||
wcscat(wstrPortName, _old + 9);
|
wcscat(wstrPortName, dynamicFalse + 9);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
else if (_wcsicmp(StringBinding, L"ncalrpc:") == 0) {
|
else if (_wcsicmp(StringBinding, L"ncalrpc:") == 0) {
|
||||||
|
|
||||||
WCHAR pwszEmpty[] = L"";
|
WCHAR pwszEmpty[] = L"";
|
||||||
|
@ -423,7 +461,6 @@ _FX ULONG RpcRt_RpcBindingFromStringBindingW(
|
||||||
|
|
||||||
ULONG_PTR hWinHttp = (ULONG_PTR)GetModuleHandle(L"WinHttp.dll");
|
ULONG_PTR hWinHttp = (ULONG_PTR)GetModuleHandle(L"WinHttp.dll");
|
||||||
ULONG_PTR hBtApi = (ULONG_PTR)GetModuleHandle(L"BluetoothApis.dll");
|
ULONG_PTR hBtApi = (ULONG_PTR)GetModuleHandle(L"BluetoothApis.dll");
|
||||||
ULONG_PTR pRetAddr = (ULONG_PTR)_ReturnAddress();
|
|
||||||
|
|
||||||
if (RpcRt_TestCallingModule(pRetAddr, hWinHttp))
|
if (RpcRt_TestCallingModule(pRetAddr, hWinHttp))
|
||||||
{
|
{
|
||||||
|
@ -446,6 +483,26 @@ _FX ULONG RpcRt_RpcBindingFromStringBindingW(
|
||||||
wcscat(wstrPortName, L"]");
|
wcscat(wstrPortName, L"]");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else if (_wcsicmp(StringBinding, dynamicTrue) == 0) {
|
||||||
|
|
||||||
|
ULONG_PTR pWINNSI = (ULONG_PTR)GetModuleHandle(L"WINNSI.DLL");
|
||||||
|
|
||||||
|
if (RpcRt_TestCallingModule(pRetAddr, pWINNSI)) {
|
||||||
|
use_RpcMgmtSetComTimeout = FALSE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (_wcsicmp(StringBinding, L"0497b57d-2e66-424f-a0c6-157cd5d41700@ncalrpc:") == 0) {
|
||||||
|
|
||||||
|
ULONG_PTR pkernel32 = (ULONG_PTR)GetModuleHandle(L"kernel32.dll");
|
||||||
|
// kernel32.dll!AicpCreateBindingHandle
|
||||||
|
// kernel32.dll!AicGetPackageActivationTokenForSxS
|
||||||
|
// KernelBase.dll!CreateProcessInternalW
|
||||||
|
// SbieDll.dll!Proc_CreateProcessInternalW_RS5
|
||||||
|
|
||||||
|
if (RpcRt_TestCallingModule(pRetAddr, pkernel32)) {
|
||||||
|
use_RpcMgmtSetComTimeout = TRUE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
RPC_STATUS status;
|
RPC_STATUS status;
|
||||||
|
@ -456,18 +513,27 @@ _FX ULONG RpcRt_RpcBindingFromStringBindingW(
|
||||||
{
|
{
|
||||||
WCHAR msg[512];
|
WCHAR msg[512];
|
||||||
|
|
||||||
|
WCHAR* CallingModule = Trace_FindModuleByAddress((void*)pRetAddr);
|
||||||
|
|
||||||
//Sbie_snwprintf(msg, 512, L"SBIE p=%06d t=%06d RpcBindingFromStringBindingW StringBinding = '%s', BindingHandle = 0x%X, status = 0x%X\n", GetCurrentProcessId(), GetCurrentThreadId(),
|
//Sbie_snwprintf(msg, 512, L"SBIE p=%06d t=%06d RpcBindingFromStringBindingW StringBinding = '%s', BindingHandle = 0x%X, status = 0x%X\n", GetCurrentProcessId(), GetCurrentThreadId(),
|
||||||
Sbie_snwprintf(msg, 512, L"StringBinding = '%s', wstrPortName = '%s', BindingHandle = 0x%X, status = 0x%08X",
|
Sbie_snwprintf(msg, 512, L"StringBinding = '%s', wstrPortName = '%s', BindingHandle = 0x%X, status = 0x%08X, timeout = %d, caller = '%s'",
|
||||||
StringBinding, wstrPortName, OutBinding, status);
|
StringBinding, wstrPortName, OutBinding, status, use_RpcMgmtSetComTimeout,
|
||||||
|
CallingModule ? CallingModule : L"unknown");
|
||||||
|
|
||||||
//OutputDebugString(msg);
|
//OutputDebugString(msg);
|
||||||
SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, msg, FALSE);
|
SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, msg, FALSE);
|
||||||
}
|
}
|
||||||
if(__sys_RpcMgmtSetComTimeout) __sys_RpcMgmtSetComTimeout(*OutBinding, RPC_C_BINDING_TIMEOUT);
|
|
||||||
|
if(use_RpcMgmtSetComTimeout) __sys_RpcMgmtSetComTimeout(*OutBinding, RPC_C_BINDING_TIMEOUT);
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// RpcRt_RpcBindingCreateW
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
DEFINE_GUID(
|
DEFINE_GUID(
|
||||||
EMPTY_UUID,
|
EMPTY_UUID,
|
||||||
0x00000000, 0x0000, 0x0000, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00);
|
0x00000000, 0x0000, 0x0000, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00);
|
||||||
|
@ -483,6 +549,8 @@ _FX RPC_STATUS RpcRt_RpcBindingCreateW(
|
||||||
__in_opt RPC_BINDING_HANDLE_OPTIONS_V1 * Options,
|
__in_opt RPC_BINDING_HANDLE_OPTIONS_V1 * Options,
|
||||||
__out RPC_BINDING_HANDLE * Binding)
|
__out RPC_BINDING_HANDLE * Binding)
|
||||||
{
|
{
|
||||||
|
ULONG_PTR pRetAddr = (ULONG_PTR)_ReturnAddress();
|
||||||
|
|
||||||
if ( (memcmp(&Template->ObjectUuid, &MSDTC_UUID, sizeof(GUID)) == 0) && RPC_PROTSEQ_LRPC == Template->ProtocolSequence && !Template->StringEndpoint)
|
if ( (memcmp(&Template->ObjectUuid, &MSDTC_UUID, sizeof(GUID)) == 0) && RPC_PROTSEQ_LRPC == Template->ProtocolSequence && !Template->StringEndpoint)
|
||||||
{
|
{
|
||||||
Template->StringEndpoint = (unsigned short*)L"samss lpc";
|
Template->StringEndpoint = (unsigned short*)L"samss lpc";
|
||||||
|
@ -494,7 +562,6 @@ _FX RPC_STATUS RpcRt_RpcBindingCreateW(
|
||||||
{
|
{
|
||||||
ULONG_PTR hWinSCard = (ULONG_PTR)GetModuleHandle(L"WinSCard.dll");
|
ULONG_PTR hWinSCard = (ULONG_PTR)GetModuleHandle(L"WinSCard.dll");
|
||||||
ULONG_PTR hResourcePolicyClient = (ULONG_PTR)GetModuleHandle(L"resourcepolicyclient.dll");
|
ULONG_PTR hResourcePolicyClient = (ULONG_PTR)GetModuleHandle(L"resourcepolicyclient.dll");
|
||||||
ULONG_PTR pRetAddr = (ULONG_PTR)_ReturnAddress();
|
|
||||||
|
|
||||||
if (RpcRt_TestCallingModule(pRetAddr, hWinSCard))
|
if (RpcRt_TestCallingModule(pRetAddr, hWinSCard))
|
||||||
{
|
{
|
||||||
|
@ -517,21 +584,29 @@ _FX RPC_STATUS RpcRt_RpcBindingCreateW(
|
||||||
WCHAR msg[512];
|
WCHAR msg[512];
|
||||||
RPC_CSTR StringUuid;
|
RPC_CSTR StringUuid;
|
||||||
|
|
||||||
|
WCHAR* CallingModule = Trace_FindModuleByAddress((void*)pRetAddr);
|
||||||
|
|
||||||
__sys_UuidToStringW(&Template->ObjectUuid, &StringUuid);
|
__sys_UuidToStringW(&Template->ObjectUuid, &StringUuid);
|
||||||
//Sbie_snwprintf(msg, 512, L"SBIE p=%06d t=%06d RpcBindingCreateW Endpoint = '%s', UUID = %s, status = 0x%X\n", GetCurrentProcessId(), GetCurrentThreadId(),
|
//Sbie_snwprintf(msg, 512, L"SBIE p=%06d t=%06d RpcBindingCreateW Endpoint = '%s', UUID = %s, status = 0x%X\n", GetCurrentProcessId(), GetCurrentThreadId(),
|
||||||
Sbie_snwprintf(msg, 512, L"Endpoint = '%s', UUID = %s, status = 0x%08X",
|
Sbie_snwprintf(msg, 512, L"Endpoint = '%s', UUID = %s, status = 0x%08X, timeout = %d, caller = '%s'",
|
||||||
Template && Template->StringEndpoint ? Template->StringEndpoint : L"null",
|
Template && Template->StringEndpoint ? Template->StringEndpoint : L"null",
|
||||||
StringUuid, status);
|
StringUuid, status, __use_RpcMgmtSetComTimeout,
|
||||||
|
CallingModule ? CallingModule : L"unknown");
|
||||||
__sys_RpcStringFreeW(&StringUuid);
|
__sys_RpcStringFreeW(&StringUuid);
|
||||||
|
|
||||||
//OutputDebugString(msg);
|
//OutputDebugString(msg);
|
||||||
SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, msg, FALSE);
|
SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, msg, FALSE);
|
||||||
}
|
}
|
||||||
if (__sys_RpcMgmtSetComTimeout) __sys_RpcMgmtSetComTimeout(*Binding, RPC_C_BINDING_TIMEOUT);
|
if (__use_RpcMgmtSetComTimeout) __sys_RpcMgmtSetComTimeout(*Binding, RPC_C_BINDING_TIMEOUT);
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// RpcRt_RpcStringBindingComposeW
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
#define UUID_UserMgrCli L"B18FBAB6-56F8-4702-84E0-41053293A869"
|
#define UUID_UserMgrCli L"B18FBAB6-56F8-4702-84E0-41053293A869"
|
||||||
|
|
||||||
RPC_STATUS RPC_ENTRY RpcRt_RpcStringBindingComposeW(TCHAR *ObjUuid,TCHAR *ProtSeq,TCHAR *NetworkAddr,TCHAR *EndPoint,TCHAR *Options,TCHAR **StringBinding) {
|
RPC_STATUS RPC_ENTRY RpcRt_RpcStringBindingComposeW(TCHAR *ObjUuid,TCHAR *ProtSeq,TCHAR *NetworkAddr,TCHAR *EndPoint,TCHAR *Options,TCHAR **StringBinding) {
|
||||||
|
@ -551,36 +626,81 @@ RPC_STATUS RPC_ENTRY RpcRt_RpcStringBindingComposeW(TCHAR *ObjUuid,TCHAR *ProtSe
|
||||||
return __sys_RpcStringBindingComposeW(ObjUuid,ProtSeq,NetworkAddr,EndPoint,Options,StringBinding);
|
return __sys_RpcStringBindingComposeW(ObjUuid,ProtSeq,NetworkAddr,EndPoint,Options,StringBinding);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// RpcRt_NdrClientCallX
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
void Sbie_StringFromGUID(const GUID* guid, WCHAR* str);
|
void Sbie_StringFromGUID(const GUID* guid, WCHAR* str);
|
||||||
|
|
||||||
#ifdef _WIN64
|
void RpcRt_NdrClientCallX(const WCHAR* Function, void* ReturnAddress,PMIDL_STUB_DESC pStubDescriptor)
|
||||||
|
|
||||||
ULONG_PTR RpcRt_NdrClientCall3_x64(
|
|
||||||
MIDL_STUBLESS_PROXY_INFO* pProxyInfo, ULONG nProcNum, void* pReturnValue, va_list vl
|
|
||||||
)
|
|
||||||
{
|
{
|
||||||
void* ReturnAddress = (void*)*(__int64*)(vl - (4 * 8));
|
WCHAR text[512] = L"RpcRt_NdrClientCallX";
|
||||||
|
|
||||||
__try
|
__try
|
||||||
{
|
{
|
||||||
PRPC_CLIENT_INTERFACE rpcInterface = (PRPC_CLIENT_INTERFACE)pProxyInfo->pStubDesc->RpcInterfaceInformation;
|
const WCHAR* CallingModule = Trace_FindModuleByAddress(ReturnAddress);
|
||||||
|
if (!CallingModule)
|
||||||
|
CallingModule = L"unknown";
|
||||||
|
|
||||||
|
PRPC_CLIENT_INTERFACE rpcInterface = (PRPC_CLIENT_INTERFACE)pStubDescriptor->RpcInterfaceInformation;
|
||||||
|
if (rpcInterface)
|
||||||
|
{
|
||||||
WCHAR interfaceID[48];
|
WCHAR interfaceID[48];
|
||||||
Sbie_StringFromGUID(&rpcInterface->InterfaceId.SyntaxGUID, interfaceID);
|
Sbie_StringFromGUID(&rpcInterface->InterfaceId.SyntaxGUID, interfaceID);
|
||||||
|
|
||||||
WCHAR text[130];
|
Sbie_snwprintf(text, 512, L"Calling %s for interface %s}, %d.%d by %s", Function, interfaceID,
|
||||||
Sbie_snwprintf(text, 130, L"Calling NdrClientCall3 for interface %s}, %d.%d", interfaceID,
|
rpcInterface->InterfaceId.SyntaxVersion.MajorVersion, rpcInterface->InterfaceId.SyntaxVersion.MinorVersion, CallingModule);
|
||||||
rpcInterface->InterfaceId.SyntaxVersion.MajorVersion, rpcInterface->InterfaceId.SyntaxVersion.MinorVersion);
|
}
|
||||||
|
else
|
||||||
SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, text, FALSE);
|
{
|
||||||
|
Sbie_snwprintf(text, 512, L"Calling %s by %s", Function, CallingModule);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
__except (EXCEPTION_EXECUTE_HANDLER) {}
|
__except (EXCEPTION_EXECUTE_HANDLER) {}
|
||||||
|
SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, text, FALSE);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifdef _WIN64
|
||||||
|
|
||||||
|
ULONG_PTR RpcRt_NdrClientCall2_x64(
|
||||||
|
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, va_list vl)
|
||||||
|
{
|
||||||
|
void* ReturnAddress = (void*)*(__int64*)(vl - (3 * 8));
|
||||||
|
|
||||||
|
RpcRt_NdrClientCallX(L"NdrClientCall2", ReturnAddress, pStubDescriptor);
|
||||||
|
|
||||||
|
return FALSE; // return TRUE to not call the trampoline upon return
|
||||||
|
}
|
||||||
|
|
||||||
|
ULONG_PTR RpcRt_NdrClientCall3_x64(
|
||||||
|
MIDL_STUBLESS_PROXY_INFO* pProxyInfo, ULONG nProcNum, void* pReturnValue, va_list vl)
|
||||||
|
{
|
||||||
|
void* ReturnAddress = (void*)*(__int64*)(vl - (4 * 8));
|
||||||
|
|
||||||
|
__try {
|
||||||
|
RpcRt_NdrClientCallX(L"NdrClientCall3", ReturnAddress, pProxyInfo->pStubDesc);
|
||||||
|
}__except (EXCEPTION_EXECUTE_HANDLER) {}
|
||||||
|
|
||||||
return FALSE; // return TRUE to not call the trampoline upon return
|
return FALSE; // return TRUE to not call the trampoline upon return
|
||||||
}
|
}
|
||||||
|
|
||||||
#else
|
#else
|
||||||
|
|
||||||
|
ULONG_PTR __cdecl RpcRt_NdrClientCall_x86(
|
||||||
|
void* ReturnAddress,
|
||||||
|
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...)
|
||||||
|
{
|
||||||
|
//va_list vl;
|
||||||
|
//va_start(vl, pFormat);
|
||||||
|
|
||||||
|
RpcRt_NdrClientCallX(L"NdrClientCall", ReturnAddress, pStubDescriptor);
|
||||||
|
|
||||||
|
//va_end(vl);
|
||||||
|
|
||||||
|
return FALSE; // return TRUE to not call the trampoline upon return
|
||||||
|
}
|
||||||
|
|
||||||
ULONG_PTR __cdecl RpcRt_NdrClientCall2_x86(
|
ULONG_PTR __cdecl RpcRt_NdrClientCall2_x86(
|
||||||
void* ReturnAddress,
|
void* ReturnAddress,
|
||||||
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...)
|
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...)
|
||||||
|
@ -588,20 +708,21 @@ ULONG_PTR __cdecl RpcRt_NdrClientCall2_x86(
|
||||||
//va_list vl;
|
//va_list vl;
|
||||||
//va_start(vl, pFormat);
|
//va_start(vl, pFormat);
|
||||||
|
|
||||||
__try
|
RpcRt_NdrClientCallX(L"NdrClientCall2", ReturnAddress, pStubDescriptor);
|
||||||
{
|
|
||||||
PRPC_CLIENT_INTERFACE rpcInterface = (PRPC_CLIENT_INTERFACE)pStubDescriptor->RpcInterfaceInformation;
|
|
||||||
|
|
||||||
WCHAR interfaceID[48];
|
//va_end(vl);
|
||||||
Sbie_StringFromGUID(&rpcInterface->InterfaceId.SyntaxGUID, interfaceID);
|
|
||||||
|
|
||||||
WCHAR text[130];
|
return FALSE; // return TRUE to not call the trampoline upon return
|
||||||
Sbie_snwprintf(text, 130, L"Calling NdrClientCall2 for interface %s}, %d.%d", interfaceID,
|
}
|
||||||
rpcInterface->InterfaceId.SyntaxVersion.MajorVersion, rpcInterface->InterfaceId.SyntaxVersion.MinorVersion);
|
|
||||||
|
|
||||||
SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, text, FALSE);
|
ULONG_PTR __cdecl RpcRt_NdrClientCall4_x86(
|
||||||
}
|
void* ReturnAddress,
|
||||||
__except (EXCEPTION_EXECUTE_HANDLER) {}
|
PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...)
|
||||||
|
{
|
||||||
|
//va_list vl;
|
||||||
|
//va_start(vl, pFormat);
|
||||||
|
|
||||||
|
RpcRt_NdrClientCallX(L"NdrClientCall4", ReturnAddress, pStubDescriptor);
|
||||||
|
|
||||||
//va_end(vl);
|
//va_end(vl);
|
||||||
|
|
||||||
|
|
|
@ -1479,6 +1479,7 @@ _FX LONG SbieApi_MonitorGetEx(
|
||||||
ULONG *SeqNum,
|
ULONG *SeqNum,
|
||||||
USHORT *Type,
|
USHORT *Type,
|
||||||
ULONG64 *Pid,
|
ULONG64 *Pid,
|
||||||
|
ULONG64 *Tid,
|
||||||
WCHAR *Name) // WCHAR [256]
|
WCHAR *Name) // WCHAR [256]
|
||||||
{
|
{
|
||||||
NTSTATUS status;
|
NTSTATUS status;
|
||||||
|
@ -1489,6 +1490,7 @@ _FX LONG SbieApi_MonitorGetEx(
|
||||||
args->log_seq.val64 = (ULONG64)(ULONG_PTR)SeqNum;
|
args->log_seq.val64 = (ULONG64)(ULONG_PTR)SeqNum;
|
||||||
args->log_type.val64 = (ULONG64)(ULONG_PTR)Type;
|
args->log_type.val64 = (ULONG64)(ULONG_PTR)Type;
|
||||||
args->log_pid.val64 = (ULONG64)(ULONG_PTR)Pid;
|
args->log_pid.val64 = (ULONG64)(ULONG_PTR)Pid;
|
||||||
|
args->log_tid.val64 = (ULONG64)(ULONG_PTR)Tid;
|
||||||
args->log_len.val64 = 256 * sizeof(WCHAR);
|
args->log_len.val64 = 256 * sizeof(WCHAR);
|
||||||
args->log_ptr.val64 = (ULONG64)(ULONG_PTR)Name;
|
args->log_ptr.val64 = (ULONG64)(ULONG_PTR)Name;
|
||||||
status = SbieApi_Ioctl(parms);
|
status = SbieApi_Ioctl(parms);
|
||||||
|
|
|
@ -215,6 +215,7 @@ LONG SbieApi_MonitorGetEx(
|
||||||
ULONG *SeqNum,
|
ULONG *SeqNum,
|
||||||
USHORT *Type,
|
USHORT *Type,
|
||||||
ULONG64 *Pid,
|
ULONG64 *Pid,
|
||||||
|
ULONG64 *Tid,
|
||||||
WCHAR *Name); // WCHAR [256]
|
WCHAR *Name); // WCHAR [256]
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -204,6 +204,8 @@ SBIEDLL_EXPORT BOOLEAN SbieDll_MatchImage(const WCHAR* pat_str, const WCHAR* te
|
||||||
|
|
||||||
SBIEDLL_EXPORT BOOLEAN SbieDll_CheckStringInList(const WCHAR* string, const WCHAR* boxname, const WCHAR* setting);
|
SBIEDLL_EXPORT BOOLEAN SbieDll_CheckStringInList(const WCHAR* string, const WCHAR* boxname, const WCHAR* setting);
|
||||||
|
|
||||||
|
SBIEDLL_EXPORT BOOLEAN SbieDll_GetBorderColor(const WCHAR* box_name, COLORREF* color, BOOL* title, int* width);
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
|
@ -1220,6 +1220,13 @@ extern ULONG_PTR __cdecl Secure_NdrAsyncClientCall(
|
||||||
|
|
||||||
#endif _WIN64
|
#endif _WIN64
|
||||||
|
|
||||||
|
#ifdef _WIN64
|
||||||
|
|
||||||
|
BOOLEAN __cdecl Secure_CheckElevation64(
|
||||||
|
PVOID* pProxyInfo, ULONG nProcNum, void* pReturnValue, va_list vl);
|
||||||
|
|
||||||
|
#endif _WIN64
|
||||||
|
|
||||||
BOOLEAN __cdecl Secure_CheckElevation(
|
BOOLEAN __cdecl Secure_CheckElevation(
|
||||||
void *ReturnAddressFromNdrAsyncClientCall,
|
void *ReturnAddressFromNdrAsyncClientCall,
|
||||||
void *pStubDescriptor, void *pFormat, SECURE_UAC_ARGS *Args);
|
void *pStubDescriptor, void *pFormat, SECURE_UAC_ARGS *Args);
|
||||||
|
@ -1302,6 +1309,12 @@ _FX BOOLEAN Secure_Init_Elevation(HMODULE module)
|
||||||
|
|
||||||
SBIEDLL_HOOK(Secure_,Ndr64AsyncClientCall);
|
SBIEDLL_HOOK(Secure_,Ndr64AsyncClientCall);
|
||||||
|
|
||||||
|
//NdrAsyncClientCall(PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...)
|
||||||
|
//Ndr64AsyncClientCall(MIDL_STUBLESS_PROXY_INFO* pProxyInfo, unsigned int nProcNum, void* pReturnValue, ...) <- hook
|
||||||
|
|
||||||
|
//NdrDcomAsyncClientCall(PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...)
|
||||||
|
//Ndr64DcomAsyncClientCall(MIDL_STUBLESS_PROXY_INFO* pProxyInfo, unsigned int nProcNum, void* pReturnValue, ...)
|
||||||
|
|
||||||
#else ! _WIN64
|
#else ! _WIN64
|
||||||
|
|
||||||
NdrAsyncClientCall = (P_NdrAsyncClientCall)
|
NdrAsyncClientCall = (P_NdrAsyncClientCall)
|
||||||
|
@ -1309,6 +1322,12 @@ _FX BOOLEAN Secure_Init_Elevation(HMODULE module)
|
||||||
|
|
||||||
SBIEDLL_HOOK(Secure_,NdrAsyncClientCall);
|
SBIEDLL_HOOK(Secure_,NdrAsyncClientCall);
|
||||||
|
|
||||||
|
//NdrAsyncClientCall(PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...) <- hook
|
||||||
|
//NdrAsyncClientCall2(PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...) -> NdrAsyncClientCall
|
||||||
|
|
||||||
|
//NdrDcomAsyncClientCall(PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...)
|
||||||
|
//NdrDcomAsyncClientCall2(PMIDL_STUB_DESC pStubDescriptor, PFORMAT_STRING pFormat, ...)->NdrDcomAsyncClientCall
|
||||||
|
|
||||||
#endif _WIN64
|
#endif _WIN64
|
||||||
|
|
||||||
SBIEDLL_HOOK(Secure_,RpcAsyncCompleteCall);
|
SBIEDLL_HOOK(Secure_,RpcAsyncCompleteCall);
|
||||||
|
@ -1321,11 +1340,38 @@ _FX BOOLEAN Secure_Init_Elevation(HMODULE module)
|
||||||
// Secure_CheckElevation
|
// Secure_CheckElevation
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
#ifdef _WIN64
|
||||||
|
|
||||||
|
ALIGNED BOOLEAN __cdecl Secure_CheckElevation64(
|
||||||
|
PVOID* pProxyInfo, ULONG nProcNum, void* pReturnValue, va_list vl)
|
||||||
|
{
|
||||||
|
void* ReturnAddress = NULL;
|
||||||
|
void* pStubDescriptor = NULL;
|
||||||
|
__try {
|
||||||
|
ReturnAddress = *(__int64**)(vl - (4 * 8));
|
||||||
|
pStubDescriptor = *pProxyInfo;
|
||||||
|
} __except (EXCEPTION_EXECUTE_HANDLER) {}
|
||||||
|
|
||||||
|
return Secure_CheckElevation(ReturnAddress, pStubDescriptor, NULL, vl);
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif _WIN64
|
||||||
|
|
||||||
|
extern BOOLEAN g_rpc_client_hooks;
|
||||||
|
void RpcRt_NdrClientCallX(const WCHAR* Function, void* ReturnAddress, VOID* pStubDescriptor);
|
||||||
|
|
||||||
ALIGNED BOOLEAN __cdecl Secure_CheckElevation(
|
ALIGNED BOOLEAN __cdecl Secure_CheckElevation(
|
||||||
void *ReturnAddressFromNdrAsyncClientCall,
|
void *ReturnAddressFromNdrAsyncClientCall,
|
||||||
void *pStubDescriptor, void *pFormat, SECURE_UAC_ARGS *Args)
|
void *pStubDescriptor, void *pFormat, SECURE_UAC_ARGS *Args)
|
||||||
{
|
{
|
||||||
|
if (g_rpc_client_hooks) {
|
||||||
|
#ifdef _WIN64
|
||||||
|
RpcRt_NdrClientCallX(L"Ndr64AsyncClientCall", ReturnAddressFromNdrAsyncClientCall, pStubDescriptor);
|
||||||
|
#else
|
||||||
|
RpcRt_NdrClientCallX(L"NdrAsyncClientCall", ReturnAddressFromNdrAsyncClientCall, pStubDescriptor);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
static UCHAR elevation_binding_1[16] = {
|
static UCHAR elevation_binding_1[16] = {
|
||||||
0x9A, 0xF9, 0x1E, 0x20, 0xA0, 0x7F, 0x4C, 0x44,
|
0x9A, 0xF9, 0x1E, 0x20, 0xA0, 0x7F, 0x4C, 0x44,
|
||||||
0x93, 0x99, 0x19, 0xBA, 0x84, 0xF1, 0x2A, 0x1A };
|
0x93, 0x99, 0x19, 0xBA, 0x84, 0xF1, 0x2A, 0x1A };
|
||||||
|
|
|
@ -34,6 +34,21 @@
|
||||||
|
|
||||||
static ULONG Setup_VerifyCatalogFile(const WCHAR *CatalogFullPath);
|
static ULONG Setup_VerifyCatalogFile(const WCHAR *CatalogFullPath);
|
||||||
|
|
||||||
|
/*static BOOL Setup_SetupDiCallClassInstaller(
|
||||||
|
_In_ DI_FUNCTION InstallFunction,
|
||||||
|
_In_ HDEVINFO DeviceInfoSet,
|
||||||
|
_In_opt_ PSP_DEVINFO_DATA DeviceInfoData);*/
|
||||||
|
|
||||||
|
/*static BOOL Setup_SetupDiRemoveDevice(
|
||||||
|
HDEVINFO DeviceInfoSet,
|
||||||
|
PSP_DEVINFO_DATA DeviceInfoData);*/
|
||||||
|
|
||||||
|
/*static BOOL Setup_DiUninstallDriverW(
|
||||||
|
HWND hwndParent,
|
||||||
|
LPCWSTR InfPath,
|
||||||
|
DWORD Flags,
|
||||||
|
PBOOL NeedReboot);*/
|
||||||
|
|
||||||
static ULONG Setup_CM_Add_Driver_PackageW(
|
static ULONG Setup_CM_Add_Driver_PackageW(
|
||||||
ULONG_PTR Unknown1, ULONG_PTR Unknown2, ULONG_PTR Unknown3,
|
ULONG_PTR Unknown1, ULONG_PTR Unknown2, ULONG_PTR Unknown3,
|
||||||
ULONG_PTR Unknown4, ULONG_PTR Unknown5, ULONG_PTR Unknown6,
|
ULONG_PTR Unknown4, ULONG_PTR Unknown5, ULONG_PTR Unknown6,
|
||||||
|
@ -46,12 +61,38 @@ static ULONG Setup_CM_Add_Driver_Package_ExW(
|
||||||
ULONG_PTR Unknown7, ULONG_PTR Unknown8, ULONG_PTR Unknown9,
|
ULONG_PTR Unknown7, ULONG_PTR Unknown8, ULONG_PTR Unknown9,
|
||||||
ULONG_PTR Unknown10, ULONG_PTR Unknown11);
|
ULONG_PTR Unknown10, ULONG_PTR Unknown11);
|
||||||
|
|
||||||
|
/*static ULONG Setup_CM_Query_And_Remove_SubTreeW(
|
||||||
|
PVOID dnAncestor, // DEVINST
|
||||||
|
PVOID pVetoType, // PPNP_VETO_TYPE
|
||||||
|
LPWSTR pszVetoName,
|
||||||
|
ULONG ulNameLength,
|
||||||
|
ULONG ulFlags);*/
|
||||||
|
|
||||||
|
/*static ULONG Setup_CM_Uninstall_DevNode(
|
||||||
|
PVOID dnDevInst, // DEVNODE
|
||||||
|
ULONG ulFlags);*/
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
typedef ULONG (*P_VerifyCatalogFile)(const WCHAR *CatalogFullPath);
|
typedef ULONG (*P_VerifyCatalogFile)(const WCHAR *CatalogFullPath);
|
||||||
|
|
||||||
|
/*typedef BOOL (*P_SetupDiCallClassInstaller)(
|
||||||
|
_In_ DI_FUNCTION InstallFunction,
|
||||||
|
_In_ HDEVINFO DeviceInfoSet,
|
||||||
|
_In_opt_ PSP_DEVINFO_DATA DeviceInfoData);*/
|
||||||
|
|
||||||
|
/*typedef BOOL (*P_SetupDiRemoveDevice)(
|
||||||
|
HDEVINFO DeviceInfoSet,
|
||||||
|
PSP_DEVINFO_DATA DeviceInfoData);*/
|
||||||
|
|
||||||
|
/*typedef BOOL (*P_DiUninstallDriverW)(
|
||||||
|
HWND hwndParent,
|
||||||
|
LPCWSTR InfPath,
|
||||||
|
DWORD Flags,
|
||||||
|
PBOOL NeedReboot);*/
|
||||||
|
|
||||||
typedef ULONG (*P_CM_Add_Driver_PackageW)(
|
typedef ULONG (*P_CM_Add_Driver_PackageW)(
|
||||||
ULONG_PTR Unknown1, ULONG_PTR Unknown2, ULONG_PTR Unknown3,
|
ULONG_PTR Unknown1, ULONG_PTR Unknown2, ULONG_PTR Unknown3,
|
||||||
ULONG_PTR Unknown4, ULONG_PTR Unknown5, ULONG_PTR Unknown6,
|
ULONG_PTR Unknown4, ULONG_PTR Unknown5, ULONG_PTR Unknown6,
|
||||||
|
@ -64,15 +105,31 @@ typedef ULONG (*P_CM_Add_Driver_Package_ExW)(
|
||||||
ULONG_PTR Unknown7, ULONG_PTR Unknown8, ULONG_PTR Unknown9,
|
ULONG_PTR Unknown7, ULONG_PTR Unknown8, ULONG_PTR Unknown9,
|
||||||
ULONG_PTR Unknown10, ULONG_PTR Unknown11);
|
ULONG_PTR Unknown10, ULONG_PTR Unknown11);
|
||||||
|
|
||||||
|
/*typedef ULONG (*P_CM_Query_And_Remove_SubTreeW)(
|
||||||
|
PVOID dnAncestor, // DEVINST
|
||||||
|
PVOID pVetoType, // PPNP_VETO_TYPE
|
||||||
|
LPWSTR pszVetoName,
|
||||||
|
ULONG ulNameLength,
|
||||||
|
ULONG ulFlags);*/
|
||||||
|
|
||||||
|
/*typedef ULONG (*P_CM_Uninstall_DevNode)(
|
||||||
|
PVOID dnDevInst, // DEVNODE
|
||||||
|
ULONG ulFlags);*/
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
static P_VerifyCatalogFile __sys_VerifyCatalogFile = NULL;
|
static P_VerifyCatalogFile __sys_VerifyCatalogFile = NULL;
|
||||||
|
//static P_SetupDiCallClassInstaller __sys_SetupDiCallClassInstaller = NULL;
|
||||||
|
//static P_SetupDiRemoveDevice __sys_SetupDiRemoveDevice = NULL;
|
||||||
|
|
||||||
|
//static P_DiUninstallDriverW __sys_DiUninstallDriverW = NULL;
|
||||||
|
|
||||||
static P_CM_Add_Driver_PackageW __sys_CM_Add_Driver_PackageW = NULL;
|
static P_CM_Add_Driver_PackageW __sys_CM_Add_Driver_PackageW = NULL;
|
||||||
static P_CM_Add_Driver_Package_ExW __sys_CM_Add_Driver_Package_ExW = NULL;
|
static P_CM_Add_Driver_Package_ExW __sys_CM_Add_Driver_Package_ExW = NULL;
|
||||||
|
|
||||||
|
//static P_CM_Query_And_Remove_SubTreeW __sys_CM_Query_And_Remove_SubTreeW = NULL;
|
||||||
|
//static P_CM_Uninstall_DevNode __sys_CM_Uninstall_DevNode = NULL;
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Defines for initialization
|
// Defines for initialization
|
||||||
|
@ -103,9 +160,12 @@ static P_CM_Add_Driver_Package_ExW __sys_CM_Add_Driver_Package_ExW = NULL;
|
||||||
_FX BOOLEAN Setup_Init_SetupApi(HMODULE module)
|
_FX BOOLEAN Setup_Init_SetupApi(HMODULE module)
|
||||||
{
|
{
|
||||||
FIND_EP(VerifyCatalogFile);
|
FIND_EP(VerifyCatalogFile);
|
||||||
|
//FIND_EP(SetupDiCallClassInstaller);
|
||||||
|
//FIND_EP(SetupDiRemoveDevice);
|
||||||
|
|
||||||
DO_CALL_HOOK(VerifyCatalogFile,Setup_VerifyCatalogFile);
|
DO_CALL_HOOK(VerifyCatalogFile,Setup_VerifyCatalogFile);
|
||||||
|
//DO_CALL_HOOK(SetupDiCallClassInstaller,Setup_SetupDiCallClassInstaller);
|
||||||
|
//DO_CALL_HOOK(SetupDiRemoveDevice, Setup_SetupDiRemoveDevice);
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -127,6 +187,57 @@ _FX ULONG Setup_VerifyCatalogFile(const WCHAR *CatalogFullPath)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Setup_SetupDiCallClassInstaller
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
/*_FX BOOL Setup_SetupDiCallClassInstaller(
|
||||||
|
_In_ DI_FUNCTION InstallFunction,
|
||||||
|
_In_ HDEVINFO DeviceInfoSet,
|
||||||
|
_In_opt_ PSP_DEVINFO_DATA DeviceInfoData)
|
||||||
|
{
|
||||||
|
return __sys_SetupDiCallClassInstaller(InstallFunction, DeviceInfoSet, DeviceInfoData);
|
||||||
|
}*/
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Setup_SetupDiRemoveDevice
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
/*static BOOL Setup_SetupDiRemoveDevice(
|
||||||
|
HDEVINFO DeviceInfoSet,
|
||||||
|
PSP_DEVINFO_DATA DeviceInfoData)
|
||||||
|
{
|
||||||
|
return TRUE;
|
||||||
|
}*/
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Setup_Init_NewDev
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
/*_FX BOOLEAN Setup_Init_NewDev(HMODULE module)
|
||||||
|
{
|
||||||
|
FIND_EP(DiUninstallDriverW);
|
||||||
|
|
||||||
|
DO_CALL_HOOK(DiUninstallDriverW,Setup_DiUninstallDriverW);
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
static BOOL Setup_DiUninstallDriverW(
|
||||||
|
HWND hwndParent,
|
||||||
|
LPCWSTR InfPath,
|
||||||
|
DWORD Flags,
|
||||||
|
PBOOL NeedReboot)
|
||||||
|
{
|
||||||
|
return TRUE;
|
||||||
|
}*/
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Setup_Init_CfgMgr32
|
// Setup_Init_CfgMgr32
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
@ -136,7 +247,9 @@ _FX BOOLEAN Setup_Init_CfgMgr32(HMODULE module)
|
||||||
{
|
{
|
||||||
FIND_EP(CM_Add_Driver_PackageW);
|
FIND_EP(CM_Add_Driver_PackageW);
|
||||||
FIND_EP(CM_Add_Driver_Package_ExW);
|
FIND_EP(CM_Add_Driver_Package_ExW);
|
||||||
|
// Note: When the Add_Driver_Package is not hooked it will atempt to contact the deviceinstall service,
|
||||||
|
// which uses a dynamic rpc port, heence as long as there is no blank OpenIpcPath=* this call will fail
|
||||||
|
// We hook these two functions only to provide the user a SBIE2205 informing, that drivers cant be installed.
|
||||||
if (__sys_CM_Add_Driver_PackageW) {
|
if (__sys_CM_Add_Driver_PackageW) {
|
||||||
DO_CALL_HOOK(
|
DO_CALL_HOOK(
|
||||||
CM_Add_Driver_PackageW,Setup_CM_Add_Driver_PackageW);
|
CM_Add_Driver_PackageW,Setup_CM_Add_Driver_PackageW);
|
||||||
|
@ -146,6 +259,19 @@ _FX BOOLEAN Setup_Init_CfgMgr32(HMODULE module)
|
||||||
CM_Add_Driver_Package_ExW,Setup_CM_Add_Driver_Package_ExW);
|
CM_Add_Driver_Package_ExW,Setup_CM_Add_Driver_Package_ExW);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//FIND_EP(CM_Query_And_Remove_SubTreeW);
|
||||||
|
//FIND_EP(CM_Uninstall_DevNode);
|
||||||
|
// Note: most of the CM_ functions use the "\Device\DeviceApi\CMApi" device/file for communication,
|
||||||
|
// these requests are filtered by the driver and we let them silently fail.
|
||||||
|
/*if (__sys_CM_Query_And_Remove_SubTreeW) {
|
||||||
|
DO_CALL_HOOK(
|
||||||
|
CM_Query_And_Remove_SubTreeW,Setup_CM_Query_And_Remove_SubTreeW);
|
||||||
|
}*/
|
||||||
|
/*if (__sys_CM_Uninstall_DevNode) {
|
||||||
|
DO_CALL_HOOK(
|
||||||
|
CM_Uninstall_DevNode,Setup_CM_Uninstall_DevNode);
|
||||||
|
}*/
|
||||||
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -180,3 +306,34 @@ _FX ULONG Setup_CM_Add_Driver_Package_ExW(
|
||||||
SbieApi_Log(2205, L"CM Add Driver Package Ex");
|
SbieApi_Log(2205, L"CM Add Driver Package Ex");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Setup_CM_Add_Driver_Package_ExW
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
/*static ULONG Setup_CM_Query_And_Remove_SubTreeW(
|
||||||
|
PVOID dnAncestor, // DEVINST
|
||||||
|
PVOID pVetoType, // PPNP_VETO_TYPE
|
||||||
|
LPWSTR pszVetoName,
|
||||||
|
ULONG ulNameLength,
|
||||||
|
ULONG ulFlags)
|
||||||
|
{
|
||||||
|
return __sys_CM_Query_And_Remove_SubTreeW(dnAncestor, pVetoType, pszVetoName, ulNameLength, ulFlags);
|
||||||
|
}*/
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Setup_CM_Add_Driver_Package_ExW
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
/*static ULONG Setup_CM_Uninstall_DevNode(
|
||||||
|
PVOID dnDevInst, // DEVNODE
|
||||||
|
ULONG ulFlags)
|
||||||
|
{
|
||||||
|
LONG ret = __sys_CM_Uninstall_DevNode(dnDevInst, ulFlags);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}*/
|
|
@ -31,7 +31,7 @@
|
||||||
#include "common/win32_ntddk.h"
|
#include "common/win32_ntddk.h"
|
||||||
#include "common/my_shlwapi.h"
|
#include "common/my_shlwapi.h"
|
||||||
#include "msgs/msgs.h"
|
#include "msgs/msgs.h"
|
||||||
|
#include "gui_p.h"
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Functions
|
// Functions
|
||||||
|
@ -46,6 +46,9 @@ static HKEY SbieDll_AssocQueryKeyWow64(const WCHAR *subj);
|
||||||
|
|
||||||
static BOOL SH32_ShellExecuteExW(SHELLEXECUTEINFOW *lpExecInfo);
|
static BOOL SH32_ShellExecuteExW(SHELLEXECUTEINFOW *lpExecInfo);
|
||||||
|
|
||||||
|
static BOOL SH32_Shell_NotifyIconW(
|
||||||
|
DWORD dwMessage, PNOTIFYICONDATAW lpData);
|
||||||
|
|
||||||
static WCHAR *SbieDll_AssocQueryCommandInternal(
|
static WCHAR *SbieDll_AssocQueryCommandInternal(
|
||||||
const WCHAR *subj, const WCHAR *verb);
|
const WCHAR *subj, const WCHAR *verb);
|
||||||
|
|
||||||
|
@ -80,6 +83,9 @@ static ULONG SH_WindowMonitorThread(void *lpParameter);
|
||||||
typedef BOOL (*P_ShellExecuteEx)(
|
typedef BOOL (*P_ShellExecuteEx)(
|
||||||
void *lpExecInfo);
|
void *lpExecInfo);
|
||||||
|
|
||||||
|
typedef BOOL (*P_Shell_NotifyIconW)(
|
||||||
|
DWORD dwMessage, PNOTIFYICONDATAW lpData);
|
||||||
|
|
||||||
typedef ULONG (*P_SHChangeNotifyRegister)(
|
typedef ULONG (*P_SHChangeNotifyRegister)(
|
||||||
HWND hwnd, int fSources, LONG fEvents, UINT wMsg,
|
HWND hwnd, int fSources, LONG fEvents, UINT wMsg,
|
||||||
int cEntries, SHChangeNotifyEntry *pfsne);
|
int cEntries, SHChangeNotifyEntry *pfsne);
|
||||||
|
@ -104,6 +110,8 @@ typedef HRESULT (*P_SHGetFolderLocation)(
|
||||||
|
|
||||||
static P_ShellExecuteEx __sys_ShellExecuteExW = NULL;
|
static P_ShellExecuteEx __sys_ShellExecuteExW = NULL;
|
||||||
|
|
||||||
|
static P_Shell_NotifyIconW __sys_Shell_NotifyIconW = NULL;
|
||||||
|
|
||||||
static P_SHChangeNotifyRegister __sys_SHChangeNotifyRegister = NULL;
|
static P_SHChangeNotifyRegister __sys_SHChangeNotifyRegister = NULL;
|
||||||
|
|
||||||
static P_SHOpenFolderAndSelectItems
|
static P_SHOpenFolderAndSelectItems
|
||||||
|
@ -403,6 +411,159 @@ _FX BOOL SH32_ShellExecuteExW(SHELLEXECUTEINFOW *lpExecInfo)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// SH32_BornderToIcon
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
HICON SH32_BorderToIcon(HICON hIcon, COLORREF color)
|
||||||
|
{
|
||||||
|
typedef HDC(*P_GetDC)(HWND hWnd);
|
||||||
|
typedef int(*P_ReleaseDC)(HWND hWnd, HDC hDC);
|
||||||
|
typedef BOOL(*P_GetIconInfo)(HICON hIcon, PICONINFO piconinfo);
|
||||||
|
typedef HICON(*P_CreateIconIndirect)(PICONINFO piconinfo);
|
||||||
|
|
||||||
|
typedef HDC(*P_CreateCompatibleDC)(HDC hdc);
|
||||||
|
typedef HGDIOBJ(*P_SelectObject)(HDC hdc, HGDIOBJ h);
|
||||||
|
typedef COLORREF(*P_GetPixel)(HDC hdc, int x, int y);
|
||||||
|
typedef COLORREF(*P_SetPixel)(HDC hdc, int x, int y, COLORREF color);
|
||||||
|
typedef BOOL(*P_DeleteObject)(HGDIOBJ ho);
|
||||||
|
typedef BOOL(*P_DeleteDC)(HDC hdc);
|
||||||
|
|
||||||
|
#define GET_WIN_API(name, lib) \
|
||||||
|
P_##name name = Ldr_GetProcAddrNew(lib, #name, #name); \
|
||||||
|
if(!name) return NULL;
|
||||||
|
|
||||||
|
GET_WIN_API(GetDC, DllName_user32);
|
||||||
|
GET_WIN_API(ReleaseDC, DllName_user32);
|
||||||
|
GET_WIN_API(GetIconInfo, DllName_user32);
|
||||||
|
GET_WIN_API(CreateIconIndirect, DllName_user32);
|
||||||
|
|
||||||
|
GET_WIN_API(CreateCompatibleDC, DllName_gdi32);
|
||||||
|
GET_WIN_API(SelectObject, DllName_gdi32);
|
||||||
|
GET_WIN_API(GetPixel, DllName_gdi32);
|
||||||
|
GET_WIN_API(SetPixel, DllName_gdi32);
|
||||||
|
GET_WIN_API(DeleteObject, DllName_gdi32);
|
||||||
|
GET_WIN_API(DeleteDC, DllName_gdi32);
|
||||||
|
|
||||||
|
|
||||||
|
HICON hNewIcon = NULL;
|
||||||
|
HDC hMainDC = NULL, hMemDC1 = NULL, hMemDC3 = NULL;
|
||||||
|
HBITMAP hOldBmp1 = NULL, hOldBmp3 = NULL;
|
||||||
|
ICONINFO csII;
|
||||||
|
|
||||||
|
if (!GetIconInfo(hIcon, &csII)) return NULL;
|
||||||
|
|
||||||
|
hMainDC = GetDC(NULL);
|
||||||
|
hMemDC1 = CreateCompatibleDC(hMainDC);
|
||||||
|
hMemDC3 = CreateCompatibleDC(hMainDC);
|
||||||
|
if (hMainDC == NULL || hMemDC1 == NULL || hMemDC3 == NULL) return NULL;
|
||||||
|
|
||||||
|
|
||||||
|
DWORD dwWidth = csII.xHotspot * 2;
|
||||||
|
DWORD dwHeight = csII.yHotspot * 2;
|
||||||
|
|
||||||
|
hOldBmp1 = (HBITMAP)SelectObject(hMemDC1, csII.hbmColor);
|
||||||
|
hOldBmp3 = (HBITMAP)SelectObject(hMemDC3, csII.hbmMask);
|
||||||
|
|
||||||
|
DWORD dwLoopY = 0, dwLoopX = 0;
|
||||||
|
COLORREF crPixel = 0;
|
||||||
|
|
||||||
|
for (dwLoopY = 0; dwLoopY < dwHeight; dwLoopY++)
|
||||||
|
{
|
||||||
|
for (dwLoopX = 0; dwLoopX < dwWidth; dwLoopX++)
|
||||||
|
{
|
||||||
|
crPixel = GetPixel(hMemDC1, dwLoopX, dwLoopY);
|
||||||
|
if (dwLoopY == 0 || dwLoopX == 0 || dwLoopY + 1 == dwHeight || dwLoopX + 1 == dwWidth)
|
||||||
|
crPixel = color; // RGB(255, 255, 0);
|
||||||
|
SetPixel(hMemDC1, dwLoopX, dwLoopY, crPixel);
|
||||||
|
|
||||||
|
crPixel = GetPixel(hMemDC3, dwLoopX, dwLoopY);
|
||||||
|
if (dwLoopY == 0 || dwLoopX == 0 || dwLoopY + 1 == dwHeight || dwLoopX + 1 == dwWidth)
|
||||||
|
crPixel = 0;
|
||||||
|
SetPixel(hMemDC3, dwLoopX, dwLoopY, crPixel);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
SelectObject(hMemDC1, hOldBmp1);
|
||||||
|
SelectObject(hMemDC3, hOldBmp3);
|
||||||
|
|
||||||
|
hNewIcon = CreateIconIndirect(&csII);
|
||||||
|
|
||||||
|
|
||||||
|
DeleteObject(csII.hbmColor);
|
||||||
|
DeleteObject(csII.hbmMask);
|
||||||
|
DeleteDC(hMemDC1);
|
||||||
|
DeleteDC(hMemDC3);
|
||||||
|
ReleaseDC(NULL, hMainDC);
|
||||||
|
|
||||||
|
return hNewIcon;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// SH32_Shell_NotifyIconW
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
_FX BOOL SH32_Shell_NotifyIconW(
|
||||||
|
DWORD dwMessage, PNOTIFYICONDATAW lpData)
|
||||||
|
{
|
||||||
|
BOOL ret;
|
||||||
|
HICON icon = NULL;
|
||||||
|
|
||||||
|
if (dwMessage == NIM_ADD || dwMessage == NIM_MODIFY)
|
||||||
|
{
|
||||||
|
if (!Gui_DisableTitle && lpData && lpData->cbSize >= sizeof(PNOTIFYICONDATAW))
|
||||||
|
{
|
||||||
|
ULONG len = wcslen(lpData->szTip);
|
||||||
|
|
||||||
|
if (Gui_BoxNameTitleLen != 0 && (len + Gui_BoxNameTitleLen + 2) <= 127)
|
||||||
|
{
|
||||||
|
wmemmove(lpData->szTip + Gui_BoxNameTitleLen + 2, lpData->szTip, len + 1);
|
||||||
|
wmemcpy(lpData->szTip, Gui_BoxNameTitleW, Gui_BoxNameTitleLen);
|
||||||
|
wmemcpy(lpData->szTip + Gui_BoxNameTitleLen, L"\r\n", 2);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (len + 8 > 127) {
|
||||||
|
lpData->szTip[127 - 8 - 3] = L'\0';
|
||||||
|
wcscat(lpData->szTip, L"...");
|
||||||
|
len = 127 - 8;
|
||||||
|
}
|
||||||
|
|
||||||
|
wmemmove(lpData->szTip + 4, lpData->szTip, len + 1);
|
||||||
|
wmemcpy(lpData->szTip, L"[#] ", 4);
|
||||||
|
wcscat(lpData->szTip, L" [#]");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
COLORREF color;
|
||||||
|
if (SbieDll_GetBorderColor(NULL, &color, NULL, NULL))
|
||||||
|
{
|
||||||
|
HICON newIcon = SH32_BorderToIcon(lpData->hIcon, color);
|
||||||
|
if (newIcon) {
|
||||||
|
icon = lpData->hIcon;
|
||||||
|
lpData->hIcon = newIcon;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = __sys_Shell_NotifyIconW(dwMessage, lpData);
|
||||||
|
|
||||||
|
if (icon)
|
||||||
|
{
|
||||||
|
typedef BOOL(*P_DestroyIcon)(HICON hIcon);
|
||||||
|
P_DestroyIcon DestroyIcon = Ldr_GetProcAddrNew(DllName_user32, L"DestroyIcon", "DestroyIcon");
|
||||||
|
|
||||||
|
DestroyIcon(lpData->hIcon);
|
||||||
|
lpData->hIcon = icon;
|
||||||
|
}
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// SH32_SHChangeNotifyRegister
|
// SH32_SHChangeNotifyRegister
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
@ -789,6 +950,7 @@ _FX NTSTATUS SH32_LdrGetDllHandleEx(
|
||||||
_FX BOOLEAN SH32_Init(HMODULE module)
|
_FX BOOLEAN SH32_Init(HMODULE module)
|
||||||
{
|
{
|
||||||
P_ShellExecuteEx ShellExecuteExW;
|
P_ShellExecuteEx ShellExecuteExW;
|
||||||
|
P_Shell_NotifyIconW Shell_NotifyIconW;
|
||||||
P_SHChangeNotifyRegister SHChangeNotifyRegister;
|
P_SHChangeNotifyRegister SHChangeNotifyRegister;
|
||||||
void *SHGetItemFromObject;
|
void *SHGetItemFromObject;
|
||||||
P_SHOpenFolderAndSelectItems SHOpenFolderAndSelectItems;
|
P_SHOpenFolderAndSelectItems SHOpenFolderAndSelectItems;
|
||||||
|
@ -806,6 +968,9 @@ _FX BOOLEAN SH32_Init(HMODULE module)
|
||||||
ShellExecuteExW = (P_ShellExecuteEx)
|
ShellExecuteExW = (P_ShellExecuteEx)
|
||||||
GetProcAddress(module, "ShellExecuteExW");
|
GetProcAddress(module, "ShellExecuteExW");
|
||||||
|
|
||||||
|
Shell_NotifyIconW = (P_Shell_NotifyIconW)
|
||||||
|
GetProcAddress(module, "Shell_NotifyIconW");
|
||||||
|
|
||||||
SHChangeNotifyRegister = (P_SHChangeNotifyRegister)
|
SHChangeNotifyRegister = (P_SHChangeNotifyRegister)
|
||||||
GetProcAddress(module, "SHChangeNotifyRegister");
|
GetProcAddress(module, "SHChangeNotifyRegister");
|
||||||
|
|
||||||
|
@ -816,6 +981,8 @@ _FX BOOLEAN SH32_Init(HMODULE module)
|
||||||
|
|
||||||
SBIEDLL_HOOK(SH32_,ShellExecuteExW);
|
SBIEDLL_HOOK(SH32_,ShellExecuteExW);
|
||||||
|
|
||||||
|
SBIEDLL_HOOK(SH32_,Shell_NotifyIconW);
|
||||||
|
|
||||||
if (SHChangeNotifyRegister && SHGetItemFromObject) {
|
if (SHChangeNotifyRegister && SHGetItemFromObject) {
|
||||||
|
|
||||||
//
|
//
|
||||||
|
|
|
@ -377,6 +377,24 @@ _FX BOOLEAN Taskbar_ShouldOverrideAppUserModelId(void)
|
||||||
// Taskbar_SetCurrentProcessExplicitAppUserModelID
|
// Taskbar_SetCurrentProcessExplicitAppUserModelID
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
_FX HRESULT Taskbar_SetCurrentProcessExplicitAppUserModelID_hack(
|
||||||
|
const WCHAR* AppId)
|
||||||
|
{
|
||||||
|
|
||||||
|
// ToDo
|
||||||
|
// Fix-Me: BUG when ProcessParms->WindowTitle is already set LocalFree
|
||||||
|
// performed by SetCurrentProcessExplicitAppUserModelID crashes, WTF why?!
|
||||||
|
//
|
||||||
|
// To work around this issue, we clear the flag that indicates this value being set
|
||||||
|
// this way we trade a memory leak for an crash
|
||||||
|
//
|
||||||
|
|
||||||
|
// HACK ALERT! if we clear 0x5000 the WindowTitle buffer will not be freed
|
||||||
|
RTL_USER_PROCESS_PARAMETERS* ProcessParms = Proc_GetRtlUserProcessParameters();
|
||||||
|
ProcessParms->WindowFlags &= ~0x5000;
|
||||||
|
|
||||||
|
return __sys_SetCurrentProcessExplicitAppUserModelID(AppId);
|
||||||
|
}
|
||||||
|
|
||||||
_FX HRESULT Taskbar_SetCurrentProcessExplicitAppUserModelID(
|
_FX HRESULT Taskbar_SetCurrentProcessExplicitAppUserModelID(
|
||||||
const WCHAR *AppId)
|
const WCHAR *AppId)
|
||||||
|
@ -385,7 +403,9 @@ _FX HRESULT Taskbar_SetCurrentProcessExplicitAppUserModelID(
|
||||||
WCHAR *NewId;
|
WCHAR *NewId;
|
||||||
|
|
||||||
if (! Taskbar_ShouldOverrideAppUserModelId())
|
if (! Taskbar_ShouldOverrideAppUserModelId())
|
||||||
return __sys_SetCurrentProcessExplicitAppUserModelID(AppId);
|
return Taskbar_SetCurrentProcessExplicitAppUserModelID_hack(AppId);
|
||||||
|
|
||||||
|
hr = E_FAIL;
|
||||||
|
|
||||||
if (Taskbar_SavedAppUserModelId) {
|
if (Taskbar_SavedAppUserModelId) {
|
||||||
Dll_Free(Taskbar_SavedAppUserModelId);
|
Dll_Free(Taskbar_SavedAppUserModelId);
|
||||||
|
@ -399,14 +419,14 @@ _FX HRESULT Taskbar_SetCurrentProcessExplicitAppUserModelID(
|
||||||
wmemcpy(Taskbar_SavedAppUserModelId, AppId, len + 1);
|
wmemcpy(Taskbar_SavedAppUserModelId, AppId, len + 1);
|
||||||
|
|
||||||
NewId = Taskbar_CreateAppUserModelId(AppId);
|
NewId = Taskbar_CreateAppUserModelId(AppId);
|
||||||
|
if (NewId == NULL)
|
||||||
|
return hr;
|
||||||
|
|
||||||
} else
|
hr = Taskbar_SetCurrentProcessExplicitAppUserModelID_hack(NewId);
|
||||||
NewId = NULL;
|
|
||||||
|
|
||||||
hr = __sys_SetCurrentProcessExplicitAppUserModelID(NewId);
|
if (NewId != AppId)
|
||||||
|
|
||||||
if (NewId && NewId != AppId)
|
|
||||||
Dll_Free(NewId);
|
Dll_Free(NewId);
|
||||||
|
}
|
||||||
|
|
||||||
return hr;
|
return hr;
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,9 +19,8 @@
|
||||||
// Trace Helper
|
// Trace Helper
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
#include "trace.h"
|
|
||||||
#include "dll.h"
|
#include "dll.h"
|
||||||
|
#include "trace.h"
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
@ -70,9 +69,11 @@ _FX int Trace_Init(void)
|
||||||
// intercept NTDLL entry points
|
// intercept NTDLL entry points
|
||||||
//
|
//
|
||||||
|
|
||||||
|
if (SbieApi_QueryConfBool(NULL, L"ErrorTrace", FALSE)) {
|
||||||
RtlSetLastWin32Error = (P_RtlSetLastWin32Error)
|
RtlSetLastWin32Error = (P_RtlSetLastWin32Error)
|
||||||
GetProcAddress(Dll_Ntdll, "RtlSetLastWin32Error");
|
GetProcAddress(Dll_Ntdll, "RtlSetLastWin32Error");
|
||||||
SBIEDLL_HOOK(Trace_,RtlSetLastWin32Error);
|
SBIEDLL_HOOK(Trace_, RtlSetLastWin32Error);
|
||||||
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
// intercept KERNEL32 entry points
|
// intercept KERNEL32 entry points
|
||||||
|
@ -132,3 +133,40 @@ ALIGNED void Trace_OutputDebugStringA(const UCHAR *strA)
|
||||||
|
|
||||||
__sys_OutputDebugStringA(strA);
|
__sys_OutputDebugStringA(strA);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Trace_FindModuleByAddress
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
#include "../../common/my_xeb.h"
|
||||||
|
|
||||||
|
WCHAR* Trace_FindModuleByAddress(void* address)
|
||||||
|
{
|
||||||
|
WCHAR* found = NULL;
|
||||||
|
|
||||||
|
PLIST_ENTRY Head, Next;
|
||||||
|
PLDR_DATA_TABLE_ENTRY Entry;
|
||||||
|
PPEB peb = (PPEB)NtCurrentPeb();
|
||||||
|
|
||||||
|
EnterCriticalSection((PRTL_CRITICAL_SECTION)peb->LoaderLock);
|
||||||
|
|
||||||
|
Head = &peb->Ldr->InLoadOrderModuleList;
|
||||||
|
Next = Head->Flink;
|
||||||
|
|
||||||
|
while (Next != Head)
|
||||||
|
{
|
||||||
|
Entry = CONTAINING_RECORD(Next, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
|
||||||
|
|
||||||
|
if (Entry->DllBase < address && (UINT_PTR)Entry->DllBase + Entry->SizeOfImage > (UINT_PTR)address)
|
||||||
|
{
|
||||||
|
found = Entry->BaseDllName.Buffer;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
Next = Next->Flink;
|
||||||
|
}
|
||||||
|
|
||||||
|
LeaveCriticalSection((PRTL_CRITICAL_SECTION)peb->LoaderLock);
|
||||||
|
|
||||||
|
return found;
|
||||||
|
}
|
|
@ -29,6 +29,8 @@
|
||||||
|
|
||||||
int Trace_Init(void);
|
int Trace_Init(void);
|
||||||
|
|
||||||
|
WCHAR* Trace_FindModuleByAddress(void* address);
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
|
@ -224,6 +224,33 @@ Gui_MsgWaitForMultipleObjects@20 ENDP
|
||||||
PUBLIC C Gui_MsgWaitForMultipleObjects@20
|
PUBLIC C Gui_MsgWaitForMultipleObjects@20
|
||||||
|
|
||||||
|
|
||||||
|
;----------------------------------------------------------------------------
|
||||||
|
; RpcRt_NdrClientCall
|
||||||
|
;----------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
EXTERN C RpcRt_NdrClientCall_x86 : PROC
|
||||||
|
;EXTERN C RpcRt_NdrClientCall_... : PROC
|
||||||
|
EXTERN C __sys_NdrClientCall : DWORD
|
||||||
|
|
||||||
|
RpcRt_NdrClientCall PROC C PUBLIC
|
||||||
|
|
||||||
|
call RpcRt_NdrClientCall_x86
|
||||||
|
test al,al
|
||||||
|
jnz CancelCall
|
||||||
|
|
||||||
|
jmp dword ptr [__sys_NdrClientCall]
|
||||||
|
|
||||||
|
CancelCall:
|
||||||
|
|
||||||
|
; jmp RpcRt_NdrClientCall_...
|
||||||
|
ret
|
||||||
|
|
||||||
|
RpcRt_NdrClientCall ENDP
|
||||||
|
|
||||||
|
PUBLIC C RpcRt_NdrClientCall
|
||||||
|
|
||||||
|
|
||||||
;----------------------------------------------------------------------------
|
;----------------------------------------------------------------------------
|
||||||
; RpcRt_NdrClientCall2
|
; RpcRt_NdrClientCall2
|
||||||
;----------------------------------------------------------------------------
|
;----------------------------------------------------------------------------
|
||||||
|
@ -237,11 +264,11 @@ RpcRt_NdrClientCall2 PROC C PUBLIC
|
||||||
|
|
||||||
call RpcRt_NdrClientCall2_x86
|
call RpcRt_NdrClientCall2_x86
|
||||||
test al,al
|
test al,al
|
||||||
jnz CancelCall
|
jnz CancelCall2
|
||||||
|
|
||||||
jmp dword ptr [__sys_NdrClientCall2]
|
jmp dword ptr [__sys_NdrClientCall2]
|
||||||
|
|
||||||
CancelCall:
|
CancelCall2:
|
||||||
|
|
||||||
; jmp RpcRt_NdrClientCall2_...
|
; jmp RpcRt_NdrClientCall2_...
|
||||||
ret
|
ret
|
||||||
|
@ -250,3 +277,29 @@ RpcRt_NdrClientCall2 ENDP
|
||||||
|
|
||||||
PUBLIC C RpcRt_NdrClientCall2
|
PUBLIC C RpcRt_NdrClientCall2
|
||||||
|
|
||||||
|
|
||||||
|
;----------------------------------------------------------------------------
|
||||||
|
; RpcRt_NdrClientCall4
|
||||||
|
;----------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
EXTERN C RpcRt_NdrClientCall4_x86 : PROC
|
||||||
|
;EXTERN C RpcRt_NdrClientCall4_... : PROC
|
||||||
|
EXTERN C __sys_NdrClientCall4 : DWORD
|
||||||
|
|
||||||
|
RpcRt_NdrClientCall4 PROC C PUBLIC
|
||||||
|
|
||||||
|
call RpcRt_NdrClientCall4_x86
|
||||||
|
test al,al
|
||||||
|
jnz CancelCall4
|
||||||
|
|
||||||
|
jmp dword ptr [__sys_NdrClientCall4]
|
||||||
|
|
||||||
|
CancelCall4:
|
||||||
|
|
||||||
|
; jmp RpcRt_NdrClientCall4_...
|
||||||
|
ret
|
||||||
|
|
||||||
|
RpcRt_NdrClientCall4 ENDP
|
||||||
|
|
||||||
|
PUBLIC C RpcRt_NdrClientCall4
|
|
@ -81,7 +81,7 @@ ProtectCall4 ENDP
|
||||||
; Secure_Ndr64AsyncClientCall
|
; Secure_Ndr64AsyncClientCall
|
||||||
;----------------------------------------------------------------------------
|
;----------------------------------------------------------------------------
|
||||||
|
|
||||||
EXTERN Secure_CheckElevation : PROC
|
EXTERN Secure_CheckElevation64 : PROC
|
||||||
EXTERN Secure_HandleElevation : PROC
|
EXTERN Secure_HandleElevation : PROC
|
||||||
EXTERN __sys_Ndr64AsyncClientCall : QWORD
|
EXTERN __sys_Ndr64AsyncClientCall : QWORD
|
||||||
|
|
||||||
|
@ -94,11 +94,12 @@ Secure_Ndr64AsyncClientCall PROC
|
||||||
mov [rax+4*8],r9 ; spill first variadic parameter
|
mov [rax+4*8],r9 ; spill first variadic parameter
|
||||||
sub rsp,8+(4*8)
|
sub rsp,8+(4*8)
|
||||||
|
|
||||||
xor rcx,rcx ; clear ReturnAddressFromNdrAsyncClientCall
|
;; xor rcx,rcx ; clear pProxyInfo
|
||||||
xor rdx,rdx ; clear pStubDescriptor
|
;; xor rdx,rdx ; clear nProcNum
|
||||||
xor r8,r8 ; clear pFormat
|
;; xor r8,r8 ; clear pReturnValue
|
||||||
|
; mov r8,[rsp + 8+(4*8)] ; return poitner
|
||||||
lea r9,[rsp + 8+(4*8) + 4*8] ; setup Args -> SECURE_UAC_ARGS
|
lea r9,[rsp + 8+(4*8) + 4*8] ; setup Args -> SECURE_UAC_ARGS
|
||||||
call Secure_CheckElevation
|
call Secure_CheckElevation64
|
||||||
test al,al
|
test al,al
|
||||||
jnz WeHandleElevation
|
jnz WeHandleElevation
|
||||||
|
|
||||||
|
@ -191,6 +192,56 @@ l02: ret
|
||||||
Gui_FixupCallbackPointers ENDP
|
Gui_FixupCallbackPointers ENDP
|
||||||
|
|
||||||
|
|
||||||
|
;----------------------------------------------------------------------------
|
||||||
|
; RpcRt_NdrClientCall2
|
||||||
|
;----------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
EXTERN RpcRt_NdrClientCall2_x64 : PROC
|
||||||
|
;EXTERN Secure_HandleElevation : PROC
|
||||||
|
EXTERN __sys_NdrClientCall2 : QWORD
|
||||||
|
|
||||||
|
RpcRt_NdrClientCall2 PROC
|
||||||
|
|
||||||
|
mov rax,rsp
|
||||||
|
mov [rax+1*8],rcx ; spill pStubDescriptor
|
||||||
|
mov [rax+2*8],rdx ; spill pFormat
|
||||||
|
mov [rax+3*8],r8 ; spill first variadic parameter
|
||||||
|
mov [rax+4*8],r9 ; spill second variadic parameter
|
||||||
|
sub rsp,8+(4*8)
|
||||||
|
|
||||||
|
;; xor rcx,rcx ; clear pStubDescriptor
|
||||||
|
;; xor rdx,rdx ; clear pFormat
|
||||||
|
; mov r8,[rsp + 8+(4*8)] ; return poitner
|
||||||
|
lea r8,[rsp + 8+(4*8) + 3*8] ; Args
|
||||||
|
call RpcRt_NdrClientCall2_x64
|
||||||
|
test al,al
|
||||||
|
jnz CancelCall2
|
||||||
|
|
||||||
|
lea rax,[rsp+8+(4*8)]
|
||||||
|
mov rcx,[rax+1*8] ; restore pStubDescriptor
|
||||||
|
mov rdx,[rax+2*8] ; restore pFormat
|
||||||
|
mov r8,[rax+3*8] ; restore first variadic parameter
|
||||||
|
mov r9,[rax+4*8] ; restore second variadic parameter
|
||||||
|
|
||||||
|
add rsp,8+(4*8)
|
||||||
|
jmp [__sys_NdrClientCall2]
|
||||||
|
|
||||||
|
CancelCall2:
|
||||||
|
|
||||||
|
;;; xor rcx,rcx ; clear pProxyInfo
|
||||||
|
;;; xor rdx,rdx ; clear nProcNum
|
||||||
|
;;; xor r8,r8 ; clear pReturnValue
|
||||||
|
;; mov r8,[rsp + 8+(4*8)] ; return poitner
|
||||||
|
; lea r8,[rsp + 8+(4*8) + 3*8] ; Args
|
||||||
|
; call RpcRt_NdrClientCall2_...
|
||||||
|
|
||||||
|
add rsp,8+(4*8)
|
||||||
|
ret
|
||||||
|
|
||||||
|
RpcRt_NdrClientCall2 ENDP
|
||||||
|
|
||||||
|
|
||||||
;----------------------------------------------------------------------------
|
;----------------------------------------------------------------------------
|
||||||
; RpcRt_NdrClientCall3
|
; RpcRt_NdrClientCall3
|
||||||
;----------------------------------------------------------------------------
|
;----------------------------------------------------------------------------
|
||||||
|
@ -216,7 +267,7 @@ RpcRt_NdrClientCall3 PROC
|
||||||
lea r9,[rsp + 8+(4*8) + 4*8] ; Args
|
lea r9,[rsp + 8+(4*8) + 4*8] ; Args
|
||||||
call RpcRt_NdrClientCall3_x64
|
call RpcRt_NdrClientCall3_x64
|
||||||
test al,al
|
test al,al
|
||||||
jnz CancelCall
|
jnz CancelCall3
|
||||||
|
|
||||||
lea rax,[rsp+8+(4*8)]
|
lea rax,[rsp+8+(4*8)]
|
||||||
mov rcx,[rax+1*8] ; restore pProxyInfo
|
mov rcx,[rax+1*8] ; restore pProxyInfo
|
||||||
|
@ -227,7 +278,7 @@ RpcRt_NdrClientCall3 PROC
|
||||||
add rsp,8+(4*8)
|
add rsp,8+(4*8)
|
||||||
jmp [__sys_NdrClientCall3]
|
jmp [__sys_NdrClientCall3]
|
||||||
|
|
||||||
CancelCall:
|
CancelCall3:
|
||||||
|
|
||||||
;;; xor rcx,rcx ; clear pProxyInfo
|
;;; xor rcx,rcx ; clear pProxyInfo
|
||||||
;;; xor rdx,rdx ; clear nProcNum
|
;;; xor rdx,rdx ; clear nProcNum
|
||||||
|
|
|
@ -285,6 +285,12 @@
|
||||||
<ClCompile Include="dll.c" />
|
<ClCompile Include="dll.c" />
|
||||||
<ClCompile Include="driver.c" />
|
<ClCompile Include="driver.c" />
|
||||||
<ClCompile Include="file.c" />
|
<ClCompile Include="file.c" />
|
||||||
|
<ClCompile Include="file_ctrl.c">
|
||||||
|
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">true</ExcludedFromBuild>
|
||||||
|
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">true</ExcludedFromBuild>
|
||||||
|
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">true</ExcludedFromBuild>
|
||||||
|
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">true</ExcludedFromBuild>
|
||||||
|
</ClCompile>
|
||||||
<ClCompile Include="file_flt.c">
|
<ClCompile Include="file_flt.c">
|
||||||
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">true</ExcludedFromBuild>
|
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">true</ExcludedFromBuild>
|
||||||
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">true</ExcludedFromBuild>
|
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">true</ExcludedFromBuild>
|
||||||
|
@ -321,6 +327,7 @@
|
||||||
<ClCompile Include="ipc.c" />
|
<ClCompile Include="ipc.c" />
|
||||||
<ClCompile Include="ipc_lsa.c" />
|
<ClCompile Include="ipc_lsa.c" />
|
||||||
<ClCompile Include="ipc_port.c" />
|
<ClCompile Include="ipc_port.c" />
|
||||||
|
<ClCompile Include="ipc_sam.c" />
|
||||||
<ClCompile Include="ipc_spl.c" />
|
<ClCompile Include="ipc_spl.c" />
|
||||||
<ClCompile Include="key.c" />
|
<ClCompile Include="key.c" />
|
||||||
<ClCompile Include="key_flt.c">
|
<ClCompile Include="key_flt.c">
|
||||||
|
|
|
@ -118,6 +118,12 @@
|
||||||
<ClCompile Include="..\..\common\stream.c">
|
<ClCompile Include="..\..\common\stream.c">
|
||||||
<Filter>common</Filter>
|
<Filter>common</Filter>
|
||||||
</ClCompile>
|
</ClCompile>
|
||||||
|
<ClCompile Include="ipc_sam.c">
|
||||||
|
<Filter>ipc</Filter>
|
||||||
|
</ClCompile>
|
||||||
|
<ClCompile Include="file_ctrl.c">
|
||||||
|
<Filter>file</Filter>
|
||||||
|
</ClCompile>
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<ClInclude Include="api.h" />
|
<ClInclude Include="api.h" />
|
||||||
|
|
|
@ -316,6 +316,7 @@ API_ARGS_CLOSE(API_DISABLE_FORCE_PROCESS_ARGS)
|
||||||
API_ARGS_BEGIN(API_MONITOR_CONTROL_ARGS)
|
API_ARGS_BEGIN(API_MONITOR_CONTROL_ARGS)
|
||||||
API_ARGS_FIELD(ULONG *,set_flag)
|
API_ARGS_FIELD(ULONG *,set_flag)
|
||||||
API_ARGS_FIELD(ULONG *,get_flag)
|
API_ARGS_FIELD(ULONG *,get_flag)
|
||||||
|
//API_ARGS_FIELD(ULONG *,get_used)
|
||||||
API_ARGS_CLOSE(API_MONITOR_CONTROL_ARGS)
|
API_ARGS_CLOSE(API_MONITOR_CONTROL_ARGS)
|
||||||
|
|
||||||
|
|
||||||
|
@ -329,6 +330,7 @@ API_ARGS_BEGIN(API_MONITOR_GET_EX_ARGS)
|
||||||
API_ARGS_FIELD(ULONG *, log_seq)
|
API_ARGS_FIELD(ULONG *, log_seq)
|
||||||
API_ARGS_FIELD(USHORT *, log_type)
|
API_ARGS_FIELD(USHORT *, log_type)
|
||||||
API_ARGS_FIELD(ULONG64 *, log_pid)
|
API_ARGS_FIELD(ULONG64 *, log_pid)
|
||||||
|
API_ARGS_FIELD(ULONG64 *, log_tid)
|
||||||
API_ARGS_FIELD(ULONG, log_len)
|
API_ARGS_FIELD(ULONG, log_len)
|
||||||
API_ARGS_FIELD(WCHAR *, log_ptr)
|
API_ARGS_FIELD(WCHAR *, log_ptr)
|
||||||
API_ARGS_CLOSE(API_MONITOR_GET_EX_ARGS)
|
API_ARGS_CLOSE(API_MONITOR_GET_EX_ARGS)
|
||||||
|
|
|
@ -879,6 +879,8 @@ _FX BOOLEAN File_InitProcess(PROCESS *proc)
|
||||||
proc->box->name, L"NotifyDirectDiskAccess", 0, FALSE);
|
proc->box->name, L"NotifyDirectDiskAccess", 0, FALSE);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
proc->file_open_devapi_cmapi = Conf_Get_Boolean(proc->box->name, L"OpenDevCMApi", 0, FALSE);
|
||||||
|
|
||||||
if (ok && proc->image_path && (! proc->image_sbie)) {
|
if (ok && proc->image_path && (! proc->image_sbie)) {
|
||||||
|
|
||||||
//
|
//
|
||||||
|
|
|
@ -0,0 +1,130 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2021 David Xanatos, xanasoft.com
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// DeviceIoControlFile filter
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
//#define CTL_CODE( DeviceType, Function, Method, Access ) (((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method))
|
||||||
|
|
||||||
|
#define DEVICE_TYPE_FROM_CTL_CODE(ctrlCode) (((ULONG)(ctrlCode & 0xffff0000)) >> 16)
|
||||||
|
|
||||||
|
#define FUNCTION_FROM_CTL_CODE(ctrlCode) (((ULONG)(ctrlCode & 0x3ffc)) >> 2)
|
||||||
|
|
||||||
|
#define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
|
||||||
|
|
||||||
|
_FX NTSTATUS Syscall_DeviceIoControlFile(
|
||||||
|
PROCESS *proc, SYSCALL_ENTRY *syscall_entry, ULONG_PTR *user_args)
|
||||||
|
{
|
||||||
|
// filter out dangerous driver calls
|
||||||
|
|
||||||
|
ULONG IoControlCode = (ULONG)user_args[5];
|
||||||
|
|
||||||
|
if (DEVICE_TYPE_FROM_CTL_CODE(IoControlCode) == 0x6d) //MOUNTMGRCONTROLTYPE 'm' \Device\MountPointManager
|
||||||
|
{
|
||||||
|
ULONG function;
|
||||||
|
function = FUNCTION_FROM_CTL_CODE(IoControlCode);
|
||||||
|
//DbgPrint("DeviceIoContoleFile, func = %d, p=%06d t=%06d, %S\n", function, PsGetCurrentProcessId(), PsGetCurrentThreadId(), proc->image_name);
|
||||||
|
if (function == 0 || // IOCTL_MOUNTMGR_CREATE_POINT
|
||||||
|
function == 1 || // IOCTL_MOUNTMGR_DELETE_POINTS (DeleteVolumeMountPoint())
|
||||||
|
function == 3 || // IOCTL_MOUNTMGR_DELETE_POINTS_DBONLY
|
||||||
|
function == 6 || // IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED
|
||||||
|
function == 7 || // IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED
|
||||||
|
function == 9) // IOCTL_MOUNTMGR_KEEP_LINKS_WHEN_OFFLINE
|
||||||
|
return STATUS_ACCESS_DENIED;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (DEVICE_TYPE_FROM_CTL_CODE(IoControlCode) == 0x47) //CMApi(?)CONTROLTYPE 0x47 \Device\DeviceApi\CMApi
|
||||||
|
{
|
||||||
|
if (!proc->file_open_devapi_cmapi)
|
||||||
|
{
|
||||||
|
ULONG function = FUNCTION_FROM_CTL_CODE(IoControlCode);
|
||||||
|
/*WCHAR path[256] = { 0 };
|
||||||
|
FILE_OBJECT* object;
|
||||||
|
NTSTATUS status = ObReferenceObjectByHandle((HANDLE)user_args[0], 0, *IoFileObjectType, UserMode, &object, NULL);
|
||||||
|
if (NT_SUCCESS(status))
|
||||||
|
{
|
||||||
|
memcpy(path, object->FileName.Buffer, object->FileName.Length);
|
||||||
|
path[object->FileName.Length / sizeof(WCHAR)] = 0;
|
||||||
|
ObDereferenceObject(object);
|
||||||
|
}*/
|
||||||
|
|
||||||
|
BOOLEAN filter = FALSE;
|
||||||
|
switch (function)
|
||||||
|
{
|
||||||
|
//case 0x0:
|
||||||
|
//case 0x100: //?SwDeviceCreate - Initiates the enumeration of a software device.
|
||||||
|
case 0x101: //?SwDevicePropertySet
|
||||||
|
case 0x102: //?SwDeviceInterfaceRegister
|
||||||
|
case 0x103: //?SwDeviceInterfaceSetState
|
||||||
|
case 0x104: //?SwDeviceInterfacePropertySet
|
||||||
|
case 0x105: //?SwDeviceSetLifetime
|
||||||
|
//case 0x106: //?SwDeviceGetLifetime
|
||||||
|
|
||||||
|
//case 0x200: //?CMP_Register_Notification,CM_Get_Device_ID_List,CM_Get_Device_ID_List_Size
|
||||||
|
//case 0x201: //?CmNotifyWnfNotificationCallback,CM_Get_Device_Interface_List_Size
|
||||||
|
//case 0x202: //?ProcessPlugPlayEventCallback,CM_Enumerate_Classes,CM_Enumerate_Enumerators
|
||||||
|
//case 0x203: //?UnregisterClient,CM_Get_Class_Property_Keys,CM_Get_DevNode_Property_Keys,CM_Get_Device_Interface_Property_Keys
|
||||||
|
//case 0x204: //GetObjectProperty,GetObjectProperty
|
||||||
|
case 0x205: //CM_Set_DevNode_Property,CM_Set_Device_Interface_Property,CM_Set_Class_Property
|
||||||
|
//case 0x206: //GetRegistryProperty,GetRegistryProperty
|
||||||
|
case 0x207: //CM_Set_Class_Registry_Property,CM_Set_DevNode_Registry_Property
|
||||||
|
//case 0x209: //CM_Get_DevNode_Status
|
||||||
|
//case 0x20a: //CM_Get_Depth
|
||||||
|
case 0x20b: //CM_Set_DevNode_Problem
|
||||||
|
case 0x20c: //CM_Disable_DevNode,CM_Query_And_Remove_SubTree
|
||||||
|
case 0x20d: //CM_Register_Device_Interface
|
||||||
|
case 0x20e: //CM_Unregister_Device_Interface
|
||||||
|
//case 0x20f: //CM_Get_Device_Interface_Alias
|
||||||
|
//case 0x210: //Validate_Device_Instance
|
||||||
|
case 0x211: //CM_Create_DevNode
|
||||||
|
case 0x212: //CM_Uninstall_DevNode
|
||||||
|
//case 0x213: //CM_Reenumerate_DevNode,CM_Setup_DevNode
|
||||||
|
case 0x214: //CM_Open_Device_Interface_Key
|
||||||
|
case 0x215: //CM_Delete_Device_Interface_Key
|
||||||
|
case 0x216: //OpenLogConfKey,OpenLogConfKey,CM_Open_DevNode_Key,CM_Get_DevNode_Custom_Property,OpenDeviceHwProfileKey
|
||||||
|
case 0x217: //CM_Delete_DevNode_Key
|
||||||
|
case 0x218: //CM_Open_Class_Key
|
||||||
|
case 0x219: //CM_Delete_Class_Key
|
||||||
|
|
||||||
|
filter = TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
WCHAR msg_str[240];
|
||||||
|
swprintf(msg_str, L"DeviceIoContoleFile, CMApi, func = 0x%X, filter=%d, p=%06d t=%06d, %s\n",
|
||||||
|
function, filter, PsGetCurrentProcessId(), PsGetCurrentThreadId(), proc->image_name);
|
||||||
|
const WCHAR* strings[2] = { msg_str, NULL };
|
||||||
|
Session_MonitorPutEx(MONITOR_OTHER | MONITOR_TRACE, strings, NULL, PsGetCurrentProcessId(), PsGetCurrentThreadId());*/
|
||||||
|
|
||||||
|
if(filter)
|
||||||
|
return STATUS_ACCESS_DENIED;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return NtDeviceIoControlFile(
|
||||||
|
(HANDLE)user_args[0], // FileHandle
|
||||||
|
(HANDLE)user_args[1], // Event
|
||||||
|
(PIO_APC_ROUTINE)user_args[2], // ApcRoutine
|
||||||
|
(PVOID)user_args[3], // ApcContext
|
||||||
|
(PIO_STATUS_BLOCK)user_args[4], // IoStatusBlock
|
||||||
|
(ULONG)user_args[5], // IoControlCode
|
||||||
|
(PVOID)user_args[6], // InputBuffer
|
||||||
|
(ULONG)user_args[7], // InputBufferLength
|
||||||
|
(PVOID)user_args[8], // OutBuffer
|
||||||
|
(ULONG)user_args[9]); // OutputBufferLength
|
||||||
|
}
|
|
@ -652,6 +652,9 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS *proc)
|
||||||
proc->ipc_open_lsa_endpoint =
|
proc->ipc_open_lsa_endpoint =
|
||||||
Conf_Get_Boolean(proc->box->name, L"OpenLsaEndpoint", 0, FALSE);
|
Conf_Get_Boolean(proc->box->name, L"OpenLsaEndpoint", 0, FALSE);
|
||||||
|
|
||||||
|
proc->ipc_open_sam_endpoint =
|
||||||
|
Conf_Get_Boolean(proc->box->name, L"OpenSamEndpoint", 0, FALSE);
|
||||||
|
|
||||||
proc->ipc_allowSpoolerPrintToFile =
|
proc->ipc_allowSpoolerPrintToFile =
|
||||||
Conf_Get_Boolean(proc->box->name, L"AllowSpoolerPrintToFile", 0, FALSE);
|
Conf_Get_Boolean(proc->box->name, L"AllowSpoolerPrintToFile", 0, FALSE);
|
||||||
|
|
||||||
|
@ -1164,13 +1167,10 @@ _FX NTSTATUS Ipc_Api_DuplicateObject(PROCESS *proc, ULONG64 *parms)
|
||||||
|
|
||||||
status = NtDuplicateObject(
|
status = NtDuplicateObject(
|
||||||
SourceProcessHandle, SourceHandle,
|
SourceProcessHandle, SourceHandle,
|
||||||
TargetProcessHandle, TargetHandle,
|
TargetProcessHandle, &TargetHandleValue,
|
||||||
DesiredAccess, HandleAttributes,
|
DesiredAccess, HandleAttributes,
|
||||||
Options & ~DUPLICATE_CLOSE_SOURCE);
|
Options & ~DUPLICATE_CLOSE_SOURCE);
|
||||||
|
|
||||||
TargetHandleValue = *TargetHandle;
|
|
||||||
*TargetHandle = NULL;
|
|
||||||
|
|
||||||
if (NT_SUCCESS(status)) {
|
if (NT_SUCCESS(status)) {
|
||||||
|
|
||||||
status = Ipc_CheckObjectName(TargetHandleValue);
|
status = Ipc_CheckObjectName(TargetHandleValue);
|
||||||
|
@ -1185,12 +1185,11 @@ _FX NTSTATUS Ipc_Api_DuplicateObject(PROCESS *proc, ULONG64 *parms)
|
||||||
|
|
||||||
status = NtDuplicateObject(
|
status = NtDuplicateObject(
|
||||||
SourceProcessHandle, SourceHandle,
|
SourceProcessHandle, SourceHandle,
|
||||||
TargetProcessHandle, TargetHandle,
|
TargetProcessHandle, &TargetHandleValue,
|
||||||
DesiredAccess, HandleAttributes, Options);
|
DesiredAccess, HandleAttributes, Options);
|
||||||
|
|
||||||
TargetHandleValue = *TargetHandle;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
*TargetHandle = NULL;
|
||||||
if (NT_SUCCESS(status))
|
if (NT_SUCCESS(status))
|
||||||
*TargetHandle = TargetHandleValue;
|
*TargetHandle = TargetHandleValue;
|
||||||
|
|
||||||
|
|
|
@ -343,7 +343,7 @@ _FX BOOLEAN Ipc_Filter_Lsa_Ep_Msg(PROCESS* proc, UCHAR uMsg)
|
||||||
WCHAR msg_str[24];
|
WCHAR msg_str[24];
|
||||||
swprintf(msg_str, L" Msg: %02X", (ULONG)uMsg);
|
swprintf(msg_str, L" Msg: %02X", (ULONG)uMsg);
|
||||||
const WCHAR* strings[3] = { L"\\RPC Control\\LSARPC_ENDPOINT", msg_str, NULL };
|
const WCHAR* strings[3] = { L"\\RPC Control\\LSARPC_ENDPOINT", msg_str, NULL };
|
||||||
Session_MonitorPutEx(mon_type, strings, NULL, PsGetCurrentProcessId());
|
Session_MonitorPutEx(mon_type, strings, NULL, PsGetCurrentProcessId(), PsGetCurrentThreadId());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -25,6 +25,7 @@
|
||||||
#include "obj.h"
|
#include "obj.h"
|
||||||
#include "api.h"
|
#include "api.h"
|
||||||
#include "thread.h"
|
#include "thread.h"
|
||||||
|
#include "session.h"
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
@ -122,6 +123,9 @@ NTSTATUS Ipc_CheckPortRequest_Lsa(
|
||||||
NTSTATUS Ipc_CheckPortRequest_LsaEP(
|
NTSTATUS Ipc_CheckPortRequest_LsaEP(
|
||||||
PROCESS* proc, OBJECT_NAME_INFORMATION* Name, PORT_MESSAGE* msg);
|
PROCESS* proc, OBJECT_NAME_INFORMATION* Name, PORT_MESSAGE* msg);
|
||||||
|
|
||||||
|
NTSTATUS Ipc_CheckPortRequest_Sam(
|
||||||
|
PROCESS* proc, OBJECT_NAME_INFORMATION* Name, PORT_MESSAGE* msg);
|
||||||
|
|
||||||
NTSTATUS Ipc_CheckPortRequest_PowerManagement(
|
NTSTATUS Ipc_CheckPortRequest_PowerManagement(
|
||||||
PROCESS *proc, OBJECT_NAME_INFORMATION *Name, PORT_MESSAGE *msg);
|
PROCESS *proc, OBJECT_NAME_INFORMATION *Name, PORT_MESSAGE *msg);
|
||||||
|
|
||||||
|
@ -235,6 +239,8 @@ _FX NTSTATUS Ipc_CheckPortRequest(
|
||||||
status = Ipc_CheckPortRequest_Lsa(proc, Name, msg);
|
status = Ipc_CheckPortRequest_Lsa(proc, Name, msg);
|
||||||
if (status == STATUS_BAD_INITIAL_PC)
|
if (status == STATUS_BAD_INITIAL_PC)
|
||||||
status = Ipc_CheckPortRequest_LsaEP(proc, Name, msg);
|
status = Ipc_CheckPortRequest_LsaEP(proc, Name, msg);
|
||||||
|
if (status == STATUS_BAD_INITIAL_PC)
|
||||||
|
status = Ipc_CheckPortRequest_Sam(proc, Name, msg);
|
||||||
if (status == STATUS_BAD_INITIAL_PC)
|
if (status == STATUS_BAD_INITIAL_PC)
|
||||||
status = Ipc_CheckPortRequest_PowerManagement(proc, Name, msg);
|
status = Ipc_CheckPortRequest_PowerManagement(proc, Name, msg);
|
||||||
if (status == STATUS_BAD_INITIAL_PC)
|
if (status == STATUS_BAD_INITIAL_PC)
|
||||||
|
@ -247,6 +253,14 @@ _FX NTSTATUS Ipc_CheckPortRequest(
|
||||||
//DbgPrint("Status <%08X> on Port <%*.*S>\n", status, Name->Name.Length/sizeof(WCHAR), Name->Name.Length/sizeof(WCHAR), Name->Name.Buffer);
|
//DbgPrint("Status <%08X> on Port <%*.*S>\n", status, Name->Name.Length/sizeof(WCHAR), Name->Name.Length/sizeof(WCHAR), Name->Name.Buffer);
|
||||||
//}
|
//}
|
||||||
|
|
||||||
|
/*if (Session_MonitorCount)// && (proc->ipc_trace & (TRACE_ALLOW | TRACE_DENY)))
|
||||||
|
{
|
||||||
|
WCHAR msg_str[256];
|
||||||
|
swprintf(msg_str, L"CheckPortRequest, Status <%08X> on Port <%*.*s>\n", status, Name->Name.Length / sizeof(WCHAR), Name->Name.Length / sizeof(WCHAR), Name->Name.Buffer);
|
||||||
|
const WCHAR* strings[2] = { msg_str, NULL };
|
||||||
|
Session_MonitorPutEx(MONITOR_IPC, strings, NULL, PsGetCurrentProcessId(), PsGetCurrentThreadId());
|
||||||
|
}*/
|
||||||
|
|
||||||
//
|
//
|
||||||
// finish
|
// finish
|
||||||
//
|
//
|
||||||
|
|
|
@ -0,0 +1,190 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2021 David Xanatos, xanasoft.com
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Inter-Process Communication
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
#include "ipc.h"
|
||||||
|
#include "obj.h"
|
||||||
|
#include "api.h"
|
||||||
|
#include "util.h"
|
||||||
|
#include "session.h"
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Functions
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
_FX BOOLEAN Ipc_Filter_Sam_Msg(PROCESS* proc, UCHAR uMsg);
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Ipc_CheckPortRequest_Sam
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
_FX NTSTATUS Ipc_CheckPortRequest_Sam(
|
||||||
|
PROCESS* proc, OBJECT_NAME_INFORMATION* Name, PORT_MESSAGE* msg)
|
||||||
|
{
|
||||||
|
NTSTATUS status;
|
||||||
|
|
||||||
|
if (proc->ipc_open_sam_endpoint)
|
||||||
|
return STATUS_BAD_INITIAL_PC;
|
||||||
|
|
||||||
|
if (Name->Name.Length == 22 * sizeof(WCHAR)) {
|
||||||
|
|
||||||
|
if (_wcsicmp(Name->Name.Buffer, L"\\RPC Control\\samss lpc") != 0)
|
||||||
|
return STATUS_BAD_INITIAL_PC;
|
||||||
|
|
||||||
|
}
|
||||||
|
else
|
||||||
|
return STATUS_BAD_INITIAL_PC;
|
||||||
|
|
||||||
|
//
|
||||||
|
// examine message
|
||||||
|
//
|
||||||
|
|
||||||
|
status = STATUS_SUCCESS;
|
||||||
|
|
||||||
|
__try {
|
||||||
|
|
||||||
|
ProbeForRead(msg, sizeof(PORT_MESSAGE), sizeof(ULONG_PTR));
|
||||||
|
|
||||||
|
if (Driver_OsVersion >= DRIVER_WINDOWS_7) {
|
||||||
|
|
||||||
|
ULONG len = msg->u1.s1.DataLength;
|
||||||
|
UCHAR* ptr = (UCHAR*)((UCHAR*)msg + sizeof(PORT_MESSAGE));
|
||||||
|
int i = 0;
|
||||||
|
int rc = -2;
|
||||||
|
|
||||||
|
ProbeForRead(ptr, len, sizeof(WCHAR));
|
||||||
|
|
||||||
|
if (Ipc_Filter_Sam_Msg(proc, ptr[20]))
|
||||||
|
status = STATUS_ACCESS_DENIED;
|
||||||
|
|
||||||
|
//DbgPrint("\\RPC Control\\samss lpc message ID: %d\n", (int)ptr[20]);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
__except (EXCEPTION_EXECUTE_HANDLER) {
|
||||||
|
status = GetExceptionCode();
|
||||||
|
}
|
||||||
|
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Ipc_Filter_Sam_Msg
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
_FX BOOLEAN Ipc_Filter_Sam_Msg(PROCESS* proc, UCHAR uMsg)
|
||||||
|
{
|
||||||
|
BOOLEAN filter = FALSE;
|
||||||
|
|
||||||
|
switch (uMsg)
|
||||||
|
{
|
||||||
|
//case 0x00: //SamConnect
|
||||||
|
//case 0x01: //SamCloseHandle
|
||||||
|
case 0x02: //SamSetSecurityObject
|
||||||
|
//case 0x03: //SamQuerySecurityObject
|
||||||
|
//case 0x05: //SamLookupDomainInSamServer
|
||||||
|
//case 0x06: //SamEnumerateDomainsInSamServer
|
||||||
|
//case 0x07: //SamOpenDomain
|
||||||
|
//case 0x08: //SamQueryInformationDomain
|
||||||
|
case 0x09: //SamSetInformationDomain
|
||||||
|
case 0x0A: //SamCreateGroupInDomain
|
||||||
|
//case 0x0B: //SamEnumerateGroupsInDomain
|
||||||
|
case 0x0C: //SamCreateUserInDomain
|
||||||
|
//case 0x0D: //SamiEnumerateUsersInDomain
|
||||||
|
case 0x0E: //SamCreateAliasInDomain
|
||||||
|
//case 0x0F: //SamEnumerateAliasesInDomain
|
||||||
|
//case 0x10: //SamGetAliasMembership
|
||||||
|
//case 0x11: //SamiLookupNamesInDomain
|
||||||
|
//case 0x12: //SampLookupIdsInDomain
|
||||||
|
//case 0x13: //SamOpenGroup
|
||||||
|
//case 0x14: //SamQueryInformationGroup
|
||||||
|
case 0x15: //SamSetInformationGroup
|
||||||
|
case 0x17: //SamDeleteGroup
|
||||||
|
case 0x18: //SamRemoveMemberFromGroup
|
||||||
|
//case 0x19: //SamGetMembersInGroup
|
||||||
|
//case 0x1A: //SamSetMemberAttributesOfGroup
|
||||||
|
//case 0x1B: //SamOpenAlias
|
||||||
|
//case 0x1C: //SamQueryInformationAlias
|
||||||
|
case 0x1D: //SamSetInformationAlias
|
||||||
|
case 0x1E: //SamDeleteAlias
|
||||||
|
case 0x1F: //SamAddMemberToAlias
|
||||||
|
case 0x20: //SamRemoveMemberFromAlias
|
||||||
|
//case 0x21: //SamGetMembersInAlias
|
||||||
|
//case 0x22: //SamOpenUser
|
||||||
|
case 0x23: //SamDeleteUser
|
||||||
|
//case 0x24: //SamQueryInformationUser
|
||||||
|
case 0x25: //SamSetInformationUser
|
||||||
|
case 0x26: //SamiLmChangePasswordUser, SamiLmChangePasswordUser
|
||||||
|
//case 0x27: //SamGetGroupsForUser
|
||||||
|
//case 0x28: //SamQueryDisplayInformation
|
||||||
|
//case 0x29: //SamGetDisplayEnumerationIndex
|
||||||
|
//case 0x2C: //SampCheckPasswordRestrictions
|
||||||
|
case 0x2D: //SamRemoveMemberFromForeignDomain
|
||||||
|
//case 0x2E: //SamQueryInformationDomain
|
||||||
|
//case 0x30: //SamQueryDisplayInformation
|
||||||
|
//case 0x31: //SamGetDisplayEnumerationIndex
|
||||||
|
case 0x32: //SamCreateUser2InDomain
|
||||||
|
//case 0x33: //SamQueryDisplayInformation
|
||||||
|
case 0x35: //SamRemoveMultipleMembersFromAlias
|
||||||
|
case 0x37: //SamiChangePasswordUser2
|
||||||
|
case 0x38: //SamiChangePasswordUser2
|
||||||
|
//case 0x39: //SamConnect
|
||||||
|
case 0x3A: //SampSetInfoUserUseOldInfoClass
|
||||||
|
case 0x3B: //SamiSetBootKeyInformation
|
||||||
|
//case 0x3E: //SamConnect
|
||||||
|
//case 0x40: //SamConnect
|
||||||
|
//case 0x41: //SamRidToSid
|
||||||
|
case 0x42: //SampSetDSRMPassword
|
||||||
|
//case 0x43: //SamValidatePassword
|
||||||
|
//case 0x44: //SamQueryLocalizableAccountsInDomain
|
||||||
|
//case 0x45: //SamPerformGenericOperation
|
||||||
|
case 0x46: //SamiSyncDSRMPasswordFromAccount
|
||||||
|
//case 0x47: //SamiLookupNamesInDomain
|
||||||
|
//case 0x48: //SamiEnumerateUsersInDomain
|
||||||
|
|
||||||
|
//case 0xEF: //Unknown
|
||||||
|
filter = TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Session_MonitorCount && (proc->ipc_trace & (TRACE_ALLOW | TRACE_DENY))) {
|
||||||
|
|
||||||
|
USHORT mon_type = MONITOR_IPC;
|
||||||
|
|
||||||
|
if (filter && (proc->ipc_trace & TRACE_DENY))
|
||||||
|
mon_type |= MONITOR_DENY;
|
||||||
|
else if (!filter && (proc->ipc_trace & TRACE_ALLOW))
|
||||||
|
mon_type |= MONITOR_OPEN;
|
||||||
|
else
|
||||||
|
mon_type = 0;
|
||||||
|
|
||||||
|
if (mon_type) {
|
||||||
|
WCHAR msg_str[24];
|
||||||
|
swprintf(msg_str, L" Msg: %02X", (ULONG)uMsg);
|
||||||
|
const WCHAR* strings[3] = { L"\\RPC Control\\samss lpc", msg_str, NULL };
|
||||||
|
Session_MonitorPutEx(mon_type, strings, NULL, PsGetCurrentProcessId(), PsGetCurrentThreadId());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return filter;
|
||||||
|
}
|
|
@ -312,7 +312,7 @@ _FX BOOLEAN Ipc_Filter_Spooler_Msg(PROCESS* proc, UCHAR uMsg)
|
||||||
WCHAR msg_str[24];
|
WCHAR msg_str[24];
|
||||||
swprintf(msg_str, L" Msg: %02X", (ULONG)uMsg);
|
swprintf(msg_str, L" Msg: %02X", (ULONG)uMsg);
|
||||||
const WCHAR* strings[3] = { L"\\RPC Control\\spoolss", msg_str, NULL };
|
const WCHAR* strings[3] = { L"\\RPC Control\\spoolss", msg_str, NULL };
|
||||||
Session_MonitorPutEx(mon_type, strings, NULL, PsGetCurrentProcessId());
|
Session_MonitorPutEx(mon_type, strings, NULL, PsGetCurrentProcessId(), PsGetCurrentThreadId());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -337,6 +337,6 @@ _FX void Log_Debug_Msg(USHORT type, const WCHAR *string1, const WCHAR *string2)
|
||||||
if (Session_MonitorCount) {
|
if (Session_MonitorCount) {
|
||||||
|
|
||||||
const WCHAR* strings[4] = { string1, L" ", string2, NULL };
|
const WCHAR* strings[4] = { string1, L" ", string2, NULL };
|
||||||
Session_MonitorPutEx(type, strings, NULL, PsGetCurrentProcessId());
|
Session_MonitorPutEx(type, strings, NULL, PsGetCurrentProcessId(), PsGetCurrentThreadId());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -136,6 +136,7 @@ struct _PROCESS {
|
||||||
BOOLEAN file_warn_internet;
|
BOOLEAN file_warn_internet;
|
||||||
BOOLEAN file_warn_direct_access;
|
BOOLEAN file_warn_direct_access;
|
||||||
BOOLEAN AllowInternetAccess;
|
BOOLEAN AllowInternetAccess;
|
||||||
|
BOOLEAN file_open_devapi_cmapi;
|
||||||
|
|
||||||
// key-related
|
// key-related
|
||||||
|
|
||||||
|
@ -156,6 +157,7 @@ struct _PROCESS {
|
||||||
BOOLEAN ipc_warn_startrun;
|
BOOLEAN ipc_warn_startrun;
|
||||||
BOOLEAN ipc_block_password;
|
BOOLEAN ipc_block_password;
|
||||||
BOOLEAN ipc_open_lsa_endpoint;
|
BOOLEAN ipc_open_lsa_endpoint;
|
||||||
|
BOOLEAN ipc_open_sam_endpoint;
|
||||||
BOOLEAN ipc_allowSpoolerPrintToFile;
|
BOOLEAN ipc_allowSpoolerPrintToFile;
|
||||||
BOOLEAN ipc_openPrintSpooler;
|
BOOLEAN ipc_openPrintSpooler;
|
||||||
|
|
||||||
|
|
|
@ -579,7 +579,7 @@ _FX BOOLEAN Session_IsForceDisabled(ULONG SessionId)
|
||||||
_FX void Session_MonitorPut(USHORT type, const WCHAR *name, HANDLE pid)
|
_FX void Session_MonitorPut(USHORT type, const WCHAR *name, HANDLE pid)
|
||||||
{
|
{
|
||||||
const WCHAR* strings[2] = { name, NULL };
|
const WCHAR* strings[2] = { name, NULL };
|
||||||
Session_MonitorPutEx(type, strings, NULL, pid);
|
Session_MonitorPutEx(type, strings, NULL, pid, PsGetCurrentThreadId());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -588,7 +588,7 @@ _FX void Session_MonitorPut(USHORT type, const WCHAR *name, HANDLE pid)
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
_FX void Session_MonitorPutEx(USHORT type, const WCHAR** strings, ULONG* lengths, HANDLE pid)
|
_FX void Session_MonitorPutEx(USHORT type, const WCHAR** strings, ULONG* lengths, HANDLE pid, HANDLE tid)
|
||||||
{
|
{
|
||||||
SESSION *session;
|
SESSION *session;
|
||||||
KIRQL irql;
|
KIRQL irql;
|
||||||
|
@ -600,17 +600,20 @@ _FX void Session_MonitorPutEx(USHORT type, const WCHAR** strings, ULONG* lengths
|
||||||
if (session->monitor_log && *strings[0]) {
|
if (session->monitor_log && *strings[0]) {
|
||||||
|
|
||||||
ULONG64 pid64 = (ULONG64)pid;
|
ULONG64 pid64 = (ULONG64)pid;
|
||||||
|
ULONG64 tid64 = (ULONG64)tid;
|
||||||
|
|
||||||
SIZE_T data_len = 0;
|
SIZE_T data_len = 0;
|
||||||
for(int i=0; strings[i] != NULL; i++)
|
for(int i=0; strings[i] != NULL; i++)
|
||||||
data_len += (lengths ? lengths [i] : wcslen(strings[i])) * sizeof(WCHAR);
|
data_len += (lengths ? lengths [i] : wcslen(strings[i])) * sizeof(WCHAR);
|
||||||
|
|
||||||
//[Type 2][PID 8][Data n*2]
|
//[Type 2][PID 8][TID 8][Data n*2]
|
||||||
SIZE_T entry_size = 2 + 8 + data_len;
|
SIZE_T entry_size = 2 + 8 + 8 + data_len;
|
||||||
|
|
||||||
CHAR* write_ptr = log_buffer_push_entry((LOG_BUFFER_SIZE_T)entry_size, session->monitor_log);
|
CHAR* write_ptr = log_buffer_push_entry((LOG_BUFFER_SIZE_T)entry_size, session->monitor_log);
|
||||||
if (write_ptr) {
|
if (write_ptr) {
|
||||||
log_buffer_push_bytes((CHAR*)&type, 2, &write_ptr, session->monitor_log);
|
log_buffer_push_bytes((CHAR*)&type, 2, &write_ptr, session->monitor_log);
|
||||||
log_buffer_push_bytes((CHAR*)&pid64, 8, &write_ptr, session->monitor_log);
|
log_buffer_push_bytes((CHAR*)&pid64, 8, &write_ptr, session->monitor_log);
|
||||||
|
log_buffer_push_bytes((CHAR*)&tid64, 8, &write_ptr, session->monitor_log);
|
||||||
|
|
||||||
// join strings seamlessly
|
// join strings seamlessly
|
||||||
for (int i = 0; strings[i] != NULL; i++)
|
for (int i = 0; strings[i] != NULL; i++)
|
||||||
|
@ -634,6 +637,7 @@ _FX NTSTATUS Session_Api_MonitorControl(PROCESS *proc, ULONG64 *parms)
|
||||||
API_MONITOR_CONTROL_ARGS *args = (API_MONITOR_CONTROL_ARGS *)parms;
|
API_MONITOR_CONTROL_ARGS *args = (API_MONITOR_CONTROL_ARGS *)parms;
|
||||||
ULONG *in_flag;
|
ULONG *in_flag;
|
||||||
ULONG *out_flag;
|
ULONG *out_flag;
|
||||||
|
ULONG *out_used;
|
||||||
SESSION *session;
|
SESSION *session;
|
||||||
KIRQL irql;
|
KIRQL irql;
|
||||||
BOOLEAN EnableMonitor;
|
BOOLEAN EnableMonitor;
|
||||||
|
@ -657,6 +661,18 @@ _FX NTSTATUS Session_Api_MonitorControl(PROCESS *proc, ULONG64 *parms)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//out_used = args->get_used.val;
|
||||||
|
//if (out_used) {
|
||||||
|
// ProbeForWrite(out_used, sizeof(ULONG), sizeof(ULONG));
|
||||||
|
// *out_used = 0;
|
||||||
|
// session = Session_Get(FALSE, -1, &irql);
|
||||||
|
// if (session) {
|
||||||
|
// if (session->monitor_log)
|
||||||
|
// *out_used = (ULONG)session->monitor_log->buffer_used;
|
||||||
|
// Session_Unlock(irql);
|
||||||
|
// }
|
||||||
|
//}
|
||||||
|
|
||||||
//
|
//
|
||||||
// set status
|
// set status
|
||||||
//
|
//
|
||||||
|
@ -679,7 +695,14 @@ _FX NTSTATUS Session_Api_MonitorControl(PROCESS *proc, ULONG64 *parms)
|
||||||
|
|
||||||
if (EnableMonitor && (! session->monitor_log)) {
|
if (EnableMonitor && (! session->monitor_log)) {
|
||||||
|
|
||||||
|
ULONG BuffSize = Conf_Get_Number(NULL, L"TraceBufferPages", 0, 256) * PAGE_SIZE;
|
||||||
|
|
||||||
|
session->monitor_log = log_buffer_init(BuffSize * sizeof(WCHAR));
|
||||||
|
if (!session->monitor_log) {
|
||||||
|
Log_Msg0(MSG_1201);
|
||||||
session->monitor_log = log_buffer_init(SESSION_MONITOR_BUF_SIZE * sizeof(WCHAR));
|
session->monitor_log = log_buffer_init(SESSION_MONITOR_BUF_SIZE * sizeof(WCHAR));
|
||||||
|
}
|
||||||
|
|
||||||
if (session->monitor_log) {
|
if (session->monitor_log) {
|
||||||
InterlockedIncrement(&Session_MonitorCount);
|
InterlockedIncrement(&Session_MonitorCount);
|
||||||
} else
|
} else
|
||||||
|
@ -925,6 +948,7 @@ _FX NTSTATUS Session_Api_MonitorGetEx(PROCESS *proc, ULONG64 *parms)
|
||||||
ULONG *seq_num;
|
ULONG *seq_num;
|
||||||
USHORT *log_type;
|
USHORT *log_type;
|
||||||
ULONG64 *log_pid;
|
ULONG64 *log_pid;
|
||||||
|
ULONG64* log_tid;
|
||||||
ULONG log_len;
|
ULONG log_len;
|
||||||
WCHAR *log_data;
|
WCHAR *log_data;
|
||||||
SESSION *session;
|
SESSION *session;
|
||||||
|
@ -946,6 +970,10 @@ _FX NTSTATUS Session_Api_MonitorGetEx(PROCESS *proc, ULONG64 *parms)
|
||||||
if (log_pid != NULL)
|
if (log_pid != NULL)
|
||||||
ProbeForWrite(log_pid, sizeof(ULONG64), sizeof(ULONG64));
|
ProbeForWrite(log_pid, sizeof(ULONG64), sizeof(ULONG64));
|
||||||
|
|
||||||
|
log_tid = args->log_tid.val;
|
||||||
|
if (log_tid != NULL)
|
||||||
|
ProbeForWrite(log_tid, sizeof(ULONG64), sizeof(ULONG64));
|
||||||
|
|
||||||
log_len = args->log_len.val / sizeof(WCHAR);
|
log_len = args->log_len.val / sizeof(WCHAR);
|
||||||
if (!log_len)
|
if (!log_len)
|
||||||
return STATUS_INVALID_PARAMETER;
|
return STATUS_INVALID_PARAMETER;
|
||||||
|
@ -992,17 +1020,23 @@ _FX NTSTATUS Session_Api_MonitorGetEx(PROCESS *proc, ULONG64 *parms)
|
||||||
// __leave;
|
// __leave;
|
||||||
//}
|
//}
|
||||||
|
|
||||||
//[Type 2][PID 8][Data n*2]
|
//[Type 2][PID 8][PID 8][Data n*2]
|
||||||
|
|
||||||
log_buffer_get_bytes((CHAR*)log_type, 2, &read_ptr, session->monitor_log);
|
log_buffer_get_bytes((CHAR*)log_type, 2, &read_ptr, session->monitor_log);
|
||||||
|
|
||||||
ULONG64 pid64;
|
ULONG64 pid64;
|
||||||
log_buffer_get_bytes((CHAR*)&pid64, 8, &read_ptr, session->monitor_log);
|
log_buffer_get_bytes((CHAR*)&pid64, 8, &read_ptr, session->monitor_log);
|
||||||
if (log_pid != NULL)
|
if (log_pid != NULL)
|
||||||
*log_pid = pid64;
|
*log_pid = pid64;
|
||||||
|
|
||||||
|
ULONG64 tid64;
|
||||||
|
log_buffer_get_bytes((CHAR*)&tid64, 8, &read_ptr, session->monitor_log);
|
||||||
|
if (log_tid != NULL)
|
||||||
|
*log_tid = tid64;
|
||||||
|
|
||||||
log_len -= sizeof(WCHAR); // reserve room for the termination character
|
log_len -= sizeof(WCHAR); // reserve room for the termination character
|
||||||
if (log_len > entry_size - (2 + 8))
|
if (log_len > entry_size - (2 + 8 + 8))
|
||||||
log_len = entry_size - (2 + 8);
|
log_len = entry_size - (2 + 8 + 8);
|
||||||
log_buffer_get_bytes((CHAR*)log_data, log_len, &read_ptr, session->monitor_log);
|
log_buffer_get_bytes((CHAR*)log_data, log_len, &read_ptr, session->monitor_log);
|
||||||
|
|
||||||
// add required termination character
|
// add required termination character
|
||||||
|
|
|
@ -44,7 +44,7 @@ BOOLEAN Session_IsForceDisabled(ULONG SessionId);
|
||||||
|
|
||||||
void Session_MonitorPut(USHORT type, const WCHAR *name, HANDLE pid);
|
void Session_MonitorPut(USHORT type, const WCHAR *name, HANDLE pid);
|
||||||
|
|
||||||
void Session_MonitorPutEx(USHORT type, const WCHAR** strings, ULONG* lengths, HANDLE pid);
|
void Session_MonitorPutEx(USHORT type, const WCHAR** strings, ULONG* lengths, HANDLE pid, HANDLE tid);
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
|
@ -857,13 +857,12 @@ _FX NTSTATUS Syscall_Api_Invoke(PROCESS *proc, ULONG64 *parms)
|
||||||
if (hConnection)
|
if (hConnection)
|
||||||
{
|
{
|
||||||
WCHAR trace_str[128];
|
WCHAR trace_str[128];
|
||||||
swprintf(trace_str, L"[syscall] t=%06d - %.*S, status = 0x%X, handle = %X; ", //59 chars + entry->name
|
swprintf(trace_str, L"[syscall] %.*S, status = 0x%X, handle = %X; ", //59 chars + entry->name
|
||||||
PsGetCurrentThreadId(),
|
|
||||||
max(strlen(entry->name), 64), entry->name,
|
max(strlen(entry->name), 64), entry->name,
|
||||||
status, hConnection);
|
status, hConnection);
|
||||||
const WCHAR* strings[3] = { trace_str, puStr ? puStr->Buffer : NULL, NULL };
|
const WCHAR* strings[3] = { trace_str, puStr ? puStr->Buffer : NULL, NULL };
|
||||||
ULONG lengths[3] = { wcslen(trace_str), puStr ? puStr->Length / 2 : 0, 0 };
|
ULONG lengths[3] = { wcslen(trace_str), puStr ? puStr->Length / 2 : 0, 0 };
|
||||||
Session_MonitorPutEx(MONITOR_IPC | MONITOR_TRACE, strings, lengths, PsGetCurrentProcessId());
|
Session_MonitorPutEx(MONITOR_IPC | MONITOR_TRACE, strings, lengths, PsGetCurrentProcessId(), PsGetCurrentThreadId());
|
||||||
traced = TRUE;
|
traced = TRUE;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -871,12 +870,11 @@ _FX NTSTATUS Syscall_Api_Invoke(PROCESS *proc, ULONG64 *parms)
|
||||||
if (!traced && ((proc->call_trace & TRACE_ALLOW) || ((status != STATUS_SUCCESS) && (proc->call_trace & TRACE_DENY))))
|
if (!traced && ((proc->call_trace & TRACE_ALLOW) || ((status != STATUS_SUCCESS) && (proc->call_trace & TRACE_DENY))))
|
||||||
{
|
{
|
||||||
WCHAR trace_str[128];
|
WCHAR trace_str[128];
|
||||||
swprintf(trace_str, L"[syscall] t=%06d - %.*S, status = 0x%X", //59 chars + entry->name
|
swprintf(trace_str, L"[syscall] %.*S, status = 0x%X", //59 chars + entry->name
|
||||||
PsGetCurrentThreadId(),
|
|
||||||
max(strlen(entry->name), 64), entry->name,
|
max(strlen(entry->name), 64), entry->name,
|
||||||
status);
|
status);
|
||||||
const WCHAR* strings[2] = { trace_str, NULL };
|
const WCHAR* strings[2] = { trace_str, NULL };
|
||||||
Session_MonitorPutEx(MONITOR_SYSCALL | MONITOR_TRACE, strings, NULL, PsGetCurrentProcessId());
|
Session_MonitorPutEx(MONITOR_SYSCALL | MONITOR_TRACE, strings, NULL, PsGetCurrentProcessId(), PsGetCurrentThreadId());
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef _WIN64
|
#ifdef _WIN64
|
||||||
|
|
|
@ -244,6 +244,51 @@ _FX NTSTATUS Syscall_OpenHandle(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
PUNICODE_STRING puName = NULL;
|
||||||
|
__try {
|
||||||
|
|
||||||
|
if ((strcmp(syscall_entry->name, "ConnectPort") == 0) ||
|
||||||
|
(strcmp(syscall_entry->name, "AlpcConnectPort") == 0))
|
||||||
|
{
|
||||||
|
puName = (UNICODE_STRING*)user_args[1];
|
||||||
|
}
|
||||||
|
else if ((strcmp(syscall_entry->name, "CreateFile") == 0) ||
|
||||||
|
(strcmp(syscall_entry->name, "OpenFile") == 0))
|
||||||
|
{
|
||||||
|
POBJECT_ATTRIBUTES pObj = (POBJECT_ATTRIBUTES)user_args[2];
|
||||||
|
if (pObj && pObj->ObjectName)
|
||||||
|
{
|
||||||
|
puName = pObj->ObjectName;
|
||||||
|
|
||||||
|
ACCESS_MASK DesiredAccess = (ACCESS_MASK)user_args[1];
|
||||||
|
if(!Conf_Get_Boolean(proc->box->name, L"AllowRawDiskRead", 0, FALSE))
|
||||||
|
if (puName->Buffer != NULL && puName->Length > (4 * sizeof(WCHAR)) && wcsncmp(puName->Buffer, L"\\??\\", 4) == 0
|
||||||
|
&& (DesiredAccess & ~(SYNCHRONIZE | READ_CONTROL | FILE_READ_EA | FILE_READ_ATTRIBUTES)) != 0)
|
||||||
|
{
|
||||||
|
if ((puName->Length == (6 * sizeof(WCHAR)) && puName->Buffer[5] == L':') // \??\C:
|
||||||
|
|| wcsncmp(&puName->Buffer[4], L"PhysicalDrive", 13) == 0 // \??\PhysicalDrive1
|
||||||
|
|| wcsncmp(&puName->Buffer[4], L"Volume", 6) == 0) // \??\Volume{2b985816-4b6f-11ea-bd33-48a4725d5bbe}
|
||||||
|
{
|
||||||
|
WCHAR access_str[24];
|
||||||
|
swprintf(access_str, L"(DD) %08X", DesiredAccess);
|
||||||
|
Log_Debug_Msg(MONITOR_DRIVE | MONITOR_DENY, access_str, puName->Buffer);
|
||||||
|
|
||||||
|
if (proc->file_warn_direct_access) {
|
||||||
|
|
||||||
|
//Log_MsgP1(MSG_BLOCKED_DIRECT_DISK_ACCESS, proc->image_name, proc->pid);
|
||||||
|
Process_LogMessage(proc, MSG_BLOCKED_DIRECT_DISK_ACCESS);
|
||||||
|
}
|
||||||
|
|
||||||
|
return STATUS_ACCESS_DENIED;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
__except (EXCEPTION_EXECUTE_HANDLER) {}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// replace the address of the handle in the user stack
|
// replace the address of the handle in the user stack
|
||||||
//
|
//
|
||||||
|
@ -296,14 +341,6 @@ _FX NTSTATUS Syscall_OpenHandle(
|
||||||
|
|
||||||
if (NT_SUCCESS(status)) {
|
if (NT_SUCCESS(status)) {
|
||||||
|
|
||||||
PUNICODE_STRING puName = NULL;
|
|
||||||
|
|
||||||
if ((strcmp(syscall_entry->name, "ConnectPort") == 0) ||
|
|
||||||
(strcmp(syscall_entry->name, "AlpcConnectPort") == 0))
|
|
||||||
{
|
|
||||||
puName = (UNICODE_STRING*)user_args[1];
|
|
||||||
}
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// check the access that was granted to the object
|
// check the access that was granted to the object
|
||||||
//
|
//
|
||||||
|
@ -373,39 +410,9 @@ _FX NTSTATUS Syscall_GetNextProcess(
|
||||||
// Syscall_DeviceIoControlFile
|
// Syscall_DeviceIoControlFile
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
#define FUNCTION_FROM_CTL_CODE(ctrlCode) (((ULONG)(ctrlCode & 0x3f)) >> 2)
|
|
||||||
|
|
||||||
_FX NTSTATUS Syscall_DeviceIoControlFile(
|
#include "file_ctrl.c"
|
||||||
PROCESS *proc, SYSCALL_ENTRY *syscall_entry, ULONG_PTR *user_args)
|
|
||||||
{
|
|
||||||
// filter out dangerous driver calls
|
|
||||||
|
|
||||||
if (DEVICE_TYPE_FROM_CTL_CODE(user_args[5]) == 0x6d) //MOUNTMGRCONTROLTYPE 'm' \Device\MountPointManager
|
|
||||||
{
|
|
||||||
ULONG function;
|
|
||||||
function = FUNCTION_FROM_CTL_CODE(user_args[5]);
|
|
||||||
//DbgPrint("DeviceIoContoleFile, func = %d, p=%06d t=%06d, %S\n", function, PsGetCurrentProcessId(), PsGetCurrentThreadId(), proc->image_name);
|
|
||||||
if (function == 0 || // IOCTL_MOUNTMGR_CREATE_POINT
|
|
||||||
function == 1 || // IOCTL_MOUNTMGR_DELETE_POINTS (DeleteVolumeMountPoint())
|
|
||||||
function == 3 || // IOCTL_MOUNTMGR_DELETE_POINTS_DBONLY
|
|
||||||
function == 6 || // IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED
|
|
||||||
function == 7 || // IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED
|
|
||||||
function == 9) // IOCTL_MOUNTMGR_KEEP_LINKS_WHEN_OFFLINE
|
|
||||||
return STATUS_ACCESS_DENIED;
|
|
||||||
}
|
|
||||||
|
|
||||||
return NtDeviceIoControlFile(
|
|
||||||
(HANDLE)user_args[0], // FileHandle
|
|
||||||
(HANDLE)user_args[1], // Event
|
|
||||||
(PIO_APC_ROUTINE)user_args[2], // ApcRoutine
|
|
||||||
(PVOID)user_args[3], // ApcContext
|
|
||||||
(PIO_STATUS_BLOCK)user_args[4], // IoStatusBlock
|
|
||||||
(ULONG)user_args[5], // IoControlCode
|
|
||||||
(PVOID)user_args[6], // InputBuffer
|
|
||||||
(ULONG)user_args[7], // InputBufferLength
|
|
||||||
(PVOID)user_args[8], // OutBuffer
|
|
||||||
(ULONG)user_args[9]); // OutputBufferLength
|
|
||||||
}
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Syscall_DuplicateHandle
|
// Syscall_DuplicateHandle
|
||||||
|
@ -423,7 +430,6 @@ _FX NTSTATUS Syscall_DuplicateHandle(
|
||||||
HANDLE NewHandle;
|
HANDLE NewHandle;
|
||||||
void *TargetProcessObject;
|
void *TargetProcessObject;
|
||||||
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// if there is a target process handle, keep a record of the
|
// if there is a target process handle, keep a record of the
|
||||||
// associated process object so we can check it later
|
// associated process object so we can check it later
|
||||||
|
|
|
@ -184,7 +184,7 @@ MSG_HEADER *EpMapperServer::EpmapperGetPortNameHandler(MSG_HEADER *msg)
|
||||||
{
|
{
|
||||||
//
|
//
|
||||||
// Note: it seams that chrome.exe resolves GAME_CONFIG_STORE_PORT in one process and accesses from an other
|
// Note: it seams that chrome.exe resolves GAME_CONFIG_STORE_PORT in one process and accesses from an other
|
||||||
// so since here we onlyonly a fre non critical ports we will use PID 0 to open it gloally
|
// so since here we only open non critical ports we will use PID 0 to open them globally
|
||||||
// instead of only for the one process. Todo: make it per sandbox instead
|
// instead of only for the one process. Todo: make it per sandbox instead
|
||||||
//
|
//
|
||||||
|
|
||||||
|
|
|
@ -1462,8 +1462,9 @@ ULONG SbieIniServer::RefreshConf()
|
||||||
char* text_utf8 = NULL;
|
char* text_utf8 = NULL;
|
||||||
if (IsUTF8)
|
if (IsUTF8)
|
||||||
{
|
{
|
||||||
text_utf8 = (char*)HeapAlloc(GetProcessHeap(), 0, lenToWrite + 16);
|
ULONG utf8_len = WideCharToMultiByte(CP_UTF8, 0, m_text_base, lenToWrite / sizeof(WCHAR), NULL, 0, NULL, NULL);
|
||||||
lenToWrite = WideCharToMultiByte(CP_UTF8, 0, m_text_base, lenToWrite / sizeof(WCHAR), text_utf8, lenToWrite + 16, NULL, NULL);
|
text_utf8 = (char*)HeapAlloc(GetProcessHeap(), 0, utf8_len);
|
||||||
|
lenToWrite = WideCharToMultiByte(CP_UTF8, 0, m_text_base, lenToWrite / sizeof(WCHAR), text_utf8, utf8_len, NULL, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
ULONG lenWritten = 0;
|
ULONG lenWritten = 0;
|
||||||
|
@ -1735,6 +1736,8 @@ MSG_HEADER *SbieIniServer::RunSbieCtrl(HANDLE idProcess, bool isSandboxed)
|
||||||
|
|
||||||
WCHAR *args;
|
WCHAR *args;
|
||||||
if (isSandboxed)
|
if (isSandboxed)
|
||||||
|
args = NULL;
|
||||||
|
else if (*ctrlName)
|
||||||
args = L" -autorun";
|
args = L" -autorun";
|
||||||
else
|
else
|
||||||
args = L" /open /sync";
|
args = L" /open /sync";
|
||||||
|
|
Binary file not shown.
|
@ -1223,6 +1223,10 @@ Allow direct access to Windows Font Cache
|
||||||
Allow direct access to qWave driver (Google Hangouts)
|
Allow direct access to qWave driver (Google Hangouts)
|
||||||
.
|
.
|
||||||
|
|
||||||
|
3460;txt;01
|
||||||
|
Function hooking customizations
|
||||||
|
.
|
||||||
|
|
||||||
3461;txt;01
|
3461;txt;01
|
||||||
&Run Sandboxed
|
&Run Sandboxed
|
||||||
.
|
.
|
||||||
|
|
|
@ -2232,7 +2232,7 @@ I file e le cartelle di rete sono normalmente visibili alle applicazioni present
|
||||||
.
|
.
|
||||||
|
|
||||||
3957;txt;01
|
3957;txt;01
|
||||||
Per impedire alle applicazioni presenti nell'area virtuale di accedere a file e cartelle di rete, è possibile attivare questa impostazione. I file e le cartelle di rete possono essere aperti per le applicazioni dell'area virtuale, aggiungendoli sotto Accesso alle risorse -> Accesso ai file.
|
Per impedire alle applicazioni presenti nell'area virtuale di accedere a file e cartelle di rete, è possibile attivare questa funzione. I file e le cartelle di rete possono essere aperti alle applicazioni dell'area virtuale nella sezione Accesso alle risorse -> Accesso ai file.
|
||||||
.
|
.
|
||||||
|
|
||||||
3958;txt;01
|
3958;txt;01
|
||||||
|
|
|
@ -21,7 +21,7 @@ CFinder::CFinder(QObject* pFilterTarget, QWidget *parent, bool HighLightOption)
|
||||||
:QWidget(parent)
|
:QWidget(parent)
|
||||||
{
|
{
|
||||||
m_pSearchLayout = new QHBoxLayout();
|
m_pSearchLayout = new QHBoxLayout();
|
||||||
m_pSearchLayout->setMargin(3);
|
m_pSearchLayout->setMargin(0);
|
||||||
m_pSearchLayout->setSpacing(3);
|
m_pSearchLayout->setSpacing(3);
|
||||||
m_pSearchLayout->setAlignment(Qt::AlignLeft);
|
m_pSearchLayout->setAlignment(Qt::AlignLeft);
|
||||||
|
|
||||||
|
@ -29,8 +29,8 @@ CFinder::CFinder(QObject* pFilterTarget, QWidget *parent, bool HighLightOption)
|
||||||
m_pSearch->setMinimumWidth(150);
|
m_pSearch->setMinimumWidth(150);
|
||||||
m_pSearch->setMaximumWidth(350);
|
m_pSearch->setMaximumWidth(350);
|
||||||
m_pSearchLayout->addWidget(m_pSearch);
|
m_pSearchLayout->addWidget(m_pSearch);
|
||||||
QObject::connect(m_pSearch, SIGNAL(textChanged(QString)), this, SLOT(OnUpdate()));
|
QObject::connect(m_pSearch, SIGNAL(textChanged(QString)), this, SLOT(OnText()));
|
||||||
//QObject::connect(m_pSearch, SIGNAL(returnPressed()), this, SLOT(_q_next()));
|
QObject::connect(m_pSearch, SIGNAL(returnPressed()), this, SLOT(OnReturn()));
|
||||||
|
|
||||||
m_pCaseSensitive = new QCheckBox(tr("Case Sensitive"));
|
m_pCaseSensitive = new QCheckBox(tr("Case Sensitive"));
|
||||||
m_pSearchLayout->addWidget(m_pCaseSensitive);
|
m_pSearchLayout->addWidget(m_pCaseSensitive);
|
||||||
|
@ -48,6 +48,7 @@ CFinder::CFinder(QObject* pFilterTarget, QWidget *parent, bool HighLightOption)
|
||||||
if (HighLightOption)
|
if (HighLightOption)
|
||||||
{
|
{
|
||||||
m_pHighLight = new QCheckBox(tr("Highlight"));
|
m_pHighLight = new QCheckBox(tr("Highlight"));
|
||||||
|
m_pHighLight->setChecked(true);
|
||||||
m_pSearchLayout->addWidget(m_pHighLight);
|
m_pSearchLayout->addWidget(m_pHighLight);
|
||||||
connect(m_pHighLight, SIGNAL(stateChanged(int)), this, SLOT(OnUpdate()));
|
connect(m_pHighLight, SIGNAL(stateChanged(int)), this, SLOT(OnUpdate()));
|
||||||
}
|
}
|
||||||
|
@ -67,7 +68,9 @@ CFinder::CFinder(QObject* pFilterTarget, QWidget *parent, bool HighLightOption)
|
||||||
|
|
||||||
setLayout(m_pSearchLayout);
|
setLayout(m_pSearchLayout);
|
||||||
|
|
||||||
setMaximumHeight(30);
|
setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Fixed);
|
||||||
|
|
||||||
|
//setMaximumHeight(30);
|
||||||
|
|
||||||
hide();
|
hide();
|
||||||
|
|
||||||
|
@ -81,14 +84,34 @@ CFinder::CFinder(QObject* pFilterTarget, QWidget *parent, bool HighLightOption)
|
||||||
}
|
}
|
||||||
|
|
||||||
m_pSortProxy = qobject_cast<QSortFilterProxyModel*>(pFilterTarget);
|
m_pSortProxy = qobject_cast<QSortFilterProxyModel*>(pFilterTarget);
|
||||||
if (pFilterTarget)
|
if (pFilterTarget) {
|
||||||
QObject::connect(this, SIGNAL(SetFilter(const QRegExp&, bool, int)), pFilterTarget, SLOT(SetFilter(const QRegExp&, bool, int)));
|
QObject::connect(this, SIGNAL(SetFilter(const QRegExp&, bool, int)), pFilterTarget, SLOT(SetFilter(const QRegExp&, bool, int)));
|
||||||
|
QObject::connect(this, SIGNAL(SelectNext()), pFilterTarget, SLOT(SelectNext()));
|
||||||
|
}
|
||||||
|
|
||||||
|
m_pTimer = new QTimer(this);
|
||||||
|
m_pTimer->setSingleShot(true);
|
||||||
|
m_pTimer->setInterval(500);
|
||||||
|
connect(m_pTimer, SIGNAL(timeout()), SLOT(OnUpdate()));
|
||||||
|
|
||||||
|
this->installEventFilter(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
CFinder::~CFinder()
|
CFinder::~CFinder()
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool CFinder::eventFilter(QObject* source, QEvent* event)
|
||||||
|
{
|
||||||
|
if (event->type() == QEvent::KeyPress && ((QKeyEvent*)event)->key() == Qt::Key_Escape
|
||||||
|
&& ((QKeyEvent*)event)->modifiers() == Qt::NoModifier)
|
||||||
|
{
|
||||||
|
Close();
|
||||||
|
return true; // cancel event
|
||||||
|
}
|
||||||
|
|
||||||
|
return QWidget::eventFilter(source, event);
|
||||||
|
}
|
||||||
|
|
||||||
void CFinder::Open()
|
void CFinder::Open()
|
||||||
{
|
{
|
||||||
|
@ -115,9 +138,23 @@ QRegExp CFinder::GetRegExp() const
|
||||||
|
|
||||||
void CFinder::OnUpdate()
|
void CFinder::OnUpdate()
|
||||||
{
|
{
|
||||||
|
m_pTimer->stop();
|
||||||
emit SetFilter(GetRegExp(), GetHighLight(), GetColumn());
|
emit SetFilter(GetRegExp(), GetHighLight(), GetColumn());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void CFinder::OnText()
|
||||||
|
{
|
||||||
|
m_pTimer->stop();
|
||||||
|
m_pTimer->start();
|
||||||
|
}
|
||||||
|
|
||||||
|
void CFinder::OnReturn()
|
||||||
|
{
|
||||||
|
OnUpdate();
|
||||||
|
if (m_pHighLight->isChecked())
|
||||||
|
emit SelectNext();
|
||||||
|
}
|
||||||
|
|
||||||
void CFinder::Close()
|
void CFinder::Close()
|
||||||
{
|
{
|
||||||
emit SetFilter(QRegExp());
|
emit SetFilter(QRegExp());
|
||||||
|
|
|
@ -18,12 +18,20 @@ public:
|
||||||
|
|
||||||
signals:
|
signals:
|
||||||
void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Column = -1);
|
void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Column = -1);
|
||||||
|
void SelectNext();
|
||||||
|
|
||||||
public slots:
|
public slots:
|
||||||
void Open();
|
void Open();
|
||||||
void OnUpdate();
|
|
||||||
void Close();
|
void Close();
|
||||||
|
|
||||||
|
private slots:
|
||||||
|
void OnUpdate();
|
||||||
|
void OnText();
|
||||||
|
void OnReturn();
|
||||||
|
|
||||||
|
protected:
|
||||||
|
bool eventFilter(QObject* source, QEvent* event);
|
||||||
|
|
||||||
private:
|
private:
|
||||||
|
|
||||||
QHBoxLayout* m_pSearchLayout;
|
QHBoxLayout* m_pSearchLayout;
|
||||||
|
@ -35,4 +43,6 @@ private:
|
||||||
QCheckBox* m_pHighLight;
|
QCheckBox* m_pHighLight;
|
||||||
|
|
||||||
QSortFilterProxyModel* m_pSortProxy;
|
QSortFilterProxyModel* m_pSortProxy;
|
||||||
|
|
||||||
|
QTimer* m_pTimer;
|
||||||
};
|
};
|
|
@ -152,6 +152,8 @@ public:
|
||||||
m_pSortProxy->setDynamicSortFilter(true);
|
m_pSortProxy->setDynamicSortFilter(true);
|
||||||
|
|
||||||
m_pTreeList->setModel(m_pSortProxy);
|
m_pTreeList->setModel(m_pSortProxy);
|
||||||
|
((CSortFilterProxyModel*)m_pSortProxy)->setView(m_pTreeList);
|
||||||
|
|
||||||
|
|
||||||
m_pTreeList->setSelectionMode(QAbstractItemView::ExtendedSelection);
|
m_pTreeList->setSelectionMode(QAbstractItemView::ExtendedSelection);
|
||||||
#ifdef WIN32
|
#ifdef WIN32
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
#pragma once
|
#pragma once
|
||||||
|
|
||||||
#include "../mischelpers_global.h"
|
#include "../mischelpers_global.h"
|
||||||
|
#include <QSortFilterProxyModel>
|
||||||
|
#include <QTreeView>
|
||||||
|
|
||||||
class MISCHELPERS_EXPORT CSortFilterProxyModel: public QSortFilterProxyModel
|
class MISCHELPERS_EXPORT CSortFilterProxyModel: public QSortFilterProxyModel
|
||||||
{
|
{
|
||||||
|
@ -11,10 +13,17 @@ public:
|
||||||
{
|
{
|
||||||
m_bAlternate = bAlternate;
|
m_bAlternate = bAlternate;
|
||||||
m_bHighLight = false;
|
m_bHighLight = false;
|
||||||
|
m_iColumn = 0;
|
||||||
|
m_pView = NULL;
|
||||||
|
|
||||||
this->setSortCaseSensitivity(Qt::CaseInsensitive);
|
this->setSortCaseSensitivity(Qt::CaseInsensitive);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void setView(QTreeView* pView)
|
||||||
|
{
|
||||||
|
m_pView = pView;
|
||||||
|
}
|
||||||
|
|
||||||
bool filterAcceptsRow(int source_row, const QModelIndex & source_parent) const
|
bool filterAcceptsRow(int source_row, const QModelIndex & source_parent) const
|
||||||
{
|
{
|
||||||
if (m_bHighLight)
|
if (m_bHighLight)
|
||||||
|
@ -73,12 +82,126 @@ public:
|
||||||
public slots:
|
public slots:
|
||||||
void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Col = -1) // -1 = any
|
void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Col = -1) // -1 = any
|
||||||
{
|
{
|
||||||
|
QModelIndex idx;
|
||||||
|
if (m_pView) idx = m_pView->currentIndex();
|
||||||
|
m_iColumn = Col;
|
||||||
m_bHighLight = bHighLight;
|
m_bHighLight = bHighLight;
|
||||||
setFilterKeyColumn(Col);
|
setFilterKeyColumn(Col);
|
||||||
setFilterRegExp(Exp);
|
setFilterRegExp(Exp);
|
||||||
|
if (m_pView) m_pView->setCurrentIndex(idx);
|
||||||
|
if (m_bHighLight)
|
||||||
|
emit layoutChanged();
|
||||||
|
}
|
||||||
|
|
||||||
|
void SelectNext()
|
||||||
|
{
|
||||||
|
if (!m_pView)
|
||||||
|
return;
|
||||||
|
|
||||||
|
bool next = true;
|
||||||
|
QModelIndex idx = m_pView->currentIndex();
|
||||||
|
if (!(next = idx.isValid()))
|
||||||
|
idx = index(0, 0);
|
||||||
|
|
||||||
|
//if (QApplication::keyboardModifiers() & Qt::ControlModifier)
|
||||||
|
if (QApplication::keyboardModifiers() & Qt::ShiftModifier)
|
||||||
|
idx = FindPrev(idx, next);
|
||||||
|
else
|
||||||
|
idx = FindNext(idx, next);
|
||||||
|
|
||||||
|
if (idx.isValid())
|
||||||
|
m_pView->setCurrentIndex(idx);
|
||||||
|
else
|
||||||
|
QApplication::beep();
|
||||||
}
|
}
|
||||||
|
|
||||||
protected:
|
protected:
|
||||||
bool m_bAlternate;
|
bool m_bAlternate;
|
||||||
bool m_bHighLight;
|
bool m_bHighLight;
|
||||||
|
int m_iColumn;
|
||||||
|
QTreeView* m_pView;
|
||||||
|
|
||||||
|
bool MatchCell(QModelIndex idx, int column)
|
||||||
|
{
|
||||||
|
QModelIndex tmp = idx.sibling(idx.row(), column);
|
||||||
|
|
||||||
|
QString str = data(tmp, filterRole()).toString();
|
||||||
|
if (str.contains(filterRegExp()))
|
||||||
|
return true;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool MatchRow(QModelIndex idx)
|
||||||
|
{
|
||||||
|
if (m_iColumn != -1)
|
||||||
|
return MatchCell(idx, m_iColumn);
|
||||||
|
|
||||||
|
for(int col = 0; col < columnCount(idx); col++) {
|
||||||
|
if (MatchCell(idx, col))
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
QModelIndex FindNext(QModelIndex idx, bool next = false)
|
||||||
|
{
|
||||||
|
if (MatchRow(idx) && !next)
|
||||||
|
return idx;
|
||||||
|
|
||||||
|
if (hasChildren(idx))
|
||||||
|
{
|
||||||
|
int numRows = rowCount(idx);
|
||||||
|
for (int count = 0; count < numRows; count++) {
|
||||||
|
QModelIndex tmp = FindNext(index(count, 0, idx));
|
||||||
|
if (tmp.isValid())
|
||||||
|
return tmp;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
do {
|
||||||
|
QModelIndex par = parent(idx);
|
||||||
|
|
||||||
|
int numRows = rowCount(par);
|
||||||
|
for (int count = idx.row() + 1; count < numRows; count++) {
|
||||||
|
QModelIndex tmp = FindNext(index(count, 0, par));
|
||||||
|
if (tmp.isValid())
|
||||||
|
return tmp;
|
||||||
|
}
|
||||||
|
|
||||||
|
idx = par;
|
||||||
|
} while (idx.isValid());
|
||||||
|
|
||||||
|
return QModelIndex();
|
||||||
|
}
|
||||||
|
|
||||||
|
QModelIndex FindPrev(QModelIndex idx, bool next = false)
|
||||||
|
{
|
||||||
|
if (MatchRow(idx) && !next)
|
||||||
|
return idx;
|
||||||
|
|
||||||
|
if (hasChildren(idx))
|
||||||
|
{
|
||||||
|
int numRows = rowCount(idx);
|
||||||
|
for (int count = numRows-1; count >= 0; count++) {
|
||||||
|
QModelIndex tmp = FindNext(index(count, 0, idx));
|
||||||
|
if (tmp.isValid())
|
||||||
|
return tmp;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
do {
|
||||||
|
QModelIndex par = parent(idx);
|
||||||
|
|
||||||
|
int numRows = rowCount(par);
|
||||||
|
for (int count = idx.row() - 1; count >= 0; count--) {
|
||||||
|
QModelIndex tmp = FindNext(index(count, 0, par));
|
||||||
|
if (tmp.isValid())
|
||||||
|
return tmp;
|
||||||
|
}
|
||||||
|
|
||||||
|
idx = par;
|
||||||
|
} while (idx.isValid());
|
||||||
|
|
||||||
|
return QModelIndex();
|
||||||
|
}
|
||||||
};
|
};
|
|
@ -9,6 +9,7 @@ HEADERS += ./qsbieapi_global.h \
|
||||||
./SbieDefs.h \
|
./SbieDefs.h \
|
||||||
./SbieUtils.h \
|
./SbieUtils.h \
|
||||||
./SbieAPI.h \
|
./SbieAPI.h \
|
||||||
|
./SbieTrace.h \
|
||||||
./SbieStatus.h \
|
./SbieStatus.h \
|
||||||
./Sandboxie/BoxedProcess.h \
|
./Sandboxie/BoxedProcess.h \
|
||||||
./Sandboxie/SandBox.h \
|
./Sandboxie/SandBox.h \
|
||||||
|
@ -19,6 +20,7 @@ HEADERS += ./qsbieapi_global.h \
|
||||||
|
|
||||||
SOURCES += ./stdafx.cpp \
|
SOURCES += ./stdafx.cpp \
|
||||||
./SbieAPI.cpp \
|
./SbieAPI.cpp \
|
||||||
|
./SbieTrace.cpp \
|
||||||
./SbieUtils.cpp \
|
./SbieUtils.cpp \
|
||||||
./Sandboxie/BoxBorder.cpp \
|
./Sandboxie/BoxBorder.cpp \
|
||||||
./Sandboxie/BoxedProcess.cpp \
|
./Sandboxie/BoxedProcess.cpp \
|
||||||
|
|
|
@ -33,3 +33,6 @@ DEPENDPATH += .
|
||||||
|
|
||||||
|
|
||||||
include(QSbieAPI.pri)
|
include(QSbieAPI.pri)
|
||||||
|
|
||||||
|
win32:RC_FILE = QSbieAPI.rc
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,68 @@
|
||||||
|
// Microsoft Visual C++ generated resource script.
|
||||||
|
//
|
||||||
|
#include "resource.h"
|
||||||
|
/////////////////////////////////////////////////////////////////////////////
|
||||||
|
// German (Austria) resources
|
||||||
|
|
||||||
|
#include "winres.h"
|
||||||
|
|
||||||
|
#include "../version.h"
|
||||||
|
|
||||||
|
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_DEA)
|
||||||
|
LANGUAGE LANG_GERMAN, SUBLANG_GERMAN_AUSTRIAN
|
||||||
|
#pragma code_page(1252)
|
||||||
|
|
||||||
|
|
||||||
|
/////////////////////////////////////////////////////////////////////////////
|
||||||
|
//
|
||||||
|
// Version
|
||||||
|
//
|
||||||
|
|
||||||
|
VS_VERSION_INFO VERSIONINFO
|
||||||
|
FILEVERSION VERSION_BIN
|
||||||
|
PRODUCTVERSION VERSION_BIN
|
||||||
|
FILEFLAGSMASK 0x3fL
|
||||||
|
#ifdef _DEBUG
|
||||||
|
FILEFLAGS 0x1L
|
||||||
|
#else
|
||||||
|
FILEFLAGS 0x0L
|
||||||
|
#endif
|
||||||
|
FILEOS 0x40004L
|
||||||
|
FILETYPE 0x1L
|
||||||
|
FILESUBTYPE 0x0L
|
||||||
|
BEGIN
|
||||||
|
BLOCK "StringFileInfo"
|
||||||
|
BEGIN
|
||||||
|
BLOCK "0c0704b0"
|
||||||
|
BEGIN
|
||||||
|
VALUE "CompanyName", MY_COMPANY_NAME_STRING
|
||||||
|
VALUE "FileDescription", "Sandboxie API for Qt"
|
||||||
|
VALUE "FileVersion", VERSION_STR
|
||||||
|
VALUE "InternalName", "QSbieAPI.dll"
|
||||||
|
VALUE "LegalCopyright", MY_COPYRIGHT_STRING
|
||||||
|
VALUE "OriginalFilename", "QSbieAPI.dll"
|
||||||
|
VALUE "ProductName", MY_PRODUCT_NAME_STRING
|
||||||
|
VALUE "ProductVersion", VERSION_STR
|
||||||
|
END
|
||||||
|
END
|
||||||
|
BLOCK "VarFileInfo"
|
||||||
|
BEGIN
|
||||||
|
VALUE "Translation", 0xc07, 1200
|
||||||
|
END
|
||||||
|
END
|
||||||
|
|
||||||
|
#endif // German (Austria) resources
|
||||||
|
/////////////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef APSTUDIO_INVOKED
|
||||||
|
/////////////////////////////////////////////////////////////////////////////
|
||||||
|
//
|
||||||
|
// Generated from the TEXTINCLUDE 3 resource.
|
||||||
|
//
|
||||||
|
|
||||||
|
|
||||||
|
/////////////////////////////////////////////////////////////////////////////
|
||||||
|
#endif // not APSTUDIO_INVOKED
|
||||||
|
|
|
@ -196,6 +196,7 @@
|
||||||
<ClCompile Include="Sandboxie\SbieIni.cpp" />
|
<ClCompile Include="Sandboxie\SbieIni.cpp" />
|
||||||
<ClCompile Include="Sandboxie\SbieTemplates.cpp" />
|
<ClCompile Include="Sandboxie\SbieTemplates.cpp" />
|
||||||
<ClCompile Include="SbieAPI.cpp" />
|
<ClCompile Include="SbieAPI.cpp" />
|
||||||
|
<ClCompile Include="SbieTrace.cpp" />
|
||||||
<ClCompile Include="SbieUtils.cpp" />
|
<ClCompile Include="SbieUtils.cpp" />
|
||||||
<ClCompile Include="stdafx.cpp">
|
<ClCompile Include="stdafx.cpp">
|
||||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
|
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
|
||||||
|
@ -214,11 +215,16 @@
|
||||||
<QtMoc Include="Sandboxie\SbieIni.h" />
|
<QtMoc Include="Sandboxie\SbieIni.h" />
|
||||||
<QtMoc Include="Sandboxie\BoxBorder.h" />
|
<QtMoc Include="Sandboxie\BoxBorder.h" />
|
||||||
<QtMoc Include="Sandboxie\SbieTemplates.h" />
|
<QtMoc Include="Sandboxie\SbieTemplates.h" />
|
||||||
|
<ClInclude Include="resource.h" />
|
||||||
<ClInclude Include="SbieDefs.h" />
|
<ClInclude Include="SbieDefs.h" />
|
||||||
<QtMoc Include="SbieStatus.h" />
|
<QtMoc Include="SbieStatus.h" />
|
||||||
|
<ClInclude Include="SbieTrace.h" />
|
||||||
<ClInclude Include="SbieUtils.h" />
|
<ClInclude Include="SbieUtils.h" />
|
||||||
<ClInclude Include="stdafx.h" />
|
<ClInclude Include="stdafx.h" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
<ItemGroup>
|
||||||
|
<ResourceCompile Include="QSbieAPI.rc" />
|
||||||
|
</ItemGroup>
|
||||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||||
<ImportGroup Condition="Exists('$(QtMsBuild)\qt.targets')">
|
<ImportGroup Condition="Exists('$(QtMsBuild)\qt.targets')">
|
||||||
<Import Project="$(QtMsBuild)\qt.targets" />
|
<Import Project="$(QtMsBuild)\qt.targets" />
|
||||||
|
|
|
@ -57,6 +57,9 @@
|
||||||
<ClCompile Include="Helpers\NtIO.cpp">
|
<ClCompile Include="Helpers\NtIO.cpp">
|
||||||
<Filter>Helpers</Filter>
|
<Filter>Helpers</Filter>
|
||||||
</ClCompile>
|
</ClCompile>
|
||||||
|
<ClCompile Include="SbieTrace.cpp">
|
||||||
|
<Filter>SbieAPI</Filter>
|
||||||
|
</ClCompile>
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<ClInclude Include="stdafx.h">
|
<ClInclude Include="stdafx.h">
|
||||||
|
@ -74,6 +77,12 @@
|
||||||
<ClInclude Include="Helpers\NtIO.h">
|
<ClInclude Include="Helpers\NtIO.h">
|
||||||
<Filter>Helpers</Filter>
|
<Filter>Helpers</Filter>
|
||||||
</ClInclude>
|
</ClInclude>
|
||||||
|
<ClInclude Include="resource.h">
|
||||||
|
<Filter>Resource Files</Filter>
|
||||||
|
</ClInclude>
|
||||||
|
<ClInclude Include="SbieTrace.h">
|
||||||
|
<Filter>SbieAPI</Filter>
|
||||||
|
</ClInclude>
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<ClInclude Include="qsbieapi_global.h">
|
<ClInclude Include="qsbieapi_global.h">
|
||||||
|
@ -103,4 +112,9 @@
|
||||||
<Filter>Sandboxie</Filter>
|
<Filter>Sandboxie</Filter>
|
||||||
</QtMoc>
|
</QtMoc>
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
<ItemGroup>
|
||||||
|
<ResourceCompile Include="QSbieAPI.rc">
|
||||||
|
<Filter>Resource Files</Filter>
|
||||||
|
</ResourceCompile>
|
||||||
|
</ItemGroup>
|
||||||
</Project>
|
</Project>
|
|
@ -81,7 +81,7 @@ CSandBox::CSandBox(const QString& BoxName, class CSbieAPI* pAPI) : CSbieIni(BoxN
|
||||||
if (cfglvl < 8)
|
if (cfglvl < 8)
|
||||||
{
|
{
|
||||||
// templates L8
|
// templates L8
|
||||||
InsertText("Template", "FileCppy");
|
InsertText("Template", "FileCopy");
|
||||||
InsertText("Template", "SkipHook");
|
InsertText("Template", "SkipHook");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -96,9 +96,9 @@ void CSandBox::UpdateDetails()
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
SB_STATUS CSandBox::RunStart(const QString& Command)
|
SB_STATUS CSandBox::RunStart(const QString& Command, bool Elevated)
|
||||||
{
|
{
|
||||||
return m_pAPI->RunStart(m_Name, Command);
|
return m_pAPI->RunStart(m_Name, Command, NULL, Elevated);
|
||||||
}
|
}
|
||||||
|
|
||||||
SB_STATUS CSandBox::RunSandboxed(const QString& Command)
|
SB_STATUS CSandBox::RunSandboxed(const QString& Command)
|
||||||
|
@ -111,7 +111,7 @@ SB_STATUS CSandBox::TerminateAll()
|
||||||
return m_pAPI->TerminateAll(m_Name);
|
return m_pAPI->TerminateAll(m_Name);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool CSandBox::IsEmpty()
|
bool CSandBox::IsEmpty() const
|
||||||
{
|
{
|
||||||
return !QDir(m_FilePath).exists();
|
return !QDir(m_FilePath).exists();
|
||||||
}
|
}
|
||||||
|
|
|
@ -50,15 +50,15 @@ public:
|
||||||
|
|
||||||
virtual int GetActiveProcessCount() const { return m_ActiveProcessCount; }
|
virtual int GetActiveProcessCount() const { return m_ActiveProcessCount; }
|
||||||
|
|
||||||
virtual SB_STATUS RunStart(const QString& Command);
|
virtual SB_STATUS RunStart(const QString& Command, bool Elevated = false);
|
||||||
virtual SB_STATUS RunSandboxed(const QString& Command);
|
virtual SB_STATUS RunSandboxed(const QString& Command);
|
||||||
virtual SB_STATUS TerminateAll();
|
virtual SB_STATUS TerminateAll();
|
||||||
|
|
||||||
virtual void CloseBox() {}
|
virtual void CloseBox() {}
|
||||||
|
|
||||||
virtual bool IsEnabled() { return m_IsEnabled; }
|
virtual bool IsEnabled() const { return m_IsEnabled; }
|
||||||
|
|
||||||
virtual bool IsEmpty();
|
virtual bool IsEmpty() const;
|
||||||
virtual SB_PROGRESS CleanBox();
|
virtual SB_PROGRESS CleanBox();
|
||||||
virtual SB_STATUS RenameBox(const QString& NewName);
|
virtual SB_STATUS RenameBox(const QString& NewName);
|
||||||
virtual SB_STATUS RemoveBox();
|
virtual SB_STATUS RemoveBox();
|
||||||
|
|
|
@ -282,7 +282,7 @@ SB_STATUS CSbieAPI::Connect(bool withQueue)
|
||||||
|
|
||||||
#ifndef _DEBUG
|
#ifndef _DEBUG
|
||||||
// Note: this lib is not using all functions hence it can be compatible with multiple driver ABI revisions
|
// Note: this lib is not using all functions hence it can be compatible with multiple driver ABI revisions
|
||||||
QStringList CompatVersions = QStringList () << "5.45.0" << "5.46.0";
|
QStringList CompatVersions = QStringList () << "5.48.0";
|
||||||
QString CurVersion = GetVersion();
|
QString CurVersion = GetVersion();
|
||||||
if (!CompatVersions.contains(CurVersion))
|
if (!CompatVersions.contains(CurVersion))
|
||||||
{
|
{
|
||||||
|
@ -900,12 +900,12 @@ QString CSbieAPI::GetUserSection() const
|
||||||
return UserSection;
|
return UserSection;
|
||||||
}
|
}
|
||||||
|
|
||||||
SB_STATUS CSbieAPI::RunStart(const QString& BoxName, const QString& Command, QProcess* pProcess)
|
SB_STATUS CSbieAPI::RunStart(const QString& BoxName, const QString& Command, QProcess* pProcess, bool Elevated)
|
||||||
{
|
{
|
||||||
if (m_SbiePath.isEmpty())
|
if (m_SbiePath.isEmpty())
|
||||||
return SB_ERR(SB_PathFail);
|
return SB_ERR(SB_PathFail);
|
||||||
|
|
||||||
QString StartCmd = "\"" + GetStartPath() + "\" /box:" + BoxName + " " + Command;
|
QString StartCmd = "\"" + GetStartPath() + "\"" + (Elevated ? " /elevated" : "" ) + " /box:" + BoxName + " " + Command;
|
||||||
if (pProcess)
|
if (pProcess)
|
||||||
pProcess->start(StartCmd);
|
pProcess->start(StartCmd);
|
||||||
else
|
else
|
||||||
|
@ -1864,6 +1864,8 @@ bool CSbieAPI::AreForceProcessDisabled()
|
||||||
|
|
||||||
SB_STATUS CSbieAPI__MonitorControl(SSbieAPI* m, ULONG *NewState, ULONG *OldState)
|
SB_STATUS CSbieAPI__MonitorControl(SSbieAPI* m, ULONG *NewState, ULONG *OldState)
|
||||||
{
|
{
|
||||||
|
//ULONG Used = 0;
|
||||||
|
|
||||||
__declspec(align(8)) ULONG64 parms[API_NUM_ARGS];
|
__declspec(align(8)) ULONG64 parms[API_NUM_ARGS];
|
||||||
API_MONITOR_CONTROL_ARGS* args = (API_MONITOR_CONTROL_ARGS*)parms;
|
API_MONITOR_CONTROL_ARGS* args = (API_MONITOR_CONTROL_ARGS*)parms;
|
||||||
|
|
||||||
|
@ -1871,10 +1873,14 @@ SB_STATUS CSbieAPI__MonitorControl(SSbieAPI* m, ULONG *NewState, ULONG *OldState
|
||||||
args->func_code = API_MONITOR_CONTROL;
|
args->func_code = API_MONITOR_CONTROL;
|
||||||
args->set_flag.val = NewState;
|
args->set_flag.val = NewState;
|
||||||
args->get_flag.val = OldState;
|
args->get_flag.val = OldState;
|
||||||
|
//args->get_used.val = &Used;
|
||||||
|
|
||||||
NTSTATUS status = m->IoControl(parms);
|
NTSTATUS status = m->IoControl(parms);
|
||||||
if (!NT_SUCCESS(status))
|
if (!NT_SUCCESS(status))
|
||||||
return SB_ERR(status);
|
return SB_ERR(status);
|
||||||
|
|
||||||
|
//qDebug() << "used bytes" << (quint32)Used;
|
||||||
|
|
||||||
return SB_OK;
|
return SB_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1896,7 +1902,8 @@ bool CSbieAPI::GetMonitor()
|
||||||
const int max_len = 1024;
|
const int max_len = 1024;
|
||||||
|
|
||||||
USHORT type;
|
USHORT type;
|
||||||
ULONG64 pid;
|
ULONG64 pid = 0;
|
||||||
|
ULONG64 tid = 0;
|
||||||
WCHAR data[max_len + 1] = { 0 };
|
WCHAR data[max_len + 1] = { 0 };
|
||||||
|
|
||||||
ULONG RecordNum = m->lastRecordNum;
|
ULONG RecordNum = m->lastRecordNum;
|
||||||
|
@ -1906,9 +1913,10 @@ bool CSbieAPI::GetMonitor()
|
||||||
|
|
||||||
memset(parms, 0, sizeof(parms));
|
memset(parms, 0, sizeof(parms));
|
||||||
args->func_code = API_MONITOR_GET_EX;
|
args->func_code = API_MONITOR_GET_EX;
|
||||||
args->log_seq.val = &RecordNum;
|
args->log_seq.val = &RecordNum; // set this to NULL for record clearing
|
||||||
args->log_type.val = &type;
|
args->log_type.val = &type;
|
||||||
args->log_pid.val = &pid;
|
args->log_pid.val = &pid;
|
||||||
|
args->log_tid.val = &tid;
|
||||||
args->log_len.val = max_len * sizeof(WCHAR);
|
args->log_len.val = max_len * sizeof(WCHAR);
|
||||||
args->log_ptr.val = data;
|
args->log_ptr.val = data;
|
||||||
|
|
||||||
|
@ -1936,15 +1944,22 @@ bool CSbieAPI::GetMonitor()
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
CResLogEntryPtr LogEntry = CResLogEntryPtr(new CResLogEntry(pid, type, Data));
|
CTraceEntryPtr LogEntry = CTraceEntryPtr(new CTraceEntry(pid, tid, type, Data));
|
||||||
|
AddTraceEntry(LogEntry, true);
|
||||||
|
|
||||||
QWriteLocker Lock(&m_ResLogMutex);
|
|
||||||
if (!m_ResLogList.isEmpty() && m_ResLogList.last()->Equals(LogEntry)) {
|
|
||||||
m_ResLogList.last()->Merge(LogEntry);
|
|
||||||
return true;
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
void CSbieAPI::AddTraceEntry(const CTraceEntryPtr& LogEntry, bool bCanMerge)
|
||||||
|
{
|
||||||
|
QWriteLocker Lock(&m_TraceMutex);
|
||||||
|
|
||||||
|
if (bCanMerge && !m_TraceList.isEmpty() && m_TraceList.last()->Equals(LogEntry)) {
|
||||||
|
m_TraceList.last()->Merge(LogEntry);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
m_ResLogList.append(LogEntry);
|
|
||||||
return true;
|
m_TraceList.append(LogEntry);
|
||||||
}
|
}
|
||||||
|
|
||||||
///////////////////////////////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////////////////////////////
|
||||||
|
@ -1961,105 +1976,3 @@ QString CSbieAPI::GetSbieMsgStr(quint32 code, quint32 Lang)
|
||||||
LocalFree(ret_str);
|
LocalFree(ret_str);
|
||||||
return qStr.trimmed(); // note messages may have \r\n at the end
|
return qStr.trimmed(); // note messages may have \r\n at the end
|
||||||
}
|
}
|
||||||
|
|
||||||
///////////////////////////////////////////////////////////////////////////////
|
|
||||||
//
|
|
||||||
//
|
|
||||||
|
|
||||||
QString ErrorString(qint32 err)
|
|
||||||
{
|
|
||||||
QString Error;
|
|
||||||
HMODULE handle = NULL; //err < 0 ? GetModuleHandle(L"NTDLL.DLL") : NULL;
|
|
||||||
DWORD flags = 0; //err < 0 ? FORMAT_MESSAGE_FROM_HMODULE : 0;
|
|
||||||
LPTSTR s;
|
|
||||||
if (::FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | flags, handle, err, 0, (LPTSTR)&s, 0, NULL) > 0)
|
|
||||||
{
|
|
||||||
LPTSTR p = wcschr(s, L'\r');
|
|
||||||
if (p != NULL) *p = L'\0';
|
|
||||||
Error = QString::fromWCharArray(s);
|
|
||||||
::LocalFree(s);
|
|
||||||
}
|
|
||||||
return Error;
|
|
||||||
}
|
|
||||||
|
|
||||||
CResLogEntry::CResLogEntry(quint32 ProcessId, quint32 Type, const QString& Value)
|
|
||||||
{
|
|
||||||
m_ProcessId = ProcessId;
|
|
||||||
m_Name = Value;
|
|
||||||
m_Type.Flags = Type;
|
|
||||||
|
|
||||||
m_TimeStamp = QDateTime::currentDateTime(); // ms resolution
|
|
||||||
m_Counter = 0;
|
|
||||||
|
|
||||||
// if this is a set error, then get the actual error string
|
|
||||||
if (m_Type.Type == MONITOR_OTHER && Value.indexOf("SetError:") == 0)
|
|
||||||
{
|
|
||||||
auto tmp = Value.split(":");
|
|
||||||
if (tmp.length() >= 2)
|
|
||||||
{
|
|
||||||
qint32 errCode = tmp[1].trimmed().toInt();
|
|
||||||
QString Error = ErrorString(errCode);
|
|
||||||
if(!Error.isEmpty())
|
|
||||||
m_Name += " (" + Error + ")";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
static atomic<quint64> uid = 0;
|
|
||||||
m_uid = uid.fetch_add(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
QString CResLogEntry::GetTypeStr() const
|
|
||||||
{
|
|
||||||
switch (m_Type.Type)
|
|
||||||
{
|
|
||||||
case MONITOR_SYSCALL: return "SysCall";
|
|
||||||
case MONITOR_PIPE: return "Pipe";
|
|
||||||
case MONITOR_IPC: return "Ipc";
|
|
||||||
case MONITOR_WINCLASS: return "WinClass";
|
|
||||||
case MONITOR_DRIVE: return "Drive";
|
|
||||||
case MONITOR_COMCLASS: return "ComClass";
|
|
||||||
case MONITOR_IGNORE: return "Ignore";
|
|
||||||
case MONITOR_IMAGE: return "Image";
|
|
||||||
case MONITOR_FILE: return "File";
|
|
||||||
case MONITOR_KEY: return "Key";
|
|
||||||
case MONITOR_OTHER: return "Debug";
|
|
||||||
default: return "Unknown: " + QString::number(m_Type.Type);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
QString CResLogEntry::GetStautsStr() const
|
|
||||||
{
|
|
||||||
QString Status;
|
|
||||||
if (m_Type.Open)
|
|
||||||
Status.append("Open ");
|
|
||||||
if (m_Type.Deny)
|
|
||||||
Status.append("Closed ");
|
|
||||||
|
|
||||||
if (m_Type.Trace)
|
|
||||||
Status.append("Trace ");
|
|
||||||
|
|
||||||
if (m_Counter > 1)
|
|
||||||
Status.append(QString("(%1)").arg(m_Counter));
|
|
||||||
|
|
||||||
return Status;
|
|
||||||
}
|
|
||||||
|
|
||||||
///////////////////////////////////////////////////////////////////////////////
|
|
||||||
//
|
|
||||||
//
|
|
||||||
|
|
||||||
QString GetLastErrorAsString()
|
|
||||||
{
|
|
||||||
DWORD errorMessageID = ::GetLastError();
|
|
||||||
if (errorMessageID == 0)
|
|
||||||
return QString();
|
|
||||||
|
|
||||||
char* messageBuffer = NULL;
|
|
||||||
FormatMessageA(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
|
|
||||||
NULL, errorMessageID, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPSTR)&messageBuffer, 0, NULL);
|
|
||||||
|
|
||||||
QString message(messageBuffer);
|
|
||||||
LocalFree(messageBuffer);
|
|
||||||
return message;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
|
@ -24,57 +24,11 @@
|
||||||
|
|
||||||
#include "SbieStatus.h"
|
#include "SbieStatus.h"
|
||||||
|
|
||||||
|
#include "SbieTrace.h"
|
||||||
|
|
||||||
#include "./Sandboxie/SandBox.h"
|
#include "./Sandboxie/SandBox.h"
|
||||||
#include "./Sandboxie/BoxedProcess.h"
|
#include "./Sandboxie/BoxedProcess.h"
|
||||||
|
|
||||||
class QSBIEAPI_EXPORT CResLogEntry : public QSharedData
|
|
||||||
{
|
|
||||||
public:
|
|
||||||
CResLogEntry(quint32 ProcessId, quint32 Type, const QString& Value);
|
|
||||||
|
|
||||||
quint32 GetProcessId() const { return m_ProcessId; }
|
|
||||||
QDateTime GetTimeStamp() const { return m_TimeStamp; }
|
|
||||||
quint16 GetType() const { return m_Type.Flags; }
|
|
||||||
QString GetValue() const { return m_Name; }
|
|
||||||
QString GetTypeStr() const;
|
|
||||||
QString GetStautsStr() const;
|
|
||||||
int GetCount() const { return m_Counter; }
|
|
||||||
|
|
||||||
bool Equals(const QSharedDataPointer<CResLogEntry>& pOther) const {
|
|
||||||
return pOther->m_ProcessId == this->m_ProcessId
|
|
||||||
//&& pOther->m_Type.Flags == this->m_Type.Flags
|
|
||||||
&& pOther->m_Name == this->m_Name;
|
|
||||||
}
|
|
||||||
void Merge(const QSharedDataPointer<CResLogEntry>& pOther) { m_Counter++; this->m_Type.Flags |= pOther->m_Type.Flags; }
|
|
||||||
|
|
||||||
quint64 GetUID() const { return m_uid; }
|
|
||||||
|
|
||||||
protected:
|
|
||||||
QString m_Name;
|
|
||||||
quint32 m_ProcessId;
|
|
||||||
QDateTime m_TimeStamp;
|
|
||||||
|
|
||||||
union
|
|
||||||
{
|
|
||||||
quint16 Flags;
|
|
||||||
struct
|
|
||||||
{
|
|
||||||
quint16
|
|
||||||
Type : 12,
|
|
||||||
Open : 1,
|
|
||||||
Deny : 1,
|
|
||||||
Reserved : 1,
|
|
||||||
Trace : 1;
|
|
||||||
};
|
|
||||||
} m_Type;
|
|
||||||
|
|
||||||
int m_Counter;
|
|
||||||
|
|
||||||
quint64 m_uid;
|
|
||||||
};
|
|
||||||
|
|
||||||
typedef QSharedDataPointer<CResLogEntry> CResLogEntryPtr;
|
|
||||||
|
|
||||||
|
|
||||||
class QSBIEAPI_EXPORT CSbieAPI : public QThread
|
class QSBIEAPI_EXPORT CSbieAPI : public QThread
|
||||||
{
|
{
|
||||||
|
@ -153,13 +107,14 @@ public:
|
||||||
virtual SB_STATUS EnableMonitor(bool Enable);
|
virtual SB_STATUS EnableMonitor(bool Enable);
|
||||||
virtual bool IsMonitoring();
|
virtual bool IsMonitoring();
|
||||||
|
|
||||||
virtual QList<CResLogEntryPtr> GetResLog() const { QReadLocker Lock(&m_ResLogMutex); return m_ResLogList; }
|
virtual void AddTraceEntry(const CTraceEntryPtr& LogEntry, bool bCanMerge = false);
|
||||||
virtual void ClearResLog() { QWriteLocker Lock(&m_ResLogMutex); m_ResLogList.clear(); }
|
virtual QList<CTraceEntryPtr> GetTrace() const { QReadLocker Lock(&m_TraceMutex); return m_TraceList; }
|
||||||
|
virtual void ClearTrace() { QWriteLocker Lock(&m_TraceMutex); m_TraceList.clear(); }
|
||||||
|
|
||||||
// Other
|
// Other
|
||||||
virtual QString GetSbieMsgStr(quint32 code, quint32 Lang = 1033);
|
virtual QString GetSbieMsgStr(quint32 code, quint32 Lang = 1033);
|
||||||
|
|
||||||
virtual SB_STATUS RunStart(const QString& BoxName, const QString& Command, QProcess* pProcess = NULL);
|
virtual SB_STATUS RunStart(const QString& BoxName, const QString& Command, QProcess* pProcess = NULL, bool Elevated = false);
|
||||||
virtual QString GetStartPath() const;
|
virtual QString GetStartPath() const;
|
||||||
|
|
||||||
enum ESbieQueuedRequests
|
enum ESbieQueuedRequests
|
||||||
|
@ -225,8 +180,8 @@ protected:
|
||||||
QMap<QString, CSandBoxPtr> m_SandBoxes;
|
QMap<QString, CSandBoxPtr> m_SandBoxes;
|
||||||
QMap<quint32, CBoxedProcessPtr> m_BoxedProxesses;
|
QMap<quint32, CBoxedProcessPtr> m_BoxedProxesses;
|
||||||
|
|
||||||
mutable QReadWriteLock m_ResLogMutex;
|
mutable QReadWriteLock m_TraceMutex;
|
||||||
QList<CResLogEntryPtr> m_ResLogList;
|
QList<CTraceEntryPtr> m_TraceList;
|
||||||
|
|
||||||
mutable QReadWriteLock m_DriveLettersMutex;
|
mutable QReadWriteLock m_DriveLettersMutex;
|
||||||
QMap<QString, QString> m_DriveLetters;
|
QMap<QString, QString> m_DriveLetters;
|
||||||
|
|
|
@ -0,0 +1,151 @@
|
||||||
|
/*
|
||||||
|
*
|
||||||
|
* Copyright (c) 2020, David Xanatos
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 2.1 of the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
#include "stdafx.h"
|
||||||
|
#include <QDebug>
|
||||||
|
#include <QStandardPaths>
|
||||||
|
#include "SbieTrace.h"
|
||||||
|
|
||||||
|
#include <ntstatus.h>
|
||||||
|
#define WIN32_NO_STATUS
|
||||||
|
typedef long NTSTATUS;
|
||||||
|
|
||||||
|
#include <windows.h>
|
||||||
|
#include "SbieDefs.h"
|
||||||
|
|
||||||
|
#include "..\..\Sandboxie\common\win32_ntddk.h"
|
||||||
|
|
||||||
|
#include "..\..\Sandboxie\core\drv\api_defs.h"
|
||||||
|
|
||||||
|
#include "..\..\Sandboxie\core\svc\msgids.h"
|
||||||
|
#include "..\..\Sandboxie\core\svc\ProcessWire.h"
|
||||||
|
#include "..\..\Sandboxie\core\svc\sbieiniwire.h"
|
||||||
|
#include "..\..\Sandboxie\core\svc\QueueWire.h"
|
||||||
|
#include "..\..\Sandboxie\core\svc\InteractiveWire.h"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
///////////////////////////////////////////////////////////////////////////////
|
||||||
|
//
|
||||||
|
//
|
||||||
|
|
||||||
|
QString ErrorString(qint32 err)
|
||||||
|
{
|
||||||
|
QString Error;
|
||||||
|
HMODULE handle = NULL; //err < 0 ? GetModuleHandle(L"NTDLL.DLL") : NULL;
|
||||||
|
DWORD flags = 0; //err < 0 ? FORMAT_MESSAGE_FROM_HMODULE : 0;
|
||||||
|
LPTSTR s;
|
||||||
|
if (::FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | flags, handle, err, 0, (LPTSTR)&s, 0, NULL) > 0)
|
||||||
|
{
|
||||||
|
LPTSTR p = wcschr(s, L'\r');
|
||||||
|
if (p != NULL) *p = L'\0';
|
||||||
|
Error = QString::fromWCharArray(s);
|
||||||
|
::LocalFree(s);
|
||||||
|
}
|
||||||
|
return Error;
|
||||||
|
}
|
||||||
|
|
||||||
|
CTraceEntry::CTraceEntry(quint32 ProcessId, quint32 ThreadId, quint32 Type, const QString& Message)
|
||||||
|
{
|
||||||
|
m_ProcessId = ProcessId;
|
||||||
|
m_ThreadId = ThreadId;
|
||||||
|
m_Message = Message;
|
||||||
|
m_Type.Flags = Type;
|
||||||
|
|
||||||
|
m_TimeStamp = QDateTime::currentDateTime(); // ms resolution
|
||||||
|
|
||||||
|
static atomic<quint64> uid = 0;
|
||||||
|
m_uid = uid.fetch_add(1);
|
||||||
|
|
||||||
|
m_Counter = 0;
|
||||||
|
|
||||||
|
m_Message = m_Message.replace("\r", "").replace("\n", " ");
|
||||||
|
|
||||||
|
// if this is a set error, then get the actual error string
|
||||||
|
if (m_Type.Type == MONITOR_OTHER && Message.indexOf("SetError:") == 0)
|
||||||
|
{
|
||||||
|
auto tmp = Message.split(":");
|
||||||
|
if (tmp.length() >= 2)
|
||||||
|
{
|
||||||
|
QString temp = tmp[1].trimmed();
|
||||||
|
int endPos = temp.indexOf(QRegExp("[ \r\n]"));
|
||||||
|
if (endPos != -1)
|
||||||
|
temp.truncate(endPos);
|
||||||
|
|
||||||
|
qint32 errCode = temp.toInt();
|
||||||
|
QString Error = ErrorString(errCode);
|
||||||
|
if (!Error.isEmpty())
|
||||||
|
m_Message += " (" + Error + ")";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
QString CTraceEntry::GetTypeStr() const
|
||||||
|
{
|
||||||
|
switch (m_Type.Type)
|
||||||
|
{
|
||||||
|
case MONITOR_APICALL: return "ApiCall";
|
||||||
|
case MONITOR_SYSCALL: return "SysCall";
|
||||||
|
case MONITOR_PIPE: return "Pipe";
|
||||||
|
case MONITOR_IPC: return "Ipc";
|
||||||
|
case MONITOR_WINCLASS: return "WinClass";
|
||||||
|
case MONITOR_DRIVE: return "Drive";
|
||||||
|
case MONITOR_COMCLASS: return "ComClass";
|
||||||
|
case MONITOR_IGNORE: return "Ignore";
|
||||||
|
case MONITOR_IMAGE: return "Image";
|
||||||
|
case MONITOR_FILE: return "File";
|
||||||
|
case MONITOR_KEY: return "Key";
|
||||||
|
case MONITOR_OTHER: return "Debug";
|
||||||
|
default: return "Unknown: " + QString::number(m_Type.Type);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
QString CTraceEntry::GetStautsStr() const
|
||||||
|
{
|
||||||
|
QString Status;
|
||||||
|
if (m_Type.Open)
|
||||||
|
Status.append("Open ");
|
||||||
|
if (m_Type.Deny)
|
||||||
|
Status.append("Closed ");
|
||||||
|
|
||||||
|
if (m_Type.Trace)
|
||||||
|
Status.append("Trace ");
|
||||||
|
|
||||||
|
if (m_Counter > 1)
|
||||||
|
Status.append(QString("(%1)").arg(m_Counter));
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
///////////////////////////////////////////////////////////////////////////////
|
||||||
|
//
|
||||||
|
//
|
||||||
|
|
||||||
|
QString GetLastErrorAsString()
|
||||||
|
{
|
||||||
|
DWORD errorMessageID = ::GetLastError();
|
||||||
|
if (errorMessageID == 0)
|
||||||
|
return QString();
|
||||||
|
|
||||||
|
char* messageBuffer = NULL;
|
||||||
|
FormatMessageA(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
|
||||||
|
NULL, errorMessageID, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPSTR)&messageBuffer, 0, NULL);
|
||||||
|
|
||||||
|
QString message(messageBuffer);
|
||||||
|
LocalFree(messageBuffer);
|
||||||
|
return message;
|
||||||
|
}
|
|
@ -0,0 +1,79 @@
|
||||||
|
/*
|
||||||
|
*
|
||||||
|
* Copyright (c) 2020, David Xanatos
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 2.1 of the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#include <QThread>
|
||||||
|
|
||||||
|
#include "qsbieapi_global.h"
|
||||||
|
|
||||||
|
#include "SbieStatus.h"
|
||||||
|
|
||||||
|
#define MONITOR_APICALL 0x000A
|
||||||
|
|
||||||
|
class QSBIEAPI_EXPORT CTraceEntry : public QSharedData
|
||||||
|
{
|
||||||
|
public:
|
||||||
|
CTraceEntry(quint32 ProcessId, quint32 ThreadId, quint32 Type, const QString& Message);
|
||||||
|
|
||||||
|
virtual QString GetMessage() const { return m_Message; }
|
||||||
|
virtual quint32 GetProcessId() const { return m_ProcessId; }
|
||||||
|
virtual quint32 GetThreadId() const { return m_ThreadId; }
|
||||||
|
virtual QDateTime GetTimeStamp() const { return m_TimeStamp; }
|
||||||
|
|
||||||
|
virtual quint16 GetType() const { return m_Type.Flags; }
|
||||||
|
virtual QString GetTypeStr() const;
|
||||||
|
virtual QString GetStautsStr() const;
|
||||||
|
|
||||||
|
virtual int GetCount() const { return m_Counter; }
|
||||||
|
|
||||||
|
virtual bool Equals(const QSharedDataPointer<CTraceEntry>& pOther) const {
|
||||||
|
return pOther->m_ProcessId == this->m_ProcessId && pOther->m_ThreadId == this->m_ThreadId
|
||||||
|
&& pOther->m_Message == this->m_Message;
|
||||||
|
}
|
||||||
|
virtual void Merge(const QSharedDataPointer<CTraceEntry>& pOther) {
|
||||||
|
m_Counter++; this->m_Type.Flags |= pOther->m_Type.Flags;
|
||||||
|
}
|
||||||
|
|
||||||
|
quint64 GetUID() const { return m_uid; }
|
||||||
|
|
||||||
|
protected:
|
||||||
|
QString m_Message;
|
||||||
|
quint32 m_ProcessId;
|
||||||
|
quint32 m_ThreadId;
|
||||||
|
QDateTime m_TimeStamp;
|
||||||
|
|
||||||
|
union
|
||||||
|
{
|
||||||
|
quint16 Flags;
|
||||||
|
struct
|
||||||
|
{
|
||||||
|
quint16
|
||||||
|
Type : 12,
|
||||||
|
Open : 1,
|
||||||
|
Deny : 1,
|
||||||
|
Reserved : 1,
|
||||||
|
Trace : 1;
|
||||||
|
};
|
||||||
|
} m_Type;
|
||||||
|
|
||||||
|
quint64 m_uid;
|
||||||
|
|
||||||
|
int m_Counter;
|
||||||
|
};
|
||||||
|
|
||||||
|
typedef QSharedDataPointer<CTraceEntry> CTraceEntryPtr;
|
|
@ -0,0 +1,17 @@
|
||||||
|
//{{NO_DEPENDENCIES}}
|
||||||
|
// Microsoft Visual C++ generated include file.
|
||||||
|
// Used by SandMan.rc
|
||||||
|
//
|
||||||
|
#define VS_VERSION_INFO 1
|
||||||
|
#define IDC_STATIC -1
|
||||||
|
|
||||||
|
// Next default values for new objects
|
||||||
|
//
|
||||||
|
#ifdef APSTUDIO_INVOKED
|
||||||
|
#ifndef APSTUDIO_READONLY_SYMBOLS
|
||||||
|
#define _APS_NEXT_RESOURCE_VALUE 101
|
||||||
|
#define _APS_NEXT_COMMAND_VALUE 40001
|
||||||
|
#define _APS_NEXT_CONTROL_VALUE 1000
|
||||||
|
#define _APS_NEXT_SYMED_VALUE 101
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -1,103 +0,0 @@
|
||||||
#include "stdafx.h"
|
|
||||||
#include "ApiLog.h"
|
|
||||||
#include <Windows.h>
|
|
||||||
|
|
||||||
CApiLogEntry::CApiLogEntry(quint64 ProcessId, const QString& Message)
|
|
||||||
{
|
|
||||||
m_ProcessId = ProcessId;
|
|
||||||
m_Message = Message;
|
|
||||||
m_TimeStamp = QDateTime::currentDateTime(); // ms resolution
|
|
||||||
|
|
||||||
static atomic<quint64> uid = 0;
|
|
||||||
m_uid = uid.fetch_add(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
///////////////////////////////////////////////////////////////////////////////
|
|
||||||
//
|
|
||||||
//
|
|
||||||
|
|
||||||
CApiLog::CApiLog(QObject* parent) : QThread(parent)
|
|
||||||
{
|
|
||||||
m_pServer = NULL;
|
|
||||||
|
|
||||||
start();
|
|
||||||
}
|
|
||||||
|
|
||||||
CApiLog::~CApiLog()
|
|
||||||
{
|
|
||||||
quit();
|
|
||||||
if (!wait(10 * 1000))
|
|
||||||
terminate();
|
|
||||||
}
|
|
||||||
|
|
||||||
void CApiLog::run()
|
|
||||||
{
|
|
||||||
qDebug() << "LogAPI server started";
|
|
||||||
|
|
||||||
m_pServer = new CApiLogServer();
|
|
||||||
|
|
||||||
QThread::run(); // run messge loop
|
|
||||||
|
|
||||||
m_pServer->deleteLater();
|
|
||||||
|
|
||||||
qDebug() << "LogAPI server stopped";
|
|
||||||
}
|
|
||||||
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
//
|
|
||||||
|
|
||||||
CApiLogServer::CApiLogServer()
|
|
||||||
{
|
|
||||||
m_pServer = new QLocalServer(this);
|
|
||||||
m_pServer->setSocketOptions(QLocalServer::WorldAccessOption);
|
|
||||||
if (!m_pServer->listen("LogAPI")) {
|
|
||||||
qDebug() << "Not able to open Server Pipe";
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
connect(m_pServer, SIGNAL(newConnection()), this, SLOT(OnPipe()));
|
|
||||||
|
|
||||||
m_pApiLog = qobject_cast<CApiLog*>(thread());
|
|
||||||
}
|
|
||||||
|
|
||||||
void CApiLogServer::OnPipe()
|
|
||||||
{
|
|
||||||
QLocalSocket *pSocket = m_pServer->nextPendingConnection();
|
|
||||||
connect(pSocket, SIGNAL(readyRead()), this, SLOT(OnData()));
|
|
||||||
connect(pSocket, SIGNAL(disconnected()), this, SLOT(OnClose()));
|
|
||||||
|
|
||||||
ULONG ClientProcessId = 0;
|
|
||||||
GetNamedPipeClientProcessId((HANDLE)pSocket->socketDescriptor(), &ClientProcessId);
|
|
||||||
|
|
||||||
m_pClients.insert(pSocket, new SApiLog(ClientProcessId));
|
|
||||||
}
|
|
||||||
|
|
||||||
void CApiLogServer::OnData()
|
|
||||||
{
|
|
||||||
QLocalSocket* pSocket = qobject_cast<QLocalSocket*>(sender());
|
|
||||||
SApiLog* ApiLog = m_pClients.value(pSocket);
|
|
||||||
if (!ApiLog)
|
|
||||||
return;
|
|
||||||
|
|
||||||
ApiLog->Buffer.append(pSocket->readAll());
|
|
||||||
|
|
||||||
for (;;)
|
|
||||||
{
|
|
||||||
int endPos = ApiLog->Buffer.indexOf('\0');
|
|
||||||
if (endPos == -1)
|
|
||||||
break;
|
|
||||||
|
|
||||||
CApiLogEntryPtr LogEntry = CApiLogEntryPtr(new CApiLogEntry(ApiLog->ProcessId, QString(ApiLog->Buffer.data())));
|
|
||||||
ApiLog->Buffer.remove(0, endPos + 1);
|
|
||||||
|
|
||||||
QWriteLocker Lock(&m_pApiLog->m_ApiLogMutex);
|
|
||||||
m_pApiLog->m_ApiLogList.append(LogEntry);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
void CApiLogServer::OnClose()
|
|
||||||
{
|
|
||||||
QLocalSocket* pSocket = qobject_cast<QLocalSocket*>(sender());
|
|
||||||
delete m_pClients.take(pSocket);
|
|
||||||
pSocket->deleteLater();
|
|
||||||
}
|
|
|
@ -1,74 +0,0 @@
|
||||||
#pragma once
|
|
||||||
|
|
||||||
class CApiLogEntry : public QSharedData
|
|
||||||
{
|
|
||||||
public:
|
|
||||||
CApiLogEntry(quint64 ProcessId, const QString& Message);
|
|
||||||
|
|
||||||
quint64 GetProcessId() const { return m_ProcessId; }
|
|
||||||
QDateTime GetTimeStamp() const { return m_TimeStamp; }
|
|
||||||
QString GetMessage() const { return m_Message; }
|
|
||||||
|
|
||||||
quint64 GetUID() const { return m_uid; }
|
|
||||||
|
|
||||||
protected:
|
|
||||||
quint64 m_ProcessId;
|
|
||||||
QDateTime m_TimeStamp;
|
|
||||||
QString m_Message;
|
|
||||||
|
|
||||||
quint64 m_uid;
|
|
||||||
};
|
|
||||||
|
|
||||||
typedef QSharedDataPointer<CApiLogEntry> CApiLogEntryPtr;
|
|
||||||
|
|
||||||
class CApiLog : public QThread
|
|
||||||
{
|
|
||||||
Q_OBJECT
|
|
||||||
public:
|
|
||||||
CApiLog(QObject* parent = 0);
|
|
||||||
virtual ~CApiLog();
|
|
||||||
|
|
||||||
virtual QList<CApiLogEntryPtr> GetApiLog() const { QReadLocker Lock(&m_ApiLogMutex); return m_ApiLogList; }
|
|
||||||
virtual void ClearApiLog() { QWriteLocker Lock(&m_ApiLogMutex); m_ApiLogList.clear(); }
|
|
||||||
|
|
||||||
protected:
|
|
||||||
friend class CApiLogServer;
|
|
||||||
|
|
||||||
virtual void run();
|
|
||||||
|
|
||||||
mutable QReadWriteLock m_ApiLogMutex;
|
|
||||||
QList<CApiLogEntryPtr> m_ApiLogList;
|
|
||||||
|
|
||||||
CApiLogServer* m_pServer;
|
|
||||||
};
|
|
||||||
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
//
|
|
||||||
|
|
||||||
class CApiLogServer : public QObject
|
|
||||||
{
|
|
||||||
Q_OBJECT
|
|
||||||
protected:
|
|
||||||
CApiLogServer();
|
|
||||||
|
|
||||||
public slots:
|
|
||||||
void OnPipe();
|
|
||||||
void OnData();
|
|
||||||
void OnClose();
|
|
||||||
|
|
||||||
protected:
|
|
||||||
friend class CApiLog;
|
|
||||||
|
|
||||||
struct SApiLog
|
|
||||||
{
|
|
||||||
SApiLog(quint64 pid) { ProcessId = pid; }
|
|
||||||
|
|
||||||
QByteArray Buffer;
|
|
||||||
quint64 ProcessId;
|
|
||||||
};
|
|
||||||
|
|
||||||
QLocalServer* m_pServer;
|
|
||||||
QMap<QLocalSocket*, SApiLog*> m_pClients;
|
|
||||||
|
|
||||||
CApiLog* m_pApiLog;
|
|
||||||
};
|
|
|
@ -6,7 +6,7 @@
|
||||||
<rect>
|
<rect>
|
||||||
<x>0</x>
|
<x>0</x>
|
||||||
<y>0</y>
|
<y>0</y>
|
||||||
<width>622</width>
|
<width>682</width>
|
||||||
<height>473</height>
|
<height>473</height>
|
||||||
</rect>
|
</rect>
|
||||||
</property>
|
</property>
|
||||||
|
@ -45,7 +45,7 @@
|
||||||
<enum>QTabWidget::West</enum>
|
<enum>QTabWidget::West</enum>
|
||||||
</property>
|
</property>
|
||||||
<property name="currentIndex">
|
<property name="currentIndex">
|
||||||
<number>8</number>
|
<number>0</number>
|
||||||
</property>
|
</property>
|
||||||
<widget class="QWidget" name="tabGeneral">
|
<widget class="QWidget" name="tabGeneral">
|
||||||
<attribute name="title">
|
<attribute name="title">
|
||||||
|
@ -1637,40 +1637,6 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
|
||||||
<layout class="QGridLayout" name="gridLayout_34">
|
<layout class="QGridLayout" name="gridLayout_34">
|
||||||
<item row="0" column="0">
|
<item row="0" column="0">
|
||||||
<layout class="QGridLayout" name="gridLayout_32">
|
<layout class="QGridLayout" name="gridLayout_32">
|
||||||
<item row="10" column="2">
|
|
||||||
<spacer name="horizontalSpacer">
|
|
||||||
<property name="orientation">
|
|
||||||
<enum>Qt::Horizontal</enum>
|
|
||||||
</property>
|
|
||||||
<property name="sizeHint" stdset="0">
|
|
||||||
<size>
|
|
||||||
<width>40</width>
|
|
||||||
<height>20</height>
|
|
||||||
</size>
|
|
||||||
</property>
|
|
||||||
</spacer>
|
|
||||||
</item>
|
|
||||||
<item row="7" column="1">
|
|
||||||
<widget class="QCheckBox" name="chkGuiTrace">
|
|
||||||
<property name="text">
|
|
||||||
<string>GUI Trace</string>
|
|
||||||
</property>
|
|
||||||
</widget>
|
|
||||||
</item>
|
|
||||||
<item row="6" column="1">
|
|
||||||
<widget class="QCheckBox" name="chkIpcTrace">
|
|
||||||
<property name="text">
|
|
||||||
<string>IPC Trace</string>
|
|
||||||
</property>
|
|
||||||
</widget>
|
|
||||||
</item>
|
|
||||||
<item row="4" column="1">
|
|
||||||
<widget class="QCheckBox" name="chkPipeTrace">
|
|
||||||
<property name="text">
|
|
||||||
<string>Pipe Trace</string>
|
|
||||||
</property>
|
|
||||||
</widget>
|
|
||||||
</item>
|
|
||||||
<item row="2" column="0">
|
<item row="2" column="0">
|
||||||
<widget class="QLabel" name="label_19">
|
<widget class="QLabel" name="label_19">
|
||||||
<property name="font">
|
<property name="font">
|
||||||
|
@ -1684,14 +1650,14 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
|
||||||
</property>
|
</property>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
<item row="9" column="1" colspan="2">
|
<item row="10" column="2" colspan="2">
|
||||||
<widget class="QCheckBox" name="chkDbgTrace">
|
<widget class="QCheckBox" name="chkErrTrace">
|
||||||
<property name="text">
|
<property name="text">
|
||||||
<string>Log Debug Output to the Trace Log</string>
|
<string>Log all SetError's to Trace log</string>
|
||||||
</property>
|
</property>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
<item row="10" column="1">
|
<item row="11" column="1">
|
||||||
<spacer name="verticalSpacer_2">
|
<spacer name="verticalSpacer_2">
|
||||||
<property name="orientation">
|
<property name="orientation">
|
||||||
<enum>Qt::Vertical</enum>
|
<enum>Qt::Vertical</enum>
|
||||||
|
@ -1704,21 +1670,35 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
|
||||||
</property>
|
</property>
|
||||||
</spacer>
|
</spacer>
|
||||||
</item>
|
</item>
|
||||||
<item row="3" column="1">
|
<item row="8" column="3">
|
||||||
|
<widget class="QLabel" name="label_28">
|
||||||
|
<property name="text">
|
||||||
|
<string><- for this one the above does not apply</string>
|
||||||
|
</property>
|
||||||
|
</widget>
|
||||||
|
</item>
|
||||||
|
<item row="9" column="1" colspan="3">
|
||||||
|
<widget class="QCheckBox" name="chkDbgTrace">
|
||||||
|
<property name="text">
|
||||||
|
<string>Log Debug Output to the Trace Log</string>
|
||||||
|
</property>
|
||||||
|
</widget>
|
||||||
|
</item>
|
||||||
|
<item row="3" column="1" colspan="2">
|
||||||
<widget class="QCheckBox" name="chkFileTrace">
|
<widget class="QCheckBox" name="chkFileTrace">
|
||||||
<property name="text">
|
<property name="text">
|
||||||
<string>File Trace</string>
|
<string>File Trace</string>
|
||||||
</property>
|
</property>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
<item row="5" column="1">
|
<item row="5" column="1" colspan="2">
|
||||||
<widget class="QCheckBox" name="chkKeyTrace">
|
<widget class="QCheckBox" name="chkKeyTrace">
|
||||||
<property name="text">
|
<property name="text">
|
||||||
<string>Key Trace</string>
|
<string>Key Trace</string>
|
||||||
</property>
|
</property>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
<item row="3" column="2" rowspan="5">
|
<item row="3" column="3" rowspan="5">
|
||||||
<widget class="QLabel" name="label_26">
|
<widget class="QLabel" name="label_26">
|
||||||
<property name="text">
|
<property name="text">
|
||||||
<string>Log all access events as seen by the driver to the resource access log.
|
<string>Log all access events as seen by the driver to the resource access log.
|
||||||
|
@ -1738,20 +1718,60 @@ instead of "*".</string>
|
||||||
</property>
|
</property>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
<item row="8" column="1">
|
<item row="7" column="1" colspan="2">
|
||||||
|
<widget class="QCheckBox" name="chkGuiTrace">
|
||||||
|
<property name="text">
|
||||||
|
<string>GUI Trace</string>
|
||||||
|
</property>
|
||||||
|
</widget>
|
||||||
|
</item>
|
||||||
|
<item row="6" column="1" colspan="2">
|
||||||
|
<widget class="QCheckBox" name="chkIpcTrace">
|
||||||
|
<property name="text">
|
||||||
|
<string>IPC Trace</string>
|
||||||
|
</property>
|
||||||
|
</widget>
|
||||||
|
</item>
|
||||||
|
<item row="8" column="1" colspan="2">
|
||||||
<widget class="QCheckBox" name="chkComTrace">
|
<widget class="QCheckBox" name="chkComTrace">
|
||||||
<property name="text">
|
<property name="text">
|
||||||
<string>COM Class Trace</string>
|
<string>COM Class Trace</string>
|
||||||
</property>
|
</property>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
<item row="8" column="2">
|
<item row="4" column="1" colspan="2">
|
||||||
<widget class="QLabel" name="label_28">
|
<widget class="QCheckBox" name="chkPipeTrace">
|
||||||
<property name="text">
|
<property name="text">
|
||||||
<string><- for this one the above does not apply</string>
|
<string>Pipe Trace</string>
|
||||||
</property>
|
</property>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
|
<item row="11" column="4">
|
||||||
|
<spacer name="horizontalSpacer_3">
|
||||||
|
<property name="orientation">
|
||||||
|
<enum>Qt::Horizontal</enum>
|
||||||
|
</property>
|
||||||
|
<property name="sizeHint" stdset="0">
|
||||||
|
<size>
|
||||||
|
<width>40</width>
|
||||||
|
<height>20</height>
|
||||||
|
</size>
|
||||||
|
</property>
|
||||||
|
</spacer>
|
||||||
|
</item>
|
||||||
|
<item row="11" column="2" colspan="2">
|
||||||
|
<spacer name="horizontalSpacer">
|
||||||
|
<property name="orientation">
|
||||||
|
<enum>Qt::Horizontal</enum>
|
||||||
|
</property>
|
||||||
|
<property name="sizeHint" stdset="0">
|
||||||
|
<size>
|
||||||
|
<width>40</width>
|
||||||
|
<height>20</height>
|
||||||
|
</size>
|
||||||
|
</property>
|
||||||
|
</spacer>
|
||||||
|
</item>
|
||||||
</layout>
|
</layout>
|
||||||
</item>
|
</item>
|
||||||
</layout>
|
</layout>
|
||||||
|
|
|
@ -1,144 +0,0 @@
|
||||||
#include "stdafx.h"
|
|
||||||
#include "ApiMonModel.h"
|
|
||||||
#include "../MiscHelpers/Common/Common.h"
|
|
||||||
|
|
||||||
CApiMonModel::CApiMonModel(QObject *parent)
|
|
||||||
:CListItemModel(parent)
|
|
||||||
{
|
|
||||||
}
|
|
||||||
|
|
||||||
CApiMonModel::~CApiMonModel()
|
|
||||||
{
|
|
||||||
}
|
|
||||||
|
|
||||||
void CApiMonModel::Sync(const QList<CApiLogEntryPtr>& List, QSet<quint64> PIDs)
|
|
||||||
{
|
|
||||||
QList<SListNode*> New;
|
|
||||||
QHash<QVariant, SListNode*> Old = m_Map;
|
|
||||||
|
|
||||||
int i = 0;
|
|
||||||
if (List.count() >= m_List.count() && m_List.count() > 0)
|
|
||||||
{
|
|
||||||
i = m_List.count() - 1;
|
|
||||||
if (m_List.at(i)->ID == List.at(i)->GetUID())
|
|
||||||
{
|
|
||||||
i++;
|
|
||||||
Old.clear();
|
|
||||||
}
|
|
||||||
else
|
|
||||||
i = 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
for (; i < List.count(); i++)
|
|
||||||
{
|
|
||||||
CApiLogEntryPtr pEntry = List.at(i);
|
|
||||||
QVariant ID = pEntry->GetUID();
|
|
||||||
|
|
||||||
if (!PIDs.isEmpty() && !PIDs.contains(pEntry->GetProcessId()))
|
|
||||||
continue;
|
|
||||||
|
|
||||||
int Row = -1;
|
|
||||||
QHash<QVariant, SListNode*>::iterator I = Old.find(ID);
|
|
||||||
SApiLogNode* pNode = I != Old.end() ? static_cast<SApiLogNode*>(I.value()) : NULL;
|
|
||||||
if(!pNode)
|
|
||||||
{
|
|
||||||
pNode = static_cast<SApiLogNode*>(MkNode(ID));
|
|
||||||
pNode->Values.resize(columnCount());
|
|
||||||
pNode->pEntry = pEntry;
|
|
||||||
New.append(pNode);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
I.value() = NULL;
|
|
||||||
Row = GetRow(pNode);
|
|
||||||
}
|
|
||||||
|
|
||||||
int Col = 0;
|
|
||||||
bool State = false;
|
|
||||||
int Changed = 0;
|
|
||||||
|
|
||||||
/*int RowColor = CTaskExplorer::eNone;
|
|
||||||
if (pGDI->IsMarkedForRemoval() && CTaskExplorer::UseListColor(CTaskExplorer::eToBeRemoved)) RowColor = CTaskExplorer::eToBeRemoved;
|
|
||||||
else if (pGDI->IsNewlyCreated() && CTaskExplorer::UseListColor(CTaskExplorer::eAdded)) RowColor = CTaskExplorer::eAdded;
|
|
||||||
|
|
||||||
if (pNode->iColor != RowColor) {
|
|
||||||
pNode->iColor = RowColor;
|
|
||||||
pNode->Color = CTaskExplorer::GetListColor(RowColor);
|
|
||||||
Changed = 2;
|
|
||||||
}*/
|
|
||||||
|
|
||||||
for(int section = 0; section < columnCount(); section++)
|
|
||||||
{
|
|
||||||
if (!m_Columns.contains(section))
|
|
||||||
continue; // ignore columns which are hidden
|
|
||||||
|
|
||||||
QVariant Value;
|
|
||||||
switch(section)
|
|
||||||
{
|
|
||||||
case eProcess: Value = pEntry->GetProcessId(); break;
|
|
||||||
case eTimeStamp: Value = pEntry->GetTimeStamp(); break;
|
|
||||||
case eMessage: Value = pEntry->GetMessage(); break;
|
|
||||||
}
|
|
||||||
|
|
||||||
SApiLogNode::SValue& ColValue = pNode->Values[section];
|
|
||||||
|
|
||||||
if (ColValue.Raw != Value)
|
|
||||||
{
|
|
||||||
if(Changed == 0)
|
|
||||||
Changed = 1;
|
|
||||||
ColValue.Raw = Value;
|
|
||||||
|
|
||||||
switch (section)
|
|
||||||
{
|
|
||||||
case eProcess: ColValue.Formated = QString::number(pEntry->GetProcessId()); break;
|
|
||||||
case eTimeStamp: ColValue.Formated = pEntry->GetTimeStamp().toString("hh:mm:ss.zzz"); break;
|
|
||||||
//case eType: ColValue.Formated = ; break;
|
|
||||||
//case eValue: ColValue.Formated = ; break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if(State != (Changed != 0))
|
|
||||||
{
|
|
||||||
if(State && Row != -1)
|
|
||||||
emit dataChanged(createIndex(Row, Col), createIndex(Row, section-1));
|
|
||||||
State = (Changed != 0);
|
|
||||||
Col = section;
|
|
||||||
}
|
|
||||||
if(Changed == 1)
|
|
||||||
Changed = 0;
|
|
||||||
}
|
|
||||||
if(State && Row != -1)
|
|
||||||
emit dataChanged(createIndex(Row, Col, pNode), createIndex(Row, columnCount()-1, pNode));
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
CListItemModel::Sync(New, Old);
|
|
||||||
}
|
|
||||||
|
|
||||||
CApiLogEntryPtr CApiMonModel::GetEntry(const QModelIndex &index) const
|
|
||||||
{
|
|
||||||
if (!index.isValid())
|
|
||||||
return CApiLogEntryPtr();
|
|
||||||
|
|
||||||
SApiLogNode* pNode = static_cast<SApiLogNode*>(index.internalPointer());
|
|
||||||
return pNode->pEntry;
|
|
||||||
}
|
|
||||||
|
|
||||||
int CApiMonModel::columnCount(const QModelIndex &parent) const
|
|
||||||
{
|
|
||||||
return eCount;
|
|
||||||
}
|
|
||||||
|
|
||||||
QVariant CApiMonModel::headerData(int section, Qt::Orientation orientation, int role) const
|
|
||||||
{
|
|
||||||
if (orientation == Qt::Horizontal && role == Qt::DisplayRole)
|
|
||||||
{
|
|
||||||
switch(section)
|
|
||||||
{
|
|
||||||
case eProcess: return tr("Process");
|
|
||||||
case eTimeStamp: return tr("Time Stamp");
|
|
||||||
case eMessage: return tr("Message");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return QVariant();
|
|
||||||
}
|
|
|
@ -1,40 +0,0 @@
|
||||||
#pragma once
|
|
||||||
#include <qwidget.h>
|
|
||||||
#include "../ApiLog.h"
|
|
||||||
#include "../../MiscHelpers/Common/ListItemModel.h"
|
|
||||||
|
|
||||||
class CApiMonModel : public CListItemModel
|
|
||||||
{
|
|
||||||
Q_OBJECT
|
|
||||||
|
|
||||||
public:
|
|
||||||
CApiMonModel(QObject *parent = 0);
|
|
||||||
~CApiMonModel();
|
|
||||||
|
|
||||||
void Sync(const QList<CApiLogEntryPtr>& List, QSet<quint64> PIDs);
|
|
||||||
|
|
||||||
CApiLogEntryPtr GetEntry(const QModelIndex &index) const;
|
|
||||||
|
|
||||||
int columnCount(const QModelIndex &parent = QModelIndex()) const;
|
|
||||||
QVariant headerData(int section, Qt::Orientation orientation, int role = Qt::DisplayRole) const;
|
|
||||||
|
|
||||||
enum EColumns
|
|
||||||
{
|
|
||||||
eProcess = 0,
|
|
||||||
eTimeStamp,
|
|
||||||
eMessage,
|
|
||||||
eCount
|
|
||||||
};
|
|
||||||
|
|
||||||
protected:
|
|
||||||
struct SApiLogNode: SListNode
|
|
||||||
{
|
|
||||||
SApiLogNode(const QVariant& Id) : SListNode(Id), iColor(0) {}
|
|
||||||
|
|
||||||
CApiLogEntryPtr pEntry;
|
|
||||||
|
|
||||||
int iColor;
|
|
||||||
};
|
|
||||||
|
|
||||||
virtual SListNode* MkNode(const QVariant& Id) { return new SApiLogNode(Id); }
|
|
||||||
};
|
|
|
@ -12,7 +12,8 @@ CResMonModel::~CResMonModel()
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
void CResMonModel::Sync(const QList<CResLogEntryPtr>& List, QSet<quint64> PIDs)
|
//void CResMonModel::Sync(const QList<CTraceEntryPtr>& List, QSet<quint64> PIDs)
|
||||||
|
void CResMonModel::Sync(const QList<CTraceEntryPtr>& List)
|
||||||
{
|
{
|
||||||
QList<SListNode*> New;
|
QList<SListNode*> New;
|
||||||
QHash<QVariant, SListNode*> Old = m_Map;
|
QHash<QVariant, SListNode*> Old = m_Map;
|
||||||
|
@ -32,19 +33,19 @@ void CResMonModel::Sync(const QList<CResLogEntryPtr>& List, QSet<quint64> PIDs)
|
||||||
|
|
||||||
for(; i < List.count(); i++)
|
for(; i < List.count(); i++)
|
||||||
{
|
{
|
||||||
CResLogEntryPtr pEntry = List.at(i);
|
CTraceEntryPtr pEntry = List.at(i);
|
||||||
|
|
||||||
QVariant ID = pEntry->GetUID();
|
QVariant ID = pEntry->GetUID();
|
||||||
|
|
||||||
if (!PIDs.isEmpty() && !PIDs.contains(pEntry->GetProcessId()))
|
//if (!PIDs.isEmpty() && !PIDs.contains(pEntry->GetProcessId()))
|
||||||
continue;
|
// continue;
|
||||||
|
|
||||||
int Row = -1;
|
int Row = -1;
|
||||||
QHash<QVariant, SListNode*>::iterator I = Old.find(ID);
|
QHash<QVariant, SListNode*>::iterator I = Old.find(ID);
|
||||||
SResLogNode* pNode = I != Old.end() ? static_cast<SResLogNode*>(I.value()) : NULL;
|
STraceNode* pNode = I != Old.end() ? static_cast<STraceNode*>(I.value()) : NULL;
|
||||||
if(!pNode)
|
if(!pNode)
|
||||||
{
|
{
|
||||||
pNode = static_cast<SResLogNode*>(MkNode(ID));
|
pNode = static_cast<STraceNode*>(MkNode(ID));
|
||||||
pNode->Values.resize(columnCount());
|
pNode->Values.resize(columnCount());
|
||||||
pNode->pEntry = pEntry;
|
pNode->pEntry = pEntry;
|
||||||
New.append(pNode);
|
New.append(pNode);
|
||||||
|
@ -78,13 +79,13 @@ void CResMonModel::Sync(const QList<CResLogEntryPtr>& List, QSet<quint64> PIDs)
|
||||||
switch(section)
|
switch(section)
|
||||||
{
|
{
|
||||||
case eProcess: Value = pEntry->GetProcessId(); break;
|
case eProcess: Value = pEntry->GetProcessId(); break;
|
||||||
case eTimeStamp: Value = pEntry->GetTimeStamp(); break;
|
case eTimeStamp: Value = pEntry->GetUID(); break;
|
||||||
case eType: Value = pEntry->GetTypeStr(); break;
|
case eType: Value = pEntry->GetTypeStr(); break;
|
||||||
case eStatus: Value = pEntry->GetStautsStr(); break;
|
case eStatus: Value = pEntry->GetStautsStr(); break;
|
||||||
case eValue: Value = pEntry->GetValue(); break;
|
case eValue: Value = pEntry->GetMessage(); break;
|
||||||
}
|
}
|
||||||
|
|
||||||
SResLogNode::SValue& ColValue = pNode->Values[section];
|
STraceNode::SValue& ColValue = pNode->Values[section];
|
||||||
|
|
||||||
if (ColValue.Raw != Value)
|
if (ColValue.Raw != Value)
|
||||||
{
|
{
|
||||||
|
@ -97,7 +98,7 @@ void CResMonModel::Sync(const QList<CResLogEntryPtr>& List, QSet<quint64> PIDs)
|
||||||
case eProcess:
|
case eProcess:
|
||||||
{
|
{
|
||||||
CBoxedProcessPtr pProcess = theAPI->GetProcessById(pEntry->GetProcessId());
|
CBoxedProcessPtr pProcess = theAPI->GetProcessById(pEntry->GetProcessId());
|
||||||
ColValue.Formated = QString("%1 (%2)").arg(pProcess.isNull() ? tr("Unknown") : pProcess->GetProcessName()).arg(pEntry->GetProcessId());
|
ColValue.Formated = QString("%1 (%2, %3)").arg(pProcess.isNull() ? tr("Unknown") : pProcess->GetProcessName()).arg(pEntry->GetProcessId()).arg(pEntry->GetThreadId());
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case eTimeStamp: ColValue.Formated = pEntry->GetTimeStamp().toString("hh:mm:ss.zzz"); break;
|
case eTimeStamp: ColValue.Formated = pEntry->GetTimeStamp().toString("hh:mm:ss.zzz"); break;
|
||||||
|
@ -124,12 +125,12 @@ void CResMonModel::Sync(const QList<CResLogEntryPtr>& List, QSet<quint64> PIDs)
|
||||||
CListItemModel::Sync(New, Old);
|
CListItemModel::Sync(New, Old);
|
||||||
}
|
}
|
||||||
|
|
||||||
CResLogEntryPtr CResMonModel::GetEntry(const QModelIndex &index) const
|
CTraceEntryPtr CResMonModel::GetEntry(const QModelIndex &index) const
|
||||||
{
|
{
|
||||||
if (!index.isValid())
|
if (!index.isValid())
|
||||||
return CResLogEntryPtr();
|
return CTraceEntryPtr();
|
||||||
|
|
||||||
SResLogNode* pNode = static_cast<SResLogNode*>(index.internalPointer());
|
STraceNode* pNode = static_cast<STraceNode*>(index.internalPointer());
|
||||||
return pNode->pEntry;
|
return pNode->pEntry;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -11,9 +11,10 @@ public:
|
||||||
CResMonModel(QObject *parent = 0);
|
CResMonModel(QObject *parent = 0);
|
||||||
~CResMonModel();
|
~CResMonModel();
|
||||||
|
|
||||||
void Sync(const QList<CResLogEntryPtr>& List, QSet<quint64> PIDs);
|
//void Sync(const QList<CTraceEntryPtr>& List, QSet<quint64> PIDs);
|
||||||
|
void Sync(const QList<CTraceEntryPtr>& List);
|
||||||
|
|
||||||
CResLogEntryPtr GetEntry(const QModelIndex &index) const;
|
CTraceEntryPtr GetEntry(const QModelIndex &index) const;
|
||||||
|
|
||||||
int columnCount(const QModelIndex &parent = QModelIndex()) const;
|
int columnCount(const QModelIndex &parent = QModelIndex()) const;
|
||||||
QVariant headerData(int section, Qt::Orientation orientation, int role = Qt::DisplayRole) const;
|
QVariant headerData(int section, Qt::Orientation orientation, int role = Qt::DisplayRole) const;
|
||||||
|
@ -29,14 +30,14 @@ public:
|
||||||
};
|
};
|
||||||
|
|
||||||
protected:
|
protected:
|
||||||
struct SResLogNode: SListNode
|
struct STraceNode: SListNode
|
||||||
{
|
{
|
||||||
SResLogNode(const QVariant& Id) : SListNode(Id), iColor(0) {}
|
STraceNode(const QVariant& Id) : SListNode(Id), iColor(0) {}
|
||||||
|
|
||||||
CResLogEntryPtr pEntry;
|
CTraceEntryPtr pEntry;
|
||||||
|
|
||||||
int iColor;
|
int iColor;
|
||||||
};
|
};
|
||||||
|
|
||||||
virtual SListNode* MkNode(const QVariant& Id) { return new SResLogNode(Id); }
|
virtual SListNode* MkNode(const QVariant& Id) { return new STraceNode(Id); }
|
||||||
};
|
};
|
|
@ -86,17 +86,21 @@ QString CSbieModel::FindParent(const QVariant& Name, const QMap<QString, QString
|
||||||
return QString();
|
return QString();
|
||||||
}
|
}
|
||||||
|
|
||||||
QList<QVariant> CSbieModel::MakeBoxPath(const QVariant& Name, const QMap<QString, QStringList>& Groups)
|
void CSbieModel::MakeBoxPath(const QVariant& Name, const QMap<QString, QStringList>& Groups, QList<QVariant>& Path)
|
||||||
{
|
{
|
||||||
QString ParentID = FindParent(Name, Groups);
|
QString ParentID = FindParent(Name, Groups);
|
||||||
|
|
||||||
QList<QVariant> Path;
|
if (!ParentID.isEmpty() && ParentID != Name && !Path.contains(ParentID))
|
||||||
if (!ParentID.isEmpty() && ParentID != Name
|
|
||||||
&& !Groups.value(CSbieModel__RemoveGroupMark(Name.toString())).contains(CSbieModel__RemoveGroupMark(ParentID)))
|
|
||||||
{
|
{
|
||||||
Path = MakeBoxPath(ParentID, Groups);
|
Path.prepend(ParentID);
|
||||||
Path.append(ParentID);
|
MakeBoxPath(ParentID, Groups, Path);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
QList<QVariant> CSbieModel::MakeBoxPath(const QVariant& Name, const QMap<QString, QStringList>& Groups)
|
||||||
|
{
|
||||||
|
QList<QVariant> Path;
|
||||||
|
MakeBoxPath(Name, Groups, Path);
|
||||||
return Path;
|
return Path;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -63,6 +63,7 @@ protected:
|
||||||
|
|
||||||
QString FindParent(const QVariant& Name, const QMap<QString, QStringList>& Groups);
|
QString FindParent(const QVariant& Name, const QMap<QString, QStringList>& Groups);
|
||||||
QList<QVariant> MakeBoxPath(const QVariant& Name, const QMap<QString, QStringList>& Groups);
|
QList<QVariant> MakeBoxPath(const QVariant& Name, const QMap<QString, QStringList>& Groups);
|
||||||
|
void MakeBoxPath(const QVariant& Name, const QMap<QString, QStringList>& Groups, QList<QVariant>& Path);
|
||||||
|
|
||||||
//virtual QVariant GetDefaultIcon() const;
|
//virtual QVariant GetDefaultIcon() const;
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
#include "Views/SbieView.h"
|
#include "Views/SbieView.h"
|
||||||
#include "../MiscHelpers/Common/CheckableMessageBox.h"
|
#include "../MiscHelpers/Common/CheckableMessageBox.h"
|
||||||
#include <QWinEventNotifier>
|
#include <QWinEventNotifier>
|
||||||
#include "ApiLog.h"
|
//#include "ApiLog.h"
|
||||||
#include "./Dialogs/MultiErrorDialog.h"
|
#include "./Dialogs/MultiErrorDialog.h"
|
||||||
#include "../QSbieAPI/SbieUtils.h"
|
#include "../QSbieAPI/SbieUtils.h"
|
||||||
#include "../QSbieAPI/Sandboxie/BoxBorder.h"
|
#include "../QSbieAPI/Sandboxie/BoxBorder.h"
|
||||||
|
@ -89,6 +89,10 @@ CSandMan::CSandMan(QWidget *parent)
|
||||||
|
|
||||||
theGUI = this;
|
theGUI = this;
|
||||||
|
|
||||||
|
|
||||||
|
const char version[] = VERSION_STR;
|
||||||
|
|
||||||
|
|
||||||
QDesktopServices::setUrlHandler("http", this, "OpenUrl");
|
QDesktopServices::setUrlHandler("http", this, "OpenUrl");
|
||||||
QDesktopServices::setUrlHandler("https", this, "OpenUrl");
|
QDesktopServices::setUrlHandler("https", this, "OpenUrl");
|
||||||
QDesktopServices::setUrlHandler("sbie", this, "OpenUrl");
|
QDesktopServices::setUrlHandler("sbie", this, "OpenUrl");
|
||||||
|
@ -117,7 +121,7 @@ CSandMan::CSandMan(QWidget *parent)
|
||||||
|
|
||||||
m_SbieTemplates = new CSbieTemplates(theAPI, this);
|
m_SbieTemplates = new CSbieTemplates(theAPI, this);
|
||||||
|
|
||||||
m_ApiLog = NULL;
|
//m_ApiLog = NULL;
|
||||||
|
|
||||||
m_bConnectPending = false;
|
m_bConnectPending = false;
|
||||||
m_bStopPending = false;
|
m_bStopPending = false;
|
||||||
|
@ -184,17 +188,17 @@ CSandMan::CSandMan(QWidget *parent)
|
||||||
//
|
//
|
||||||
|
|
||||||
// Api Log
|
// Api Log
|
||||||
m_pApiMonModel = new CApiMonModel();
|
//m_pApiMonModel = new CApiMonModel();
|
||||||
//m_pApiMonModel->SetUseIcons(true);
|
////m_pApiMonModel->SetUseIcons(true);
|
||||||
|
//
|
||||||
m_pApiCallLog = new CPanelViewEx(m_pApiMonModel);
|
//m_pApiCallLog = new CPanelViewEx(m_pApiMonModel);
|
||||||
|
//
|
||||||
//m_pApiCallLog->GetView()->setItemDelegate(theGUI->GetItemDelegate());
|
////m_pApiCallLog->GetView()->setItemDelegate(theGUI->GetItemDelegate());
|
||||||
|
//
|
||||||
m_pApiCallLog->GetView()->setSelectionMode(QAbstractItemView::ExtendedSelection);
|
//m_pApiCallLog->GetView()->setSelectionMode(QAbstractItemView::ExtendedSelection);
|
||||||
|
//
|
||||||
m_pLogTabs->addTab(m_pApiCallLog, tr("Api Call Log"));
|
//m_pLogTabs->addTab(m_pApiCallLog, tr("Api Call Log"));
|
||||||
m_pApiCallLog->setEnabled(false);
|
//m_pApiCallLog->setEnabled(false);
|
||||||
//
|
//
|
||||||
|
|
||||||
|
|
||||||
|
@ -315,11 +319,11 @@ void CSandMan::LoadState()
|
||||||
((QTreeViewEx*)m_pResourceLog->GetView())->OnResetColumns();
|
((QTreeViewEx*)m_pResourceLog->GetView())->OnResetColumns();
|
||||||
else
|
else
|
||||||
((QTreeViewEx*)m_pResourceLog->GetView())->restoreState(Columns);
|
((QTreeViewEx*)m_pResourceLog->GetView())->restoreState(Columns);
|
||||||
Columns = theConf->GetBlob("MainWindow/ApiLogList_Columns");
|
//Columns = theConf->GetBlob("MainWindow/ApiLogList_Columns");
|
||||||
if (!Columns.isEmpty())
|
//if (!Columns.isEmpty())
|
||||||
((QTreeViewEx*)m_pApiCallLog->GetView())->OnResetColumns();
|
// ((QTreeViewEx*)m_pApiCallLog->GetView())->OnResetColumns();
|
||||||
else
|
//else
|
||||||
((QTreeViewEx*)m_pApiCallLog->GetView())->restoreState(Columns);
|
// ((QTreeViewEx*)m_pApiCallLog->GetView())->restoreState(Columns);
|
||||||
m_pLogSplitter->restoreState(theConf->GetBlob("MainWindow/Log_Splitter"));
|
m_pLogSplitter->restoreState(theConf->GetBlob("MainWindow/Log_Splitter"));
|
||||||
m_pPanelSplitter->restoreState(theConf->GetBlob("MainWindow/Panel_Splitter"));
|
m_pPanelSplitter->restoreState(theConf->GetBlob("MainWindow/Panel_Splitter"));
|
||||||
m_pLogTabs->setCurrentIndex(theConf->GetInt("MainWindow/LogTab", 0));
|
m_pLogTabs->setCurrentIndex(theConf->GetInt("MainWindow/LogTab", 0));
|
||||||
|
@ -331,7 +335,7 @@ void CSandMan::StoreState()
|
||||||
//theConf->SetBlob("MainWindow/BoxTree_Columns", m_pBoxTree->saveState());
|
//theConf->SetBlob("MainWindow/BoxTree_Columns", m_pBoxTree->saveState());
|
||||||
theConf->SetBlob("MainWindow/LogList_Columns", m_pMessageLog->GetView()->header()->saveState());
|
theConf->SetBlob("MainWindow/LogList_Columns", m_pMessageLog->GetView()->header()->saveState());
|
||||||
theConf->SetBlob("MainWindow/ResMonList_Columns", m_pResourceLog->GetView()->header()->saveState());
|
theConf->SetBlob("MainWindow/ResMonList_Columns", m_pResourceLog->GetView()->header()->saveState());
|
||||||
theConf->SetBlob("MainWindow/ApiLogList_Columns", m_pApiCallLog->GetView()->header()->saveState());
|
//theConf->SetBlob("MainWindow/ApiLogList_Columns", m_pApiCallLog->GetView()->header()->saveState());
|
||||||
theConf->SetBlob("MainWindow/Log_Splitter", m_pLogSplitter->saveState());
|
theConf->SetBlob("MainWindow/Log_Splitter", m_pLogSplitter->saveState());
|
||||||
theConf->SetBlob("MainWindow/Panel_Splitter", m_pPanelSplitter->saveState());
|
theConf->SetBlob("MainWindow/Panel_Splitter", m_pPanelSplitter->saveState());
|
||||||
theConf->SetValue("MainWindow/LogTab", m_pLogTabs->currentIndex());
|
theConf->SetValue("MainWindow/LogTab", m_pLogTabs->currentIndex());
|
||||||
|
@ -399,8 +403,9 @@ void CSandMan::CreateMenus()
|
||||||
m_pCleanUpProcesses = m_pCleanUpMenu->addAction(tr("Cleanup Processes"), this, SLOT(OnCleanUp()));
|
m_pCleanUpProcesses = m_pCleanUpMenu->addAction(tr("Cleanup Processes"), this, SLOT(OnCleanUp()));
|
||||||
m_pCleanUpMenu->addSeparator();
|
m_pCleanUpMenu->addSeparator();
|
||||||
m_pCleanUpMsgLog = m_pCleanUpMenu->addAction(tr("Cleanup Message Log"), this, SLOT(OnCleanUp()));
|
m_pCleanUpMsgLog = m_pCleanUpMenu->addAction(tr("Cleanup Message Log"), this, SLOT(OnCleanUp()));
|
||||||
m_pCleanUpResLog = m_pCleanUpMenu->addAction(tr("Cleanup Resource Log"), this, SLOT(OnCleanUp()));
|
m_pCleanUpTrace = m_pCleanUpMenu->addAction(tr("Cleanup Trace Log"), this, SLOT(OnCleanUp()));
|
||||||
m_pCleanUpApiLog = m_pCleanUpMenu->addAction(tr("Cleanup Api Call Log"), this, SLOT(OnCleanUp()));
|
//m_pCleanUpTrace = m_pCleanUpMenu->addAction(tr("Cleanup Resource Log"), this, SLOT(OnCleanUp()));
|
||||||
|
//m_pCleanUpApiLog = m_pCleanUpMenu->addAction(tr("Cleanup Api Call Log"), this, SLOT(OnCleanUp()));
|
||||||
|
|
||||||
m_pKeepTerminated = m_pMenuView->addAction(CSandMan::GetIcon("Keep"), tr("Keep terminated"), this, SLOT(OnSetKeep()));
|
m_pKeepTerminated = m_pMenuView->addAction(CSandMan::GetIcon("Keep"), tr("Keep terminated"), this, SLOT(OnSetKeep()));
|
||||||
m_pKeepTerminated->setCheckable(true);
|
m_pKeepTerminated->setCheckable(true);
|
||||||
|
@ -415,8 +420,8 @@ void CSandMan::CreateMenus()
|
||||||
m_pEnableMonitoring = m_pMenuOptions->addAction(CSandMan::GetIcon("SetLogging"), tr("Resource Logging"), this, SLOT(OnSetMonitoring()));
|
m_pEnableMonitoring = m_pMenuOptions->addAction(CSandMan::GetIcon("SetLogging"), tr("Resource Logging"), this, SLOT(OnSetMonitoring()));
|
||||||
m_pEnableMonitoring->setCheckable(true);
|
m_pEnableMonitoring->setCheckable(true);
|
||||||
m_pMenuOptions->addSeparator();
|
m_pMenuOptions->addSeparator();
|
||||||
m_pEnableLogging = m_pMenuOptions->addAction(CSandMan::GetIcon("LogAPI"), tr("API Call Logging"), this, SLOT(OnSetLogging()));
|
//m_pEnableLogging = m_pMenuOptions->addAction(CSandMan::GetIcon("LogAPI"), tr("API Call Logging"), this, SLOT(OnSetLogging()));
|
||||||
m_pEnableLogging->setCheckable(true);
|
//m_pEnableLogging->setCheckable(true);
|
||||||
|
|
||||||
|
|
||||||
m_pMenuHelp = menuBar()->addMenu(tr("&Help"));
|
m_pMenuHelp = menuBar()->addMenu(tr("&Help"));
|
||||||
|
@ -459,7 +464,7 @@ void CSandMan::CreateToolBar()
|
||||||
m_pToolBar->addAction(m_pEditIni);
|
m_pToolBar->addAction(m_pEditIni);
|
||||||
m_pToolBar->addSeparator();
|
m_pToolBar->addSeparator();
|
||||||
m_pToolBar->addAction(m_pEnableMonitoring);
|
m_pToolBar->addAction(m_pEnableMonitoring);
|
||||||
m_pToolBar->addAction(m_pEnableLogging);
|
//m_pToolBar->addAction(m_pEnableLogging);
|
||||||
m_pToolBar->addSeparator();
|
m_pToolBar->addSeparator();
|
||||||
|
|
||||||
|
|
||||||
|
@ -611,6 +616,8 @@ void CSandMan::timerEvent(QTimerEvent* pEvent)
|
||||||
if (pEvent->timerId() != m_uTimerID)
|
if (pEvent->timerId() != m_uTimerID)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
bool bForceProcessDisabled = false;
|
||||||
|
|
||||||
if (theAPI->IsConnected())
|
if (theAPI->IsConnected())
|
||||||
{
|
{
|
||||||
SB_STATUS Status = theAPI->ReloadBoxes();
|
SB_STATUS Status = theAPI->ReloadBoxes();
|
||||||
|
@ -622,14 +629,20 @@ void CSandMan::timerEvent(QTimerEvent* pEvent)
|
||||||
|
|
||||||
theAPI->UpdateProcesses(m_pKeepTerminated->isChecked());
|
theAPI->UpdateProcesses(m_pKeepTerminated->isChecked());
|
||||||
|
|
||||||
m_pDisableForce->setChecked(theAPI->AreForceProcessDisabled());
|
bForceProcessDisabled = theAPI->AreForceProcessDisabled();
|
||||||
m_pDisableForce2->setChecked(theAPI->AreForceProcessDisabled());
|
m_pDisableForce->setChecked(bForceProcessDisabled);
|
||||||
|
m_pDisableForce2->setChecked(bForceProcessDisabled);
|
||||||
|
|
||||||
|
|
||||||
|
bool bIsMonitoring = theAPI->IsMonitoring();
|
||||||
|
m_pResourceLog->setEnabled(bIsMonitoring);
|
||||||
|
m_pEnableMonitoring->setChecked(bIsMonitoring);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (m_bIconEmpty != (theAPI->TotalProcesses() == 0) || m_bIconDisabled != theAPI->AreForceProcessDisabled())
|
if (m_bIconEmpty != (theAPI->TotalProcesses() == 0) || m_bIconDisabled != bForceProcessDisabled)
|
||||||
{
|
{
|
||||||
m_bIconEmpty = (theAPI->TotalProcesses() == 0);
|
m_bIconEmpty = (theAPI->TotalProcesses() == 0);
|
||||||
m_bIconDisabled = theAPI->AreForceProcessDisabled();
|
m_bIconDisabled = bForceProcessDisabled;
|
||||||
|
|
||||||
QString IconFile = ":/SandMan";
|
QString IconFile = ":/SandMan";
|
||||||
if (m_bIconEmpty)
|
if (m_bIconEmpty)
|
||||||
|
@ -755,17 +768,18 @@ void CSandMan::OnSelectionChanged()
|
||||||
Processes.append(pBox->GetProcessList().values());
|
Processes.append(pBox->GetProcessList().values());
|
||||||
}*/
|
}*/
|
||||||
|
|
||||||
QSet<quint64> Pids;
|
//QSet<quint64> Pids;
|
||||||
foreach(const CBoxedProcessPtr& pProcess, Processes)
|
//foreach(const CBoxedProcessPtr& pProcess, Processes)
|
||||||
Pids.insert(pProcess->GetProcessId());
|
// Pids.insert(pProcess->GetProcessId());
|
||||||
|
|
||||||
QList<CResLogEntryPtr> ResourceLog = theAPI->GetResLog();
|
QList<CTraceEntryPtr> ResourceLog = theAPI->GetTrace();
|
||||||
m_pResMonModel->Sync(ResourceLog, Pids);
|
//m_pResMonModel->Sync(ResourceLog, Pids);
|
||||||
|
m_pResMonModel->Sync(ResourceLog);
|
||||||
|
|
||||||
if (m_ApiLog) {
|
//if (m_ApiLog) {
|
||||||
QList<CApiLogEntryPtr> ApiCallLog = m_ApiLog->GetApiLog();
|
// QList<CApiLogEntryPtr> ApiCallLog = m_ApiLog->GetApiLog();
|
||||||
m_pApiMonModel->Sync(ApiCallLog, Pids);
|
// m_pApiMonModel->Sync(ApiCallLog, Pids);
|
||||||
}
|
//}
|
||||||
}
|
}
|
||||||
|
|
||||||
void CSandMan::OnStatusChanged()
|
void CSandMan::OnStatusChanged()
|
||||||
|
@ -850,7 +864,7 @@ void CSandMan::OnStatusChanged()
|
||||||
m_pEditIni->setEnabled(isConnected);
|
m_pEditIni->setEnabled(isConnected);
|
||||||
m_pReloadIni->setEnabled(isConnected);
|
m_pReloadIni->setEnabled(isConnected);
|
||||||
m_pEnableMonitoring->setEnabled(isConnected);
|
m_pEnableMonitoring->setEnabled(isConnected);
|
||||||
m_pEnableLogging->setEnabled(isConnected);
|
//m_pEnableLogging->setEnabled(isConnected);
|
||||||
}
|
}
|
||||||
|
|
||||||
void CSandMan::OnMenuHover(QAction* action)
|
void CSandMan::OnMenuHover(QAction* action)
|
||||||
|
@ -1148,10 +1162,6 @@ SB_STATUS CSandMan::ConnectSbieImpl()
|
||||||
if (!Status)
|
if (!Status)
|
||||||
return Status;
|
return Status;
|
||||||
|
|
||||||
bool bIsMonitoring = theAPI->IsMonitoring();
|
|
||||||
m_pResourceLog->setEnabled(bIsMonitoring);
|
|
||||||
m_pEnableMonitoring->setChecked(bIsMonitoring);
|
|
||||||
|
|
||||||
return SB_OK;
|
return SB_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1275,11 +1285,11 @@ void CSandMan::OnCleanUp()
|
||||||
if (sender() == m_pCleanUpMsgLog || sender() == m_pCleanUpButton)
|
if (sender() == m_pCleanUpMsgLog || sender() == m_pCleanUpButton)
|
||||||
m_pMessageLog->GetTree()->clear();
|
m_pMessageLog->GetTree()->clear();
|
||||||
|
|
||||||
if (sender() == m_pCleanUpResLog || sender() == m_pCleanUpButton)
|
if (sender() == m_pCleanUpTrace || sender() == m_pCleanUpButton)
|
||||||
theAPI->ClearResLog();
|
theAPI->ClearTrace();
|
||||||
|
|
||||||
if (sender() == m_pCleanUpApiLog || sender() == m_pCleanUpButton)
|
//if (sender() == m_pCleanUpApiLog || sender() == m_pCleanUpButton)
|
||||||
if(m_ApiLog) m_ApiLog->ClearApiLog();
|
// if(m_ApiLog) m_ApiLog->ClearApiLog();
|
||||||
|
|
||||||
if (sender() == m_pCleanUpProcesses || sender() == m_pCleanUpButton)
|
if (sender() == m_pCleanUpProcesses || sender() == m_pCleanUpButton)
|
||||||
theAPI->UpdateProcesses(false);
|
theAPI->UpdateProcesses(false);
|
||||||
|
@ -1335,7 +1345,7 @@ void CSandMan::OnResetMsgs()
|
||||||
theConf->SetValue("Options/CheckForUpdates", 2);
|
theConf->SetValue("Options/CheckForUpdates", 2);
|
||||||
|
|
||||||
theConf->SetValue("Options/NoEditInfo", true);
|
theConf->SetValue("Options/NoEditInfo", true);
|
||||||
theConf->SetValue("Options/ApiLogInfo", true);
|
//theConf->SetValue("Options/ApiLogInfo", true);
|
||||||
|
|
||||||
theConf->SetValue("Options/BoxedExplorerInfo", true);
|
theConf->SetValue("Options/BoxedExplorerInfo", true);
|
||||||
theConf->SetValue("Options/ExplorerInfo", true);
|
theConf->SetValue("Options/ExplorerInfo", true);
|
||||||
|
@ -1415,40 +1425,40 @@ void CSandMan::OnSetMonitoring()
|
||||||
m_pResourceLog->setEnabled(m_pEnableMonitoring->isChecked());
|
m_pResourceLog->setEnabled(m_pEnableMonitoring->isChecked());
|
||||||
}
|
}
|
||||||
|
|
||||||
void CSandMan::OnSetLogging()
|
//void CSandMan::OnSetLogging()
|
||||||
{
|
//{
|
||||||
if (m_pEnableLogging->isChecked())
|
// if (m_pEnableLogging->isChecked())
|
||||||
{
|
// {
|
||||||
if (theConf->GetBool("Options/ApiLogInfo", true))
|
// if (theConf->GetBool("Options/ApiLogInfo", true))
|
||||||
{
|
// {
|
||||||
QString Message = tr("To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.\n"
|
// QString Message = tr("To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.\n"
|
||||||
"Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.");
|
// "Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.");
|
||||||
|
//
|
||||||
bool State = false;
|
// bool State = false;
|
||||||
CCheckableMessageBox::question(this, "Sandboxie-Plus", Message
|
// CCheckableMessageBox::question(this, "Sandboxie-Plus", Message
|
||||||
, tr("Don't show this message again."), &State, QDialogButtonBox::Ok, QDialogButtonBox::Ok, QMessageBox::Information);
|
// , tr("Don't show this message again."), &State, QDialogButtonBox::Ok, QDialogButtonBox::Ok, QMessageBox::Information);
|
||||||
|
//
|
||||||
if (State)
|
// if (State)
|
||||||
theConf->SetValue("Options/ApiLogInfo", false);
|
// theConf->SetValue("Options/ApiLogInfo", false);
|
||||||
}
|
// }
|
||||||
|
//
|
||||||
if (!m_pToolBar->isVisible())
|
// if (!m_pToolBar->isVisible())
|
||||||
m_pLogTabs->show();
|
// m_pLogTabs->show();
|
||||||
|
//
|
||||||
if (!m_ApiLog) {
|
// if (!m_ApiLog) {
|
||||||
m_ApiLog = new CApiLog();
|
// m_ApiLog = new CApiLog();
|
||||||
m_pApiCallLog->setEnabled(true);
|
// //m_pApiCallLog->setEnabled(true);
|
||||||
}
|
// }
|
||||||
}
|
// }
|
||||||
else
|
// else
|
||||||
{
|
// {
|
||||||
if (m_ApiLog) {
|
// if (m_ApiLog) {
|
||||||
m_pApiCallLog->setEnabled(false);
|
// //m_pApiCallLog->setEnabled(false);
|
||||||
m_ApiLog->deleteLater();
|
// m_ApiLog->deleteLater();
|
||||||
m_ApiLog = NULL;
|
// m_ApiLog = NULL;
|
||||||
}
|
// }
|
||||||
}
|
// }
|
||||||
}
|
//}
|
||||||
|
|
||||||
void CSandMan::AddAsyncOp(const CSbieProgressPtr& pProgress)
|
void CSandMan::AddAsyncOp(const CSbieProgressPtr& pProgress)
|
||||||
{
|
{
|
||||||
|
@ -1993,7 +2003,7 @@ void CSandMan::LoadLanguage()
|
||||||
m_LanguageId = LocaleNameToLCID(Lang.toStdWString().c_str(), 0);
|
m_LanguageId = LocaleNameToLCID(Lang.toStdWString().c_str(), 0);
|
||||||
|
|
||||||
QString LangAux = Lang; // Short version as fallback
|
QString LangAux = Lang; // Short version as fallback
|
||||||
LangAux.truncate(LangAux.lastIndexOf('_'));
|
LangAux.truncate(LangAux.lastIndexOf('-'));
|
||||||
|
|
||||||
QString LangPath = QApplication::applicationDirPath() + "/translations/sandman_";
|
QString LangPath = QApplication::applicationDirPath() + "/translations/sandman_";
|
||||||
bool bAux = false;
|
bool bAux = false;
|
||||||
|
|
|
@ -8,21 +8,18 @@
|
||||||
#include "../MiscHelpers/Common/ProgressDialog.h"
|
#include "../MiscHelpers/Common/ProgressDialog.h"
|
||||||
#include "../MiscHelpers/Common/NetworkAccessManager.h"
|
#include "../MiscHelpers/Common/NetworkAccessManager.h"
|
||||||
#include "Models/ResMonModel.h"
|
#include "Models/ResMonModel.h"
|
||||||
#include "Models/ApiMonModel.h"
|
//#include "Models/ApiMonModel.h"
|
||||||
#include <QTranslator>
|
#include <QTranslator>
|
||||||
#include "Windows/PopUpWindow.h"
|
#include "Windows/PopUpWindow.h"
|
||||||
|
|
||||||
#define VERSION_MJR 0
|
#include "../version.h"
|
||||||
#define VERSION_MIN 6
|
|
||||||
#define VERSION_REV 7
|
|
||||||
#define VERSION_UPD 0
|
|
||||||
|
|
||||||
|
|
||||||
//#include "../QSbieAPI/SbieAPI.h"
|
//#include "../QSbieAPI/SbieAPI.h"
|
||||||
#include "SbiePlusAPI.h"
|
#include "SbiePlusAPI.h"
|
||||||
|
|
||||||
class CSbieView;
|
class CSbieView;
|
||||||
class CApiLog;
|
//class CApiLog;
|
||||||
class CBoxBorder;
|
class CBoxBorder;
|
||||||
class CSbieTemplates;
|
class CSbieTemplates;
|
||||||
|
|
||||||
|
@ -70,7 +67,7 @@ protected:
|
||||||
CBoxBorder* m_pBoxBorder;
|
CBoxBorder* m_pBoxBorder;
|
||||||
CSbieTemplates* m_SbieTemplates;
|
CSbieTemplates* m_SbieTemplates;
|
||||||
|
|
||||||
CApiLog* m_ApiLog;
|
//CApiLog* m_ApiLog;
|
||||||
|
|
||||||
QMap<CSbieProgress*, CSbieProgressPtr> m_pAsyncProgress;
|
QMap<CSbieProgress*, CSbieProgressPtr> m_pAsyncProgress;
|
||||||
|
|
||||||
|
@ -132,7 +129,7 @@ private slots:
|
||||||
void OnEditIni();
|
void OnEditIni();
|
||||||
void OnReloadIni();
|
void OnReloadIni();
|
||||||
void OnSetMonitoring();
|
void OnSetMonitoring();
|
||||||
void OnSetLogging();
|
//void OnSetLogging();
|
||||||
|
|
||||||
void OnExit();
|
void OnExit();
|
||||||
void OnHelp();
|
void OnHelp();
|
||||||
|
@ -171,8 +168,8 @@ private:
|
||||||
CPanelWidgetEx* m_pMessageLog;
|
CPanelWidgetEx* m_pMessageLog;
|
||||||
CPanelViewEx* m_pResourceLog;
|
CPanelViewEx* m_pResourceLog;
|
||||||
CResMonModel* m_pResMonModel;
|
CResMonModel* m_pResMonModel;
|
||||||
CPanelViewEx* m_pApiCallLog;
|
//CPanelViewEx* m_pApiCallLog;
|
||||||
CApiMonModel* m_pApiMonModel;
|
//CApiMonModel* m_pApiMonModel;
|
||||||
|
|
||||||
|
|
||||||
QMenu* m_pMenuFile;
|
QMenu* m_pMenuFile;
|
||||||
|
@ -204,8 +201,8 @@ private:
|
||||||
QMenu* m_pCleanUpMenu;
|
QMenu* m_pCleanUpMenu;
|
||||||
QAction* m_pCleanUpProcesses;
|
QAction* m_pCleanUpProcesses;
|
||||||
QAction* m_pCleanUpMsgLog;
|
QAction* m_pCleanUpMsgLog;
|
||||||
QAction* m_pCleanUpResLog;
|
QAction* m_pCleanUpTrace;
|
||||||
QAction* m_pCleanUpApiLog;
|
//QAction* m_pCleanUpApiLog;
|
||||||
QToolButton* m_pCleanUpButton;
|
QToolButton* m_pCleanUpButton;
|
||||||
QAction* m_pKeepTerminated;
|
QAction* m_pKeepTerminated;
|
||||||
|
|
||||||
|
@ -215,7 +212,7 @@ private:
|
||||||
QAction* m_pEditIni;
|
QAction* m_pEditIni;
|
||||||
QAction* m_pReloadIni;
|
QAction* m_pReloadIni;
|
||||||
QAction* m_pEnableMonitoring;
|
QAction* m_pEnableMonitoring;
|
||||||
QAction* m_pEnableLogging;
|
//QAction* m_pEnableLogging;
|
||||||
|
|
||||||
QMenu* m_pMenuHelp;
|
QMenu* m_pMenuHelp;
|
||||||
QAction* m_pSupport;
|
QAction* m_pSupport;
|
||||||
|
|
|
@ -5,11 +5,9 @@
|
||||||
|
|
||||||
HEADERS += ./stdafx.h \
|
HEADERS += ./stdafx.h \
|
||||||
./SandMan.h \
|
./SandMan.h \
|
||||||
./ApiLog.h \
|
|
||||||
./SbiePlusAPI.h \
|
./SbiePlusAPI.h \
|
||||||
./Models/SbieModel.h \
|
./Models/SbieModel.h \
|
||||||
./Models/ResMonModel.h \
|
./Models/ResMonModel.h \
|
||||||
./Models/ApiMonModel.h \
|
|
||||||
./Views/SbieView.h \
|
./Views/SbieView.h \
|
||||||
./Dialogs/MultiErrorDialog.h \
|
./Dialogs/MultiErrorDialog.h \
|
||||||
./Helpers/FindTool.h \
|
./Helpers/FindTool.h \
|
||||||
|
@ -23,10 +21,8 @@ HEADERS += ./stdafx.h \
|
||||||
|
|
||||||
SOURCES += ./main.cpp \
|
SOURCES += ./main.cpp \
|
||||||
./stdafx.cpp \
|
./stdafx.cpp \
|
||||||
./ApiLog.cpp \
|
|
||||||
./SandMan.cpp \
|
./SandMan.cpp \
|
||||||
./SbiePlusAPI.cpp \
|
./SbiePlusAPI.cpp \
|
||||||
./Models/ApiMonModel.cpp \
|
|
||||||
./Models/ResMonModel.cpp \
|
./Models/ResMonModel.cpp \
|
||||||
./Models/SbieModel.cpp \
|
./Models/SbieModel.cpp \
|
||||||
./Views/SbieView.cpp \
|
./Views/SbieView.cpp \
|
||||||
|
@ -48,11 +44,12 @@ FORMS += ./Forms/NewBoxWindow.ui \
|
||||||
./Forms/SettingsWindow.ui \
|
./Forms/SettingsWindow.ui \
|
||||||
./Forms/SnapshotsWindow.ui
|
./Forms/SnapshotsWindow.ui
|
||||||
|
|
||||||
TRANSLATIONS += ./sandman_de.ts \
|
TRANSLATIONS += sandman_de.ts \
|
||||||
./sandman_pt.ts \
|
sandman_pt.ts \
|
||||||
./sandman_ru.ts \
|
sandman_ru.ts \
|
||||||
./sandman_tr.ts \
|
sandman_pl.ts \
|
||||||
./sandman_zh.ts \
|
sandman_tr.ts \
|
||||||
./sandman_zh-TW.ts
|
sandman_zh-CN.ts \
|
||||||
|
sandman_zh-TW.ts
|
||||||
|
|
||||||
RESOURCES += Resources/SandMan.qrc
|
RESOURCES += Resources/SandMan.qrc
|
||||||
|
|
|
@ -34,12 +34,7 @@ RCC_DIR += .
|
||||||
|
|
||||||
|
|
||||||
include(SandMan.pri)
|
include(SandMan.pri)
|
||||||
|
|
||||||
win32:RC_FILE = SandMan.rc
|
win32:RC_FILE = SandMan.rc
|
||||||
|
|
||||||
TRANSLATIONS += sandman_de.ts \
|
|
||||||
sandman_pt.ts \
|
|
||||||
sandman_ru.ts \
|
|
||||||
sandman_pl.ts \
|
|
||||||
sandman_tr.ts \
|
|
||||||
sandman_zh.ts \
|
|
||||||
sandman_zh-TW.ts
|
|
||||||
|
|
|
@ -6,6 +6,8 @@
|
||||||
|
|
||||||
#include "winres.h"
|
#include "winres.h"
|
||||||
|
|
||||||
|
#include "../version.h"
|
||||||
|
|
||||||
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_DEA)
|
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_DEA)
|
||||||
LANGUAGE LANG_GERMAN, SUBLANG_GERMAN_AUSTRIAN
|
LANGUAGE LANG_GERMAN, SUBLANG_GERMAN_AUSTRIAN
|
||||||
#pragma code_page(1252)
|
#pragma code_page(1252)
|
||||||
|
@ -69,8 +71,8 @@ FINDER_CURSOR CURSOR "./resources/finder.cur"
|
||||||
//
|
//
|
||||||
|
|
||||||
VS_VERSION_INFO VERSIONINFO
|
VS_VERSION_INFO VERSIONINFO
|
||||||
FILEVERSION 0,6,5,0
|
FILEVERSION VERSION_BIN
|
||||||
PRODUCTVERSION 0,6,5,0
|
PRODUCTVERSION VERSION_BIN
|
||||||
FILEFLAGSMASK 0x3fL
|
FILEFLAGSMASK 0x3fL
|
||||||
#ifdef _DEBUG
|
#ifdef _DEBUG
|
||||||
FILEFLAGS 0x1L
|
FILEFLAGS 0x1L
|
||||||
|
@ -85,14 +87,14 @@ BEGIN
|
||||||
BEGIN
|
BEGIN
|
||||||
BLOCK "0c0704b0"
|
BLOCK "0c0704b0"
|
||||||
BEGIN
|
BEGIN
|
||||||
//VALUE "CompanyName", "xanasoft.net"
|
VALUE "CompanyName", MY_COMPANY_NAME_STRING
|
||||||
VALUE "FileDescription", "SandBox Manager"
|
VALUE "FileDescription", "SandBox Manager"
|
||||||
VALUE "FileVersion", "0.6.5.0"
|
VALUE "FileVersion", VERSION_STR
|
||||||
VALUE "InternalName", "SandMan.exe"
|
VALUE "InternalName", "SandMan.exe"
|
||||||
VALUE "LegalCopyright", "Copyright (C) 2020-2021 by David Xanatos (xanasoft.com)"
|
VALUE "LegalCopyright", MY_COPYRIGHT_STRING
|
||||||
VALUE "OriginalFilename", "SandMan.exe"
|
VALUE "OriginalFilename", "SandMan.exe"
|
||||||
VALUE "ProductName", "SandBox Manager"
|
VALUE "ProductName", MY_PRODUCT_NAME_STRING
|
||||||
VALUE "ProductVersion", "0.6.5.0"
|
VALUE "ProductVersion", VERSION_STR
|
||||||
END
|
END
|
||||||
END
|
END
|
||||||
BLOCK "VarFileInfo"
|
BLOCK "VarFileInfo"
|
||||||
|
|
|
@ -195,13 +195,11 @@
|
||||||
</Link>
|
</Link>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<ClCompile Include="ApiLog.cpp" />
|
|
||||||
<ClCompile Include="Dialogs\MultiErrorDialog.cpp" />
|
<ClCompile Include="Dialogs\MultiErrorDialog.cpp" />
|
||||||
<ClCompile Include="Helpers\FindTool.cpp" />
|
<ClCompile Include="Helpers\FindTool.cpp" />
|
||||||
<ClCompile Include="Helpers\WinAdmin.cpp" />
|
<ClCompile Include="Helpers\WinAdmin.cpp" />
|
||||||
<ClCompile Include="Helpers\WindowFromPointEx.cpp" />
|
<ClCompile Include="Helpers\WindowFromPointEx.cpp" />
|
||||||
<ClCompile Include="main.cpp" />
|
<ClCompile Include="main.cpp" />
|
||||||
<ClCompile Include="Models\ApiMonModel.cpp" />
|
|
||||||
<ClCompile Include="Models\ResMonModel.cpp" />
|
<ClCompile Include="Models\ResMonModel.cpp" />
|
||||||
<ClCompile Include="Models\SbieModel.cpp" />
|
<ClCompile Include="Models\SbieModel.cpp" />
|
||||||
<ClCompile Include="SandMan.cpp" />
|
<ClCompile Include="SandMan.cpp" />
|
||||||
|
@ -231,9 +229,7 @@
|
||||||
<QtMoc Include="SandMan.h" />
|
<QtMoc Include="SandMan.h" />
|
||||||
<QtMoc Include="Models\SbieModel.h" />
|
<QtMoc Include="Models\SbieModel.h" />
|
||||||
<QtMoc Include="Models\ResMonModel.h" />
|
<QtMoc Include="Models\ResMonModel.h" />
|
||||||
<QtMoc Include="ApiLog.h" />
|
|
||||||
<QtMoc Include="Dialogs\MultiErrorDialog.h" />
|
<QtMoc Include="Dialogs\MultiErrorDialog.h" />
|
||||||
<QtMoc Include="Models\ApiMonModel.h" />
|
|
||||||
<ClInclude Include="Helpers\FindTool.h" />
|
<ClInclude Include="Helpers\FindTool.h" />
|
||||||
<ClInclude Include="Helpers\WinAdmin.h" />
|
<ClInclude Include="Helpers\WinAdmin.h" />
|
||||||
<ClInclude Include="resource.h" />
|
<ClInclude Include="resource.h" />
|
||||||
|
@ -264,7 +260,7 @@
|
||||||
<None Include="sandman_ru.ts" />
|
<None Include="sandman_ru.ts" />
|
||||||
<None Include="sandman_tr.ts" />
|
<None Include="sandman_tr.ts" />
|
||||||
<None Include="sandman_zh-TW.ts" />
|
<None Include="sandman_zh-TW.ts" />
|
||||||
<None Include="sandman_zh.ts" />
|
<None Include="sandman_zh-CN.ts" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<ResourceCompile Include="SandMan.rc" />
|
<ResourceCompile Include="SandMan.rc" />
|
||||||
|
|
|
@ -66,18 +66,12 @@
|
||||||
<ClCompile Include="Models\ResMonModel.cpp">
|
<ClCompile Include="Models\ResMonModel.cpp">
|
||||||
<Filter>Models</Filter>
|
<Filter>Models</Filter>
|
||||||
</ClCompile>
|
</ClCompile>
|
||||||
<ClCompile Include="ApiLog.cpp">
|
|
||||||
<Filter>SandMan</Filter>
|
|
||||||
</ClCompile>
|
|
||||||
<ClCompile Include="Dialogs\MultiErrorDialog.cpp">
|
<ClCompile Include="Dialogs\MultiErrorDialog.cpp">
|
||||||
<Filter>Dialogs</Filter>
|
<Filter>Dialogs</Filter>
|
||||||
</ClCompile>
|
</ClCompile>
|
||||||
<ClCompile Include="SbiePlusAPI.cpp">
|
<ClCompile Include="SbiePlusAPI.cpp">
|
||||||
<Filter>SandMan</Filter>
|
<Filter>SandMan</Filter>
|
||||||
</ClCompile>
|
</ClCompile>
|
||||||
<ClCompile Include="Models\ApiMonModel.cpp">
|
|
||||||
<Filter>Models</Filter>
|
|
||||||
</ClCompile>
|
|
||||||
<ClCompile Include="Helpers\WinAdmin.cpp">
|
<ClCompile Include="Helpers\WinAdmin.cpp">
|
||||||
<Filter>Helpers</Filter>
|
<Filter>Helpers</Filter>
|
||||||
</ClCompile>
|
</ClCompile>
|
||||||
|
@ -133,18 +127,12 @@
|
||||||
<QtMoc Include="Models\ResMonModel.h">
|
<QtMoc Include="Models\ResMonModel.h">
|
||||||
<Filter>Models</Filter>
|
<Filter>Models</Filter>
|
||||||
</QtMoc>
|
</QtMoc>
|
||||||
<QtMoc Include="ApiLog.h">
|
|
||||||
<Filter>SandMan</Filter>
|
|
||||||
</QtMoc>
|
|
||||||
<QtMoc Include="Dialogs\MultiErrorDialog.h">
|
<QtMoc Include="Dialogs\MultiErrorDialog.h">
|
||||||
<Filter>Dialogs</Filter>
|
<Filter>Dialogs</Filter>
|
||||||
</QtMoc>
|
</QtMoc>
|
||||||
<QtMoc Include="SbiePlusAPI.h">
|
<QtMoc Include="SbiePlusAPI.h">
|
||||||
<Filter>SandMan</Filter>
|
<Filter>SandMan</Filter>
|
||||||
</QtMoc>
|
</QtMoc>
|
||||||
<QtMoc Include="Models\ApiMonModel.h">
|
|
||||||
<Filter>Models</Filter>
|
|
||||||
</QtMoc>
|
|
||||||
<QtMoc Include="Windows\OptionsWindow.h">
|
<QtMoc Include="Windows\OptionsWindow.h">
|
||||||
<Filter>Windows</Filter>
|
<Filter>Windows</Filter>
|
||||||
</QtMoc>
|
</QtMoc>
|
||||||
|
@ -210,9 +198,6 @@
|
||||||
<None Include="sandman_ru.ts">
|
<None Include="sandman_ru.ts">
|
||||||
<Filter>Translation Files</Filter>
|
<Filter>Translation Files</Filter>
|
||||||
</None>
|
</None>
|
||||||
<None Include="sandman_zh.ts">
|
|
||||||
<Filter>Translation Files</Filter>
|
|
||||||
</None>
|
|
||||||
<None Include="Resources\finder.cur">
|
<None Include="Resources\finder.cur">
|
||||||
<Filter>Resource Files</Filter>
|
<Filter>Resource Files</Filter>
|
||||||
</None>
|
</None>
|
||||||
|
@ -225,6 +210,9 @@
|
||||||
<None Include="sandman_pl.ts">
|
<None Include="sandman_pl.ts">
|
||||||
<Filter>Translation Files</Filter>
|
<Filter>Translation Files</Filter>
|
||||||
</None>
|
</None>
|
||||||
|
<None Include="sandman_zh-CN.ts">
|
||||||
|
<Filter>Translation Files</Filter>
|
||||||
|
</None>
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<ResourceCompile Include="SandMan.rc">
|
<ResourceCompile Include="SandMan.rc">
|
||||||
|
|
|
@ -89,7 +89,16 @@ CSandBoxPlus::~CSandBoxPlus()
|
||||||
|
|
||||||
void CSandBoxPlus::UpdateDetails()
|
void CSandBoxPlus::UpdateDetails()
|
||||||
{
|
{
|
||||||
m_bLogApiFound = GetTextList("OpenPipePath", false).contains("\\Device\\NamedPipe\\LogAPI");
|
//m_bLogApiFound = GetTextList("OpenPipePath", false).contains("\\Device\\NamedPipe\\LogAPI");
|
||||||
|
m_bLogApiFound = false;
|
||||||
|
QStringList InjectDlls = GetTextList("InjectDll", false);
|
||||||
|
foreach(const QString & InjectDll, InjectDlls)
|
||||||
|
{
|
||||||
|
if (InjectDll.contains("logapi", Qt::CaseInsensitive)) {
|
||||||
|
m_bLogApiFound = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
m_bINetBlocked = false;
|
m_bINetBlocked = false;
|
||||||
foreach(const QString& Entry, GetTextList("ClosedFilePath", false))
|
foreach(const QString& Entry, GetTextList("ClosedFilePath", false))
|
||||||
|
@ -132,6 +141,9 @@ QString CSandBoxPlus::GetStatusStr() const
|
||||||
|
|
||||||
QStringList Status;
|
QStringList Status;
|
||||||
|
|
||||||
|
if (IsEmpty())
|
||||||
|
Status.append(tr("Empty"));
|
||||||
|
|
||||||
if (m_iUnsecureDebugging == 1)
|
if (m_iUnsecureDebugging == 1)
|
||||||
Status.append(tr("NOT SECURE (Debug Config)"));
|
Status.append(tr("NOT SECURE (Debug Config)"));
|
||||||
else if (m_iUnsecureDebugging == 2)
|
else if (m_iUnsecureDebugging == 2)
|
||||||
|
@ -168,13 +180,13 @@ void CSandBoxPlus::SetLogApi(bool bEnable)
|
||||||
{
|
{
|
||||||
if (bEnable)
|
if (bEnable)
|
||||||
{
|
{
|
||||||
InsertText("OpenPipePath", "\\Device\\NamedPipe\\LogAPI");
|
//InsertText("OpenPipePath", "\\Device\\NamedPipe\\LogAPI");
|
||||||
InsertText("InjectDll", "\\LogAPI\\logapi32.dll");
|
InsertText("InjectDll", "\\LogAPI\\logapi32.dll");
|
||||||
InsertText("InjectDll64", "\\LogAPI\\logapi64.dll");
|
InsertText("InjectDll64", "\\LogAPI\\logapi64.dll");
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
DelValue("OpenPipePath", "\\Device\\NamedPipe\\LogAPI");
|
//DelValue("OpenPipePath", "\\Device\\NamedPipe\\LogAPI");
|
||||||
DelValue("InjectDll", "\\LogAPI\\logapi32.dll");
|
DelValue("InjectDll", "\\LogAPI\\logapi32.dll");
|
||||||
DelValue("InjectDll64", "\\LogAPI\\logapi64.dll");
|
DelValue("InjectDll64", "\\LogAPI\\logapi64.dll");
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,6 +39,7 @@ CSbieView::CSbieView(QWidget* parent) : CPanelView(parent)
|
||||||
//m_pSbieTree->setItemDelegate(theGUI->GetItemDelegate());
|
//m_pSbieTree->setItemDelegate(theGUI->GetItemDelegate());
|
||||||
|
|
||||||
m_pSbieTree->setModel(m_pSortProxy);
|
m_pSbieTree->setModel(m_pSortProxy);
|
||||||
|
((CSortFilterProxyModel*)m_pSortProxy)->setView(m_pSbieTree);
|
||||||
|
|
||||||
m_pSbieTree->setSelectionMode(QAbstractItemView::ExtendedSelection);
|
m_pSbieTree->setSelectionMode(QAbstractItemView::ExtendedSelection);
|
||||||
m_pSbieTree->setSortingEnabled(true);
|
m_pSbieTree->setSortingEnabled(true);
|
||||||
|
@ -71,6 +72,7 @@ CSbieView::CSbieView(QWidget* parent) : CPanelView(parent)
|
||||||
m_pMenuRunMailer = m_pMenuRun->addAction(CSandMan::GetIcon("Email"), tr("Run eMail Client"), this, SLOT(OnSandBoxAction()));
|
m_pMenuRunMailer = m_pMenuRun->addAction(CSandMan::GetIcon("Email"), tr("Run eMail Client"), this, SLOT(OnSandBoxAction()));
|
||||||
m_pMenuRunExplorer = m_pMenuRun->addAction(CSandMan::GetIcon("Explore"), tr("Run Explorer"), this, SLOT(OnSandBoxAction()));
|
m_pMenuRunExplorer = m_pMenuRun->addAction(CSandMan::GetIcon("Explore"), tr("Run Explorer"), this, SLOT(OnSandBoxAction()));
|
||||||
m_pMenuRunCmd = m_pMenuRun->addAction(CSandMan::GetIcon("Cmd"), tr("Run Cmd.exe"), this, SLOT(OnSandBoxAction()));
|
m_pMenuRunCmd = m_pMenuRun->addAction(CSandMan::GetIcon("Cmd"), tr("Run Cmd.exe"), this, SLOT(OnSandBoxAction()));
|
||||||
|
m_pMenuRunCmdAdmin = m_pMenuRun->addAction(CSandMan::GetIcon("Cmd"), tr("Run Cmd.exe as Admin"), this, SLOT(OnSandBoxAction()));
|
||||||
m_pMenuRun->addSeparator();
|
m_pMenuRun->addSeparator();
|
||||||
m_iMenuRun = m_pMenuRun->actions().count();
|
m_iMenuRun = m_pMenuRun->actions().count();
|
||||||
m_pMenuEmptyBox = m_pMenu->addAction(CSandMan::GetIcon("EmptyAll"), tr("Terminate All Programs"), this, SLOT(OnSandBoxAction()));
|
m_pMenuEmptyBox = m_pMenu->addAction(CSandMan::GetIcon("EmptyAll"), tr("Terminate All Programs"), this, SLOT(OnSandBoxAction()));
|
||||||
|
@ -377,6 +379,26 @@ QString CSbieView__SerializeGroup(QMap<QString, QStringList>& m_Groups, const QS
|
||||||
return Grouping.join(",");
|
return Grouping.join(",");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
QString CSbieView::FindParent(const QString& Name)
|
||||||
|
{
|
||||||
|
for (auto I = m_Groups.begin(); I != m_Groups.end(); ++I)
|
||||||
|
{
|
||||||
|
if (I.value().contains(Name, Qt::CaseInsensitive))
|
||||||
|
return I.key();
|
||||||
|
}
|
||||||
|
return QString();
|
||||||
|
}
|
||||||
|
|
||||||
|
bool CSbieView::IsParentOf(const QString& Name, const QString& Group)
|
||||||
|
{
|
||||||
|
QString Parent = FindParent(Group);
|
||||||
|
if (Parent == Name)
|
||||||
|
return true;
|
||||||
|
if (Parent.isEmpty())
|
||||||
|
return false;
|
||||||
|
return IsParentOf(Name, Parent);
|
||||||
|
}
|
||||||
|
|
||||||
void CSbieView::OnGroupAction()
|
void CSbieView::OnGroupAction()
|
||||||
{
|
{
|
||||||
QAction* Action = qobject_cast<QAction*>(sender());
|
QAction* Action = qobject_cast<QAction*>(sender());
|
||||||
|
@ -453,7 +475,7 @@ void CSbieView::OnGroupAction()
|
||||||
if (Name.isEmpty())
|
if (Name.isEmpty())
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (Name == Group || m_Groups.value(Name).contains(Group)) {
|
if (Name == Group || IsParentOf(Name, Group)) {
|
||||||
QMessageBox("Sandboxie-Plus", tr("A group can not be its own parent."), QMessageBox::Critical, QMessageBox::Ok, QMessageBox::NoButton, QMessageBox::NoButton, this).exec();
|
QMessageBox("Sandboxie-Plus", tr("A group can not be its own parent."), QMessageBox::Critical, QMessageBox::Ok, QMessageBox::NoButton, QMessageBox::NoButton, this).exec();
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
@ -528,6 +550,8 @@ void CSbieView::OnSandBoxAction()
|
||||||
}
|
}
|
||||||
else if (Action == m_pMenuRunCmd)
|
else if (Action == m_pMenuRunCmd)
|
||||||
Results.append(SandBoxes.first()->RunStart("cmd.exe"));
|
Results.append(SandBoxes.first()->RunStart("cmd.exe"));
|
||||||
|
else if (Action == m_pMenuRunCmdAdmin)
|
||||||
|
Results.append(SandBoxes.first()->RunStart("cmd.exe", true));
|
||||||
else if (Action == m_pMenuPresetsLogApi)
|
else if (Action == m_pMenuPresetsLogApi)
|
||||||
SandBoxes.first().objectCast<CSandBoxPlus>()->SetLogApi(m_pMenuPresetsLogApi->isChecked());
|
SandBoxes.first().objectCast<CSandBoxPlus>()->SetLogApi(m_pMenuPresetsLogApi->isChecked());
|
||||||
else if (Action == m_pMenuPresetsINet)
|
else if (Action == m_pMenuPresetsINet)
|
||||||
|
|
|
@ -51,6 +51,9 @@ private:
|
||||||
|
|
||||||
void UpdateGroupMenu();
|
void UpdateGroupMenu();
|
||||||
|
|
||||||
|
QString FindParent(const QString& Name);
|
||||||
|
bool IsParentOf(const QString& Name, const QString& Group);
|
||||||
|
|
||||||
QVBoxLayout* m_pMainLayout;
|
QVBoxLayout* m_pMainLayout;
|
||||||
|
|
||||||
QTreeViewEx* m_pSbieTree;
|
QTreeViewEx* m_pSbieTree;
|
||||||
|
@ -68,6 +71,7 @@ private:
|
||||||
QAction* m_pMenuRunMailer;
|
QAction* m_pMenuRunMailer;
|
||||||
QAction* m_pMenuRunExplorer;
|
QAction* m_pMenuRunExplorer;
|
||||||
QAction* m_pMenuRunCmd;
|
QAction* m_pMenuRunCmd;
|
||||||
|
QAction* m_pMenuRunCmdAdmin;
|
||||||
QAction* m_pMenuMkLink;
|
QAction* m_pMenuMkLink;
|
||||||
QMenu* m_pMenuPresets;
|
QMenu* m_pMenuPresets;
|
||||||
QAction* m_pMenuPresetsLogApi;
|
QAction* m_pMenuPresetsLogApi;
|
||||||
|
|
|
@ -276,6 +276,7 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
|
||||||
connect(ui.chkGuiTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
|
connect(ui.chkGuiTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
|
||||||
connect(ui.chkComTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
|
connect(ui.chkComTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
|
||||||
connect(ui.chkDbgTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
|
connect(ui.chkDbgTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
|
||||||
|
connect(ui.chkErrTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
|
||||||
|
|
||||||
connect(ui.btnAddAutoExec, SIGNAL(clicked(bool)), this, SLOT(OnAddAutoExec()));
|
connect(ui.btnAddAutoExec, SIGNAL(clicked(bool)), this, SLOT(OnAddAutoExec()));
|
||||||
connect(ui.btnDelAutoExec, SIGNAL(clicked(bool)), this, SLOT(OnDelAutoExec()));
|
connect(ui.btnDelAutoExec, SIGNAL(clicked(bool)), this, SLOT(OnDelAutoExec()));
|
||||||
|
@ -512,6 +513,7 @@ void COptionsWindow::LoadConfig()
|
||||||
ReadAdvancedCheck("GuiTrace", ui.chkGuiTrace, "*");
|
ReadAdvancedCheck("GuiTrace", ui.chkGuiTrace, "*");
|
||||||
ReadAdvancedCheck("ClsidTrace", ui.chkComTrace, "*");
|
ReadAdvancedCheck("ClsidTrace", ui.chkComTrace, "*");
|
||||||
ui.chkDbgTrace->setChecked(m_pBox->GetBool("DebugTrace", false));
|
ui.chkDbgTrace->setChecked(m_pBox->GetBool("DebugTrace", false));
|
||||||
|
ui.chkErrTrace->setChecked(m_pBox->GetBool("ErrorTrace", false));
|
||||||
|
|
||||||
ui.chkHideOtherBoxes->setChecked(m_pBox->GetBool("HideOtherBoxes", false));
|
ui.chkHideOtherBoxes->setChecked(m_pBox->GetBool("HideOtherBoxes", false));
|
||||||
QStringList Processes = m_pBox->GetTextList("HideHostProcess", m_Template);
|
QStringList Processes = m_pBox->GetTextList("HideHostProcess", m_Template);
|
||||||
|
@ -679,6 +681,7 @@ void COptionsWindow::SaveConfig()
|
||||||
WriteAdvancedCheck(ui.chkGuiTrace, "GuiTrace", "*");
|
WriteAdvancedCheck(ui.chkGuiTrace, "GuiTrace", "*");
|
||||||
WriteAdvancedCheck(ui.chkComTrace, "ClsidTrace", "*");
|
WriteAdvancedCheck(ui.chkComTrace, "ClsidTrace", "*");
|
||||||
WriteAdvancedCheck(ui.chkDbgTrace, "DebugTrace", "y");
|
WriteAdvancedCheck(ui.chkDbgTrace, "DebugTrace", "y");
|
||||||
|
WriteAdvancedCheck(ui.chkErrTrace, "ErrorTrace", "y");
|
||||||
|
|
||||||
WriteAdvancedCheck(ui.chkHideOtherBoxes, "HideOtherBoxes");
|
WriteAdvancedCheck(ui.chkHideOtherBoxes, "HideOtherBoxes");
|
||||||
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -5,15 +5,15 @@
|
||||||
<name>CApiMonModel</name>
|
<name>CApiMonModel</name>
|
||||||
<message>
|
<message>
|
||||||
<source>Message</source>
|
<source>Message</source>
|
||||||
<translation>Сообщение</translation>
|
<translation type="vanished">Сообщение</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Time Stamp</source>
|
<source>Time Stamp</source>
|
||||||
<translation>Временная метка</translation>
|
<translation type="vanished">Временная метка</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Process</source>
|
<source>Process</source>
|
||||||
<translation>Процесс</translation>
|
<translation type="vanished">Процесс</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -235,51 +235,51 @@
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Direct</source>
|
<source>Direct</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Прямой</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Direct All</source>
|
<source>Direct All</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Прямой для всех</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Closed</source>
|
<source>Closed</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Закрытый</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Closed RT</source>
|
<source>Closed RT</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Закрытый RT</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Read Only</source>
|
<source>Read Only</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Только чтение</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Hidden</source>
|
<source>Hidden</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Скрытый</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Unknown</source>
|
<source>Unknown</source>
|
||||||
<translation type="unfinished">Неизвестно</translation>
|
<translation>Неизвестно</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>File/Folder</source>
|
<source>File/Folder</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Файл/Папка</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Registry</source>
|
<source>Registry</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Реестр</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>IPC Path</source>
|
<source>IPC Path</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Путь IPC</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Wnd Class</source>
|
<source>Wnd Class</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Wnd класс</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>COM Object</source>
|
<source>COM Object</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>COM объект</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -569,6 +569,10 @@ Full path: %4</source>
|
||||||
<source>Disabled</source>
|
<source>Disabled</source>
|
||||||
<translation>Отключено</translation>
|
<translation>Отключено</translation>
|
||||||
</message>
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Empty</source>
|
||||||
|
<translation type="unfinished"></translation>
|
||||||
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
<name>CSandMan</name>
|
<name>CSandMan</name>
|
||||||
|
@ -646,7 +650,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Api Call Log</source>
|
<source>Cleanup Api Call Log</source>
|
||||||
<translation>Очистить журнал вызовов API</translation>
|
<translation type="vanished">Очистить журнал вызовов API</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Simple View</source>
|
<source>Simple View</source>
|
||||||
|
@ -714,7 +718,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Api Call Log</source>
|
<source>Api Call Log</source>
|
||||||
<translation>Журнал вызовов API</translation>
|
<translation type="vanished">Журнал вызовов API</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Stop Driver</source>
|
<source>Stop Driver</source>
|
||||||
|
@ -800,7 +804,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>API Call Logging</source>
|
<source>API Call Logging</source>
|
||||||
<translation>Ведение журнала вызовов API</translation>
|
<translation type="vanished">Ведение журнала вызовов API</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Loaded Config: %1</source>
|
<source>Loaded Config: %1</source>
|
||||||
|
@ -960,7 +964,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Resource Log</source>
|
<source>Cleanup Resource Log</source>
|
||||||
<translation>Очистить журнал ресурсов</translation>
|
<translation type="vanished">Очистить журнал ресурсов</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Message Log</source>
|
<source>Cleanup Message Log</source>
|
||||||
|
@ -1085,7 +1089,7 @@ Full path: %4</source>
|
||||||
<message>
|
<message>
|
||||||
<source>To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
|
<source>To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
|
||||||
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.</source>
|
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.</source>
|
||||||
<translation>Чтобы использовать ведение журнала API, вы должны сначала настроить LogApiDll из https://github.com/sandboxie-plus/LogApiDll с одной или несколькими песочницами.
|
<translation type="vanished">Чтобы использовать ведение журнала API, вы должны сначала настроить LogApiDll из https://github.com/sandboxie-plus/LogApiDll с одной или несколькими песочницами.
|
||||||
Загрузите последний выпуск и настройте его с помощью Sandboxie.ini, как указано в README.md проекта.</translation>
|
Загрузите последний выпуск и настройте его с помощью Sandboxie.ini, как указано в README.md проекта.</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
|
@ -1158,14 +1162,18 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Default sandbox not found; creating: %1</source>
|
<source>Default sandbox not found; creating: %1</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Песочница по умолчанию не найдена; создание: %1</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source><p>Do you want to go to the <a href="%1">info page</a>?</p></source>
|
<source><p>Do you want to go to the <a href="%1">info page</a>?</p></source>
|
||||||
<translation type="unfinished"></translation>
|
<translation><p>Вы хотите перейти на <a href="%1">страницу с информацией</a>?</p></translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Don't show this message anymore.</source>
|
<source>Don't show this message anymore.</source>
|
||||||
|
<translation>Больше не показывать это сообщение.</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Cleanup Trace Log</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -1428,10 +1436,14 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>This Sandbox is empty.</source>
|
<source>This Sandbox is empty.</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Эта песочница пуста.</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>A group can not be its own parent.</source>
|
<source>A group can not be its own parent.</source>
|
||||||
|
<translation>Группа не может быть собственным родителем.</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Run Cmd.exe as Admin</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -1483,7 +1495,7 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Auto Detection</source>
|
<source>Auto Detection</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Автоопределение</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -2085,6 +2097,10 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Allow access to Bluetooth</source>
|
<source>Allow access to Bluetooth</source>
|
||||||
|
<translation>Разрешить доступ к Bluetooth</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Log all SetError's to Trace log</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -2165,7 +2181,7 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>SandboxiePlus - Recovery</source>
|
<source>SandboxiePlus - Recovery</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>SandboxiePlus - Восстановление</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -2383,7 +2399,7 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>SandboxiePlus - Snapshots</source>
|
<source>SandboxiePlus - Snapshots</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>SandboxiePlus - Снимки</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
</TS>
|
</TS>
|
||||||
|
|
|
@ -5,15 +5,15 @@
|
||||||
<name>CApiMonModel</name>
|
<name>CApiMonModel</name>
|
||||||
<message>
|
<message>
|
||||||
<source>Message</source>
|
<source>Message</source>
|
||||||
<translation>Mesaj</translation>
|
<translation type="vanished">Mesaj</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Time Stamp</source>
|
<source>Time Stamp</source>
|
||||||
<translation>Zaman Damgası</translation>
|
<translation type="vanished">Zaman Damgası</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Process</source>
|
<source>Process</source>
|
||||||
<translation>İşlem</translation>
|
<translation type="vanished">İşlem</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -41,17 +41,13 @@
|
||||||
<source>Default</source>
|
<source>Default</source>
|
||||||
<translation>Öntanımlı</translation>
|
<translation>Öntanımlı</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
|
||||||
<source>Legacy (old sbie behaviour)</source>
|
|
||||||
<translation type="vanished">Eski (eski sbie davranışı)</translation>
|
|
||||||
</message>
|
|
||||||
<message>
|
<message>
|
||||||
<source>Sandboxie-Plus - Create New Box</source>
|
<source>Sandboxie-Plus - Create New Box</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Sandboxie-Plus - Yeni KumKutusu</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Legacy Sandboxie Behaviour</source>
|
<source>Legacy Sandboxie Behaviour</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Eski Sandboxie Davranışı</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -239,51 +235,51 @@
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Direct</source>
|
<source>Direct</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Yönlendir</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Direct All</source>
|
<source>Direct All</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Tümünü Yönlendir</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Closed</source>
|
<source>Closed</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Kapalı</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Closed RT</source>
|
<source>Closed RT</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Kapalı RT</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Read Only</source>
|
<source>Read Only</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Salt Okunur</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Hidden</source>
|
<source>Hidden</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Gizli</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Unknown</source>
|
<source>Unknown</source>
|
||||||
<translation type="unfinished">Bilinmeyen</translation>
|
<translation>Bilinmeyen</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>File/Folder</source>
|
<source>File/Folder</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Dosya/Dizin</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Registry</source>
|
<source>Registry</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Kayıt</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>IPC Path</source>
|
<source>IPC Path</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>IPC Yolu</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Wnd Class</source>
|
<source>Wnd Class</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Wnd Sınıfı</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>COM Object</source>
|
<source>COM Object</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>COM Objesi</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -571,6 +567,10 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Disabled</source>
|
<source>Disabled</source>
|
||||||
|
<translation>Devre dışı</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Empty</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -610,7 +610,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>About Sandboxie-Plus</source>
|
<source>About Sandboxie-Plus</source>
|
||||||
<translation>Sandboxie-Plus Hakkında</translation>
|
<translation>Sandboxie-Plus hakkında</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Driver version: %1</source>
|
<source>Driver version: %1</source>
|
||||||
|
@ -638,7 +638,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Visit Support Forum</source>
|
<source>Visit Support Forum</source>
|
||||||
<translation>Destek Forumu'tnu ziyaret et</translation>
|
<translation>Destek Forumu'nu ziyaret et</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Failed to copy configuration from sandbox %1: %2</source>
|
<source>Failed to copy configuration from sandbox %1: %2</source>
|
||||||
|
@ -650,7 +650,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Api Call Log</source>
|
<source>Cleanup Api Call Log</source>
|
||||||
<translation>Api Çağrı Günlüğünü Temizle</translation>
|
<translation type="vanished">Api Çağrı Günlüğünü Temizle</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Simple View</source>
|
<source>Simple View</source>
|
||||||
|
@ -718,7 +718,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Api Call Log</source>
|
<source>Api Call Log</source>
|
||||||
<translation>Api Çağrı Günlüğü</translation>
|
<translation type="vanished">Api Çağrı Günlüğü</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Stop Driver</source>
|
<source>Stop Driver</source>
|
||||||
|
@ -804,7 +804,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>API Call Logging</source>
|
<source>API Call Logging</source>
|
||||||
<translation>API Çağrı Günlüğü</translation>
|
<translation type="vanished">API Çağrı Günlüğü</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Loaded Config: %1</source>
|
<source>Loaded Config: %1</source>
|
||||||
|
@ -840,7 +840,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source><h3>About Sandboxie-Plus</h3><p>Version %1</p><p>Copyright (c) 2020-2021 by DavidXanatos</p></source>
|
<source><h3>About Sandboxie-Plus</h3><p>Version %1</p><p>Copyright (c) 2020-2021 by DavidXanatos</p></source>
|
||||||
<translation><h3>Sandboxie-Plus Hakkında</h3><p>Sürüm %1</p><p>Telif hakkı (c) 2020-2021 DavidXanatos</p></translation>
|
<translation><h3>Sandboxie-Plus hakkında</h3><p>Sürüm %1</p><p>Telif hakkı (c) 2020-2021 DavidXanatos</p></translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup</source>
|
<source>Cleanup</source>
|
||||||
|
@ -915,8 +915,8 @@ Full path: %4</source>
|
||||||
<translation>%1: %2 korumalı kutusu silinemedi</translation>
|
<translation>%1: %2 korumalı kutusu silinemedi</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source><p>İndirme sayfasına <a href="%1">gitmek ister misiniz</a>?</p></source>
|
<source><p>Do you want to go to the <a href="%1">download page</a>?</p></source>
|
||||||
<translation type="vanished"><p>Вы хотите перейти на <a href="%1">страницу загрузки</a>?</p></translation>
|
<translation><p>İndirme sayfasına <a href="%1">gitmek ister misiniz</a>?</p></translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Maintenance operation Successful</source>
|
<source>Maintenance operation Successful</source>
|
||||||
|
@ -964,7 +964,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Resource Log</source>
|
<source>Cleanup Resource Log</source>
|
||||||
<translation>Kaynak Günlüğünü Temizle</translation>
|
<translation type="vanished">Kaynak Günlüğünü Temizle</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Message Log</source>
|
<source>Cleanup Message Log</source>
|
||||||
|
@ -988,7 +988,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Reset all hidden messages</source>
|
<source>Reset all hidden messages</source>
|
||||||
<translation>Tüm gizli mesajları sıfırla</translation>
|
<translation>Tüm gizlenmiş mesajları sıfırla</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source> - NOT connected</source>
|
<source> - NOT connected</source>
|
||||||
|
@ -1089,7 +1089,7 @@ Full path: %4</source>
|
||||||
<message>
|
<message>
|
||||||
<source>To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
|
<source>To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
|
||||||
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.</source>
|
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.</source>
|
||||||
<translation>API günlüğünü kullanmak için önce https://github.com/sandboxie-plus/LogApiDll adresinden bir veya daha fazla korumalı kutu ile LogApiDll'yi kurmanız gerekir.
|
<translation type="vanished">API günlüğünü kullanmak için önce https://github.com/sandboxie-plus/LogApiDll adresinden bir veya daha fazla korumalı kutu ile LogApiDll'yi kurmanız gerekir.
|
||||||
Lütfen en son sürümü indirin ve projenin README.md dosyasında belirtildiği gibi Sandboxie.ini ile kurun.</translation>
|
Lütfen en son sürümü indirin ve projenin README.md dosyasında belirtildiği gibi Sandboxie.ini ile kurun.</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
|
@ -1104,14 +1104,6 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
<source>Always on Top</source>
|
<source>Always on Top</source>
|
||||||
<translation>Her zaman üstte</translation>
|
<translation>Her zaman üstte</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
|
||||||
<source>Sellect box:</source>
|
|
||||||
<translation type="vanished">Kutu Seç:</translation>
|
|
||||||
</message>
|
|
||||||
<message>
|
|
||||||
<source>Some compatybility templates (%1) are missing, probably deleted, do you want to remove them from all boxes?</source>
|
|
||||||
<translation type="vanished">Bazı uyumluluk şablonları (%1) eksik, büyük olasılıkla silinmiş, bunları tüm kutulardan kaldırmak istiyor musunuz?</translation>
|
|
||||||
</message>
|
|
||||||
<message>
|
<message>
|
||||||
<source>Cleaned up removed templates...</source>
|
<source>Cleaned up removed templates...</source>
|
||||||
<translation>Kaldırılan şablonlar temizlendi...</translation>
|
<translation>Kaldırılan şablonlar temizlendi...</translation>
|
||||||
|
@ -1126,62 +1118,62 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Reset Columns</source>
|
<source>Reset Columns</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Sütunları Sıfırla</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Window Finder</source>
|
<source>Window Finder</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Pencere Bulucu</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Show Hidden Boxes</source>
|
<source>Show Hidden Boxes</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Gizli Kutuları Göster</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Select box:</source>
|
<source>Select box:</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Kutu seç:</translation>
|
||||||
</message>
|
|
||||||
<message>
|
|
||||||
<source>Default sandbox not found; creating: %1</source>
|
|
||||||
<translation type="unfinished"></translation>
|
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Some compatibility templates (%1) are missing, probably deleted, do you want to remove them from all boxes?</source>
|
<source>Some compatibility templates (%1) are missing, probably deleted, do you want to remove them from all boxes?</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Bazı uyumluluk şablonları (%1) eksik, büyük olasılıkla silinmiş, bunları tüm kutulardan kaldırmak istiyor musunuz?</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Do you want to terminate all processes in all sandboxes?</source>
|
<source>Do you want to terminate all processes in all sandboxes?</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Tüm korumalı kutulardaki tüm işlemleri sonlandırmak istiyor musunuz?</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Terminate all without asking</source>
|
<source>Terminate all without asking</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Hepsini sormadan sonlandır</translation>
|
||||||
</message>
|
|
||||||
<message>
|
|
||||||
<source><p>Do you want to go to the <a href="%1">info page</a>?</p></source>
|
|
||||||
<translation type="unfinished"></translation>
|
|
||||||
</message>
|
|
||||||
<message>
|
|
||||||
<source><p>Do you want to go to the <a href="%1">download page</a>?</p></source>
|
|
||||||
<translation type="unfinished"></translation>
|
|
||||||
</message>
|
|
||||||
<message>
|
|
||||||
<source>Don't show this message anymore.</source>
|
|
||||||
<translation type="unfinished"></translation>
|
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>The selected window is running as part of program %1 in sandbox %2</source>
|
<source>The selected window is running as part of program %1 in sandbox %2</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Seçilen pencere %2 kutusunda %1 programının bir parçası olarak çalışıyor</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>The selected window is not running as part of any sandboxed program.</source>
|
<source>The selected window is not running as part of any sandboxed program.</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Seçilen pencere, herhangi bir kutudaki programın parçası olarak çalışmıyor.</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Drag the Finder Tool over a window to select it, then release the mouse to check if the window is sandboxed.</source>
|
<source>Drag the Finder Tool over a window to select it, then release the mouse to check if the window is sandboxed.</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Bulucu Aracını seçmek için bir pencerenin üzerine sürükleyin, ardından pencerenin kumkutusunda olup olmadığını kontrol etmek için fareyi bırakın.</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Sandboxie-Plus - Window Finder</source>
|
<source>Sandboxie-Plus - Window Finder</source>
|
||||||
|
<translation>Sandboxie-Plus - Pencere Bulucu</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Default sandbox not found; creating: %1</source>
|
||||||
|
<translation>Öntanımlı kumkutusu bulunamadı; oluşturuluyor: %1</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source><p>Do you want to go to the <a href="%1">info page</a>?</p></source>
|
||||||
|
<translation><p>Bilgi sayfasına <a href="%1">ister misiniz</a>?</p></translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Don't show this message anymore.</source>
|
||||||
|
<translation>Artık bu mesajı gösterme.</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Cleanup Trace Log</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -1213,7 +1205,7 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Title</source>
|
<source>Title</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Başlık</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -1245,7 +1237,7 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Drop Admin Rights</source>
|
<source>Drop Admin Rights</source>
|
||||||
<translation>Yönetici haklarını bırak</translation>
|
<translation>Yönetici haklarını kaldır</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Run eMail Client</source>
|
<source>Run eMail Client</source>
|
||||||
|
@ -1434,20 +1426,24 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
<source>Do you really want to delete the content of multiple sandboxes?</source>
|
<source>Do you really want to delete the content of multiple sandboxes?</source>
|
||||||
<translation>Birden çok korumalı kutunun içeriğini gerçekten silmek istiyor musunuz?</translation>
|
<translation>Birden çok korumalı kutunun içeriğini gerçekten silmek istiyor musunuz?</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
|
||||||
<source>This Sandbox is empty.</source>
|
|
||||||
<translation type="unfinished"></translation>
|
|
||||||
</message>
|
|
||||||
<message>
|
<message>
|
||||||
<source>Do you want to terminate all processes in the selected sandbox(es)?</source>
|
<source>Do you want to terminate all processes in the selected sandbox(es)?</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Seçili kutu(lar)daki tüm işlemleri sonlandırmak istiyor musunuz?</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>This sandbox is disabled, do you want to enable it?</source>
|
<source>This sandbox is disabled, do you want to enable it?</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Bu kutu devre dışı, etkinleştirmek istiyor musunuz?</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>This Sandbox is empty.</source>
|
||||||
|
<translation>Bu kumkutusu boş.</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>A group can not be its own parent.</source>
|
<source>A group can not be its own parent.</source>
|
||||||
|
<translation>Bir grup kendi ebeveyni olamaz.</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Run Cmd.exe as Admin</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -1499,7 +1495,7 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Auto Detection</source>
|
<source>Auto Detection</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Otomatik Algıla</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -1547,13 +1543,9 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
<source>SandboxiePlus new box</source>
|
<source>SandboxiePlus new box</source>
|
||||||
<translation>SandboxiePlus yeni kutu</translation>
|
<translation>SandboxiePlus yeni kutu</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
|
||||||
<source>Enter a name for the new box:</source>
|
|
||||||
<translation type="vanished">Yeni kutu için bir ad girin:</translation>
|
|
||||||
</message>
|
|
||||||
<message>
|
<message>
|
||||||
<source>Sandbox Name:</source>
|
<source>Sandbox Name:</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>KumKutusu Adı:</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -1932,7 +1924,7 @@ Bu seçenekler olay maskesini "*" olarak ayarlar - Tüm erişim olayla
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Add sandboxed processes to job objects (recommended)</source>
|
<source>Add sandboxed processes to job objects (recommended)</source>
|
||||||
<translation>İş nesnelerine KumKutu'lu süreçler ekleyin (önerilir)</translation>
|
<translation>İş nesnelerine KumKutu'lu (korumalı kutu) süreçler ekle (önerilir)</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Remove Program</source>
|
<source>Remove Program</source>
|
||||||
|
@ -2037,7 +2029,7 @@ Not: Bir korumalı kutuya ilişkin Zorlanmış Programlar ve Zorlanmış Dizinle
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Prevent change to network and firewall parameters</source>
|
<source>Prevent change to network and firewall parameters</source>
|
||||||
<translation>Ağ ve güvenlik duvarı parametrelerinde değişikliği önleyin</translation>
|
<translation>Ağ ve güvenlik duvarı parametrelerinde değişikliği önle</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>COM Class Trace</source>
|
<source>COM Class Trace</source>
|
||||||
|
@ -2045,7 +2037,7 @@ Not: Bir korumalı kutuya ilişkin Zorlanmış Programlar ve Zorlanmış Dizinle
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source><- for this one the above does not apply</source>
|
<source><- for this one the above does not apply</source>
|
||||||
<translation><- bunun için yukarıdakiler geçerli değildir</translation>
|
<translation><- yukarıdakiler bunun için geçerli değildir</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Block access to the printer spooler</source>
|
<source>Block access to the printer spooler</source>
|
||||||
|
@ -2105,6 +2097,10 @@ Not: Bir korumalı kutuya ilişkin Zorlanmış Programlar ve Zorlanmış Dizinle
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Allow access to Bluetooth</source>
|
<source>Allow access to Bluetooth</source>
|
||||||
|
<translation>Bluetooth erişimine izin ver</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Log all SetError's to Trace log</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -2185,7 +2181,7 @@ Not: Bir korumalı kutuya ilişkin Zorlanmış Programlar ve Zorlanmış Dizinle
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>SandboxiePlus - Recovery</source>
|
<source>SandboxiePlus - Recovery</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>SandboxiePlus - Kurtarma</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -2316,7 +2312,7 @@ Not: Bir korumalı kutuya ilişkin Zorlanmış Programlar ve Zorlanmış Dizinle
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Prevent the listed programs from starting on this system</source>
|
<source>Prevent the listed programs from starting on this system</source>
|
||||||
<translation>Listelenen programların bu sistemde başlamasını önleyin</translation>
|
<translation>Listelenen programların bu sistemde başlamasını önle</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Only Administrator user accounts can use Disable Forced Programs command</source>
|
<source>Only Administrator user accounts can use Disable Forced Programs command</source>
|
||||||
|
@ -2328,7 +2324,7 @@ Not: Bir korumalı kutuya ilişkin Zorlanmış Programlar ve Zorlanmış Dizinle
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Open urls from this ui sandboxed</source>
|
<source>Open urls from this ui sandboxed</source>
|
||||||
<translation>Bu kullanıcı arayüzündeki linkleri korumalı kutuda aç</translation>
|
<translation>Bu kullanıcı arayüzündeki (ui) linkleri korumalı kutuda aç</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Sandbox <a href="sbie://docs/filerootpath">file system root</a>: </source>
|
<source>Sandbox <a href="sbie://docs/filerootpath">file system root</a>: </source>
|
||||||
|
@ -2348,11 +2344,11 @@ Not: Bir korumalı kutuya ilişkin Zorlanmış Programlar ve Zorlanmış Dizinle
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Start UI with Windows</source>
|
<source>Start UI with Windows</source>
|
||||||
<translation>Windows başlangıcında kullanıcı arayüzünü başlat</translation>
|
<translation>Windows başlangıcında kullanıcı arayüzünü (ui) başlat</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Start UI when a sandboxed process is started</source>
|
<source>Start UI when a sandboxed process is started</source>
|
||||||
<translation>Korumalı kutuda bir işlem başladığında kullanıcı arayüzünü başlat</translation>
|
<translation>Korumalı kutuda bir işlem başladığında kullanıcı arayüzünü (ui) başlat</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Show first recovery window when emptying sandboxes</source>
|
<source>Show first recovery window when emptying sandboxes</source>
|
||||||
|
@ -2403,7 +2399,7 @@ Not: Bir korumalı kutuya ilişkin Zorlanmış Programlar ve Zorlanmış Dizinle
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>SandboxiePlus - Snapshots</source>
|
<source>SandboxiePlus - Snapshots</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>SandboxiePlus - Anlık Görüntüler</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
</TS>
|
</TS>
|
||||||
|
|
|
@ -5,15 +5,15 @@
|
||||||
<name>CApiMonModel</name>
|
<name>CApiMonModel</name>
|
||||||
<message>
|
<message>
|
||||||
<source>Message</source>
|
<source>Message</source>
|
||||||
<translation>信息</translation>
|
<translation type="vanished">信息</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Time Stamp</source>
|
<source>Time Stamp</source>
|
||||||
<translation>时间戳</translation>
|
<translation type="vanished">时间戳</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Process</source>
|
<source>Process</source>
|
||||||
<translation>进程</translation>
|
<translation type="vanished">进程</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -234,51 +234,51 @@
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Direct</source>
|
<source>Direct</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>直接访问</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Direct All</source>
|
<source>Direct All</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>直接访问全部</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Closed</source>
|
<source>Closed</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>关闭</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Closed RT</source>
|
<source>Closed RT</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>关闭RT</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Read Only</source>
|
<source>Read Only</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>只读</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Hidden</source>
|
<source>Hidden</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>隐藏</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Unknown</source>
|
<source>Unknown</source>
|
||||||
<translation type="unfinished">未知</translation>
|
<translation>未知</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>File/Folder</source>
|
<source>File/Folder</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>文件/文件夹</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Registry</source>
|
<source>Registry</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>注册表</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>IPC Path</source>
|
<source>IPC Path</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>IPC路径</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Wnd Class</source>
|
<source>Wnd Class</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>窗口类</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>COM Object</source>
|
<source>COM Object</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>COM组件</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -568,6 +568,10 @@ Full path: %4</source>
|
||||||
<source>Disabled</source>
|
<source>Disabled</source>
|
||||||
<translation>禁用</translation>
|
<translation>禁用</translation>
|
||||||
</message>
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Empty</source>
|
||||||
|
<translation type="unfinished"></translation>
|
||||||
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
<name>CSandMan</name>
|
<name>CSandMan</name>
|
||||||
|
@ -645,7 +649,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Api Call Log</source>
|
<source>Cleanup Api Call Log</source>
|
||||||
<translation>清理Api调用日志</translation>
|
<translation type="vanished">清理Api调用日志</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Simple View</source>
|
<source>Simple View</source>
|
||||||
|
@ -721,7 +725,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Api Call Log</source>
|
<source>Api Call Log</source>
|
||||||
<translation>Api调用日志</translation>
|
<translation type="vanished">Api调用日志</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>The sandbox name can not be longer than 32 characters.</source>
|
<source>The sandbox name can not be longer than 32 characters.</source>
|
||||||
|
@ -827,7 +831,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>API Call Logging</source>
|
<source>API Call Logging</source>
|
||||||
<translation>API调用记录</translation>
|
<translation type="vanished">API调用记录</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Loaded Config: %1</source>
|
<source>Loaded Config: %1</source>
|
||||||
|
@ -1027,7 +1031,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Resource Log</source>
|
<source>Cleanup Resource Log</source>
|
||||||
<translation>清理资源日志</translation>
|
<translation type="vanished">清理资源日志</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Message Log</source>
|
<source>Cleanup Message Log</source>
|
||||||
|
@ -1084,7 +1088,7 @@ Full path: %4</source>
|
||||||
<message>
|
<message>
|
||||||
<source>To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
|
<source>To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
|
||||||
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.</source>
|
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.</source>
|
||||||
<translation>要使用API记录日志首先必须从 https://github.com/sandboxie-plus/LogApiDll 下载LogApiDll,并用沙盒来建立.
|
<translation type="vanished">要使用API记录日志首先必须从 https://github.com/sandboxie-plus/LogApiDll 下载LogApiDll,并用沙盒来建立.
|
||||||
请下载最新发布版,并用sandboxie.ini安装,详情请参考README.md里此项的说明.</translation>
|
请下载最新发布版,并用sandboxie.ini安装,详情请参考README.md里此项的说明.</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
|
@ -1157,14 +1161,18 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Default sandbox not found; creating: %1</source>
|
<source>Default sandbox not found; creating: %1</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>默认沙盒未发现,正在创建: %1</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source><p>Do you want to go to the <a href="%1">info page</a>?</p></source>
|
<source><p>Do you want to go to the <a href="%1">info page</a>?</p></source>
|
||||||
<translation type="unfinished"></translation>
|
<translation><p>您确定前往 < "%1">信息页</a>?</p></translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Don't show this message anymore.</source>
|
<source>Don't show this message anymore.</source>
|
||||||
|
<translation>不再显示此信息</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Cleanup Trace Log</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -1426,10 +1434,14 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>A group can not be its own parent.</source>
|
<source>A group can not be its own parent.</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>组不能是自己的父级</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>This Sandbox is empty.</source>
|
<source>This Sandbox is empty.</source>
|
||||||
|
<translation>此沙盒是空的</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Run Cmd.exe as Admin</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -1481,7 +1493,7 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Auto Detection</source>
|
<source>Auto Detection</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>自动检测</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -2082,6 +2094,10 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Allow access to Bluetooth</source>
|
<source>Allow access to Bluetooth</source>
|
||||||
|
<translation>允许访问蓝牙</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Log all SetError's to Trace log</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -2162,7 +2178,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>SandboxiePlus - Recovery</source>
|
<source>SandboxiePlus - Recovery</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>SandboxiePlus - 恢复</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -2380,7 +2396,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>SandboxiePlus - Snapshots</source>
|
<source>SandboxiePlus - Snapshots</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>SandboxiePlus - 快照</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
</TS>
|
</TS>
|
|
@ -5,15 +5,15 @@
|
||||||
<name>CApiMonModel</name>
|
<name>CApiMonModel</name>
|
||||||
<message>
|
<message>
|
||||||
<source>Message</source>
|
<source>Message</source>
|
||||||
<translation>訊息</translation>
|
<translation type="vanished">訊息</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Time Stamp</source>
|
<source>Time Stamp</source>
|
||||||
<translation>時間標記</translation>
|
<translation type="vanished">時間標記</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Process</source>
|
<source>Process</source>
|
||||||
<translation>處理程序</translation>
|
<translation type="vanished">處理程序</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -278,7 +278,7 @@
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Wnd Class</source>
|
<source>Wnd Class</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>Wnd 元件</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>COM Object</source>
|
<source>COM Object</source>
|
||||||
|
@ -374,7 +374,7 @@
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Recover the file to original location</source>
|
<source>Recover the file to original location</source>
|
||||||
<translation>恢復檔案到原始位址</translation>
|
<translation>恢復檔案到原始路徑</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Recover && Explore</source>
|
<source>Recover && Explore</source>
|
||||||
|
@ -441,7 +441,7 @@ File name: %3</source>
|
||||||
<source>Do you want to allow %1 (%2) access to the internet?
|
<source>Do you want to allow %1 (%2) access to the internet?
|
||||||
Full path: %3</source>
|
Full path: %3</source>
|
||||||
<translation type="vanished">您確定允許 %1 (%2) 訪問網路嗎?
|
<translation type="vanished">您確定允許 %1 (%2) 訪問網路嗎?
|
||||||
完整位址: %3</translation>
|
完整路徑: %3</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>%1 is eligible for quick recovery from %2.
|
<source>%1 is eligible for quick recovery from %2.
|
||||||
|
@ -453,7 +453,7 @@ The file was written by: %3</source>
|
||||||
<source>Migrating a large file %1 into the sandbox %2, %3 left.
|
<source>Migrating a large file %1 into the sandbox %2, %3 left.
|
||||||
Full path: %4</source>
|
Full path: %4</source>
|
||||||
<translation type="vanished">移動大檔案 %1 至沙盤 %2,%3 遺留。
|
<translation type="vanished">移動大檔案 %1 至沙盤 %2,%3 遺留。
|
||||||
完整位址: %4</translation>
|
完整路徑: %4</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Do you want to allow %4 (%5) to copy a %1 large file into sandbox: %2?
|
<source>Do you want to allow %4 (%5) to copy a %1 large file into sandbox: %2?
|
||||||
|
@ -488,7 +488,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Full Path</source>
|
<source>Full Path</source>
|
||||||
<translation>詳細位址</translation>
|
<translation>詳細路徑</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Select Directory</source>
|
<source>Select Directory</source>
|
||||||
|
@ -572,6 +572,10 @@ Full path: %4</source>
|
||||||
<source>Disabled</source>
|
<source>Disabled</source>
|
||||||
<translation>禁用</translation>
|
<translation>禁用</translation>
|
||||||
</message>
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Empty</source>
|
||||||
|
<translation type="unfinished"></translation>
|
||||||
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
<name>CSandMan</name>
|
<name>CSandMan</name>
|
||||||
|
@ -649,7 +653,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Api Call Log</source>
|
<source>Cleanup Api Call Log</source>
|
||||||
<translation>清理 API 呼叫日誌</translation>
|
<translation type="vanished">清理 API 呼叫日誌</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Simple View</source>
|
<source>Simple View</source>
|
||||||
|
@ -725,7 +729,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Api Call Log</source>
|
<source>Api Call Log</source>
|
||||||
<translation>API 呼叫日誌</translation>
|
<translation type="vanished">API 呼叫日誌</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>The sandbox name can not be longer than 32 characters.</source>
|
<source>The sandbox name can not be longer than 32 characters.</source>
|
||||||
|
@ -831,7 +835,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>API Call Logging</source>
|
<source>API Call Logging</source>
|
||||||
<translation>API 呼叫日誌</translation>
|
<translation type="vanished">API 呼叫日誌</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Loaded Config: %1</source>
|
<source>Loaded Config: %1</source>
|
||||||
|
@ -911,7 +915,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Can't find Sandboxie installation path.</source>
|
<source>Can't find Sandboxie installation path.</source>
|
||||||
<translation>無法找到 Sandboxie 安裝位址。</translation>
|
<translation>無法找到 Sandboxie 安裝路徑。</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Delete protection is enabled for the sandbox</source>
|
<source>Delete protection is enabled for the sandbox</source>
|
||||||
|
@ -987,7 +991,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Do you also want to reset hidden message boxes (yes), or only all log messages (no)?</source>
|
<source>Do you also want to reset hidden message boxes (yes), or only all log messages (no)?</source>
|
||||||
<translation>確定連隱藏訊息視窗一起重置 (是) 或僅用於所有日誌訊息 (否)?</translation>
|
<translation>你是否要重置已隱藏訊息視窗 (是) ,或僅用於所有日誌訊息 (否)?</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>You are not authorized to update configuration in section '%1'</source>
|
<source>You are not authorized to update configuration in section '%1'</source>
|
||||||
|
@ -1015,7 +1019,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Error merging snapshot directories '%1' with '%2', the snapshot has not been fully merged.</source>
|
<source>Error merging snapshot directories '%1' with '%2', the snapshot has not been fully merged.</source>
|
||||||
<translation>合併快照目錄 '%1' 和 '%2' 錯誤,快照沒有全部合併。</translation>
|
<translation>合併快照目錄 '%1' 和 '%2' 錯誤,快照沒有被完全合併。</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Edit ini file</source>
|
<source>Edit ini file</source>
|
||||||
|
@ -1031,7 +1035,7 @@ Full path: %4</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Resource Log</source>
|
<source>Cleanup Resource Log</source>
|
||||||
<translation>清理資源日誌</translation>
|
<translation type="vanished">清理資源日誌</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Cleanup Message Log</source>
|
<source>Cleanup Message Log</source>
|
||||||
|
@ -1088,7 +1092,7 @@ Full path: %4</source>
|
||||||
<message>
|
<message>
|
||||||
<source>To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
|
<source>To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
|
||||||
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.</source>
|
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.</source>
|
||||||
<translation>要使用 API 記錄日誌首先必須從 https://github.com/sandboxie-plus/LogApiDll 下載 LogApiDll,並為一個或更多沙盤設定。
|
<translation type="vanished">要使用 API 記錄日誌首先必須從 https://github.com/sandboxie-plus/LogApiDll 下載 LogApiDll,並為一個或更多沙盤設定。
|
||||||
請下載最新發布版本,並使用 sandboxie.ini 安裝,更多內容請參考 README.md 中此項目的說明。</translation>
|
請下載最新發布版本,並使用 sandboxie.ini 安裝,更多內容請參考 README.md 中此項目的說明。</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
|
@ -1169,14 +1173,18 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Default sandbox not found; creating: %1</source>
|
<source>Default sandbox not found; creating: %1</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>未找到預設沙盤; 建立中: %1</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source><p>Do you want to go to the <a href="%1">info page</a>?</p></source>
|
<source><p>Do you want to go to the <a href="%1">info page</a>?</p></source>
|
||||||
<translation type="unfinished"></translation>
|
<translation><p>你是否想要前往 <a href="%1">資訊頁面</a>?</p></translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Don't show this message anymore.</source>
|
<source>Don't show this message anymore.</source>
|
||||||
|
<translation>不再顯示此訊息。</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Cleanup Trace Log</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -1196,7 +1204,7 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Path / Command Line</source>
|
<source>Path / Command Line</source>
|
||||||
<translation>位址 / 命令列</translation>
|
<translation>路徑 / 命令列</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Start Time</source>
|
<source>Start Time</source>
|
||||||
|
@ -1438,10 +1446,14 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>This Sandbox is empty.</source>
|
<source>This Sandbox is empty.</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>此沙盤為空。</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>A group can not be its own parent.</source>
|
<source>A group can not be its own parent.</source>
|
||||||
|
<translation>群組不能作為其本身的上級群組。</translation>
|
||||||
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Run Cmd.exe as Admin</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation type="unfinished"></translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
|
@ -1493,7 +1505,7 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Auto Detection</source>
|
<source>Auto Detection</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>自動偵測</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -1558,7 +1570,7 @@ Please download the latest release and set it up with the Sandboxie.ini as instr
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Path</source>
|
<source>Path</source>
|
||||||
<translation>位址</translation>
|
<translation>路徑</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Save</source>
|
<source>Save</source>
|
||||||
|
@ -1624,7 +1636,7 @@ For files access you can use 'Direct All' instead to make it apply to
|
||||||
<translation>配置處理程序所訪問的資源。雙擊進入編輯。
|
<translation>配置處理程序所訪問的資源。雙擊進入編輯。
|
||||||
'管理' 檔案和機碼僅適用於沙盤外的程式二進位制檔案。
|
'管理' 檔案和機碼僅適用於沙盤外的程式二進位制檔案。
|
||||||
注意所有關閉的...=!<程式>,... 例外也有相同限制。
|
注意所有關閉的...=!<程式>,... 例外也有相同限制。
|
||||||
想要管理檔案訪問可使用 '管理全部' 使其套用至至全部程式。</translation>
|
想要管理檔案訪問可使用 '管理全部' 使其套用至全部程式。</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Log Debug Output to the Trace Log</source>
|
<source>Log Debug Output to the Trace Log</source>
|
||||||
|
@ -1688,7 +1700,7 @@ If leader processes are defined, all others are treated as lingering processes.<
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>These options are intended for debugging compatibility issues, please do not use them in production use. </source>
|
<source>These options are intended for debugging compatibility issues, please do not use them in production use. </source>
|
||||||
<translation>這些選項是計劃除錯裝置而設計的,在日常使用時請不要使用。</translation>
|
<translation>這些選項是為除錯相容性問題而設計的,在日常使用時請不要開啟。</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Text Filter</source>
|
<source>Text Filter</source>
|
||||||
|
@ -1700,7 +1712,7 @@ If leader processes are defined, all others are treated as lingering processes.<
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Restrict Resource Access monitor to administrators only</source>
|
<source>Restrict Resource Access monitor to administrators only</source>
|
||||||
<translation>限制資源訪問監視器僅限管理員使用</translation>
|
<translation>限制資源訪問監視器使其僅限管理員使用</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Protect the sandbox integrity itself</source>
|
<source>Protect the sandbox integrity itself</source>
|
||||||
|
@ -1720,7 +1732,7 @@ If leader processes are defined, all others are treated as lingering processes.<
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Limit access to the emulated service control manager to privileged processes</source>
|
<source>Limit access to the emulated service control manager to privileged processes</source>
|
||||||
<translation>限制訪問模擬服務控制管理員來提權處理程序</translation>
|
<translation>限制訪問模擬服務控制管理員以提權處理程序</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Remove</source>
|
<source>Remove</source>
|
||||||
|
@ -1732,11 +1744,11 @@ If leader processes are defined, all others are treated as lingering processes.<
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Block internet access for all programs except those added to the list.</source>
|
<source>Block internet access for all programs except those added to the list.</source>
|
||||||
<translation>禁止所有程式訪問網路,除了這些新增至清單中的。</translation>
|
<translation>禁止所有程式訪問網路,除了已新增至清單中的。</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Issue message 1307 when a program is denied internet access</source>
|
<source>Issue message 1307 when a program is denied internet access</source>
|
||||||
<translation>當程式被拒絕訪問網路時提示 1307 訊息</translation>
|
<translation>當程式被拒絕訪問網路時提示錯誤代碼 1307</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Compatibility</source>
|
<source>Compatibility</source>
|
||||||
|
@ -1776,7 +1788,7 @@ If leader processes are defined, all others are treated as lingering processes.<
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Issue message 2102 when a file is too large</source>
|
<source>Issue message 2102 when a file is too large</source>
|
||||||
<translation>當檔案過大時提示 2102 訊息</translation>
|
<translation>當檔案過大時提示錯誤代碼 2102</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>File Recovery</source>
|
<source>File Recovery</source>
|
||||||
|
@ -1980,7 +1992,7 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Issue message 1308 when a program fails to start</source>
|
<source>Issue message 1308 when a program fails to start</source>
|
||||||
<translation>當程式啟動失敗時提示 1308 訊息</translation>
|
<translation>當程式啟動失敗時提示錯誤代碼 1308</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Resource Access</source>
|
<source>Resource Access</source>
|
||||||
|
@ -2076,7 +2088,7 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Here you can specify a list of commands that are executed every time the sandbox is initially populated.</source>
|
<source>Here you can specify a list of commands that are executed every time the sandbox is initially populated.</source>
|
||||||
<translation>這裡您可以指定每次沙盤啟動被執行的命令清單。</translation>
|
<translation>此處您可以指定每次沙盤啟動時將被執行的命令清單。</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Log all access events as seen by the driver to the resource access log.
|
<source>Log all access events as seen by the driver to the resource access log.
|
||||||
|
@ -2100,6 +2112,10 @@ instead of "*".</source>
|
||||||
<source>Allow access to Bluetooth</source>
|
<source>Allow access to Bluetooth</source>
|
||||||
<translation>允許訪問藍牙</translation>
|
<translation>允許訪問藍牙</translation>
|
||||||
</message>
|
</message>
|
||||||
|
<message>
|
||||||
|
<source>Log all SetError's to Trace log</source>
|
||||||
|
<translation type="unfinished"></translation>
|
||||||
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
<name>PopUpWindow</name>
|
<name>PopUpWindow</name>
|
||||||
|
@ -2178,7 +2194,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>SandboxiePlus - Recovery</source>
|
<source>SandboxiePlus - Recovery</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>SandboxiePlus - 恢復</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
<context>
|
<context>
|
||||||
|
@ -2189,7 +2205,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Path</source>
|
<source>Path</source>
|
||||||
<translation>位址</translation>
|
<translation>路徑</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Change Password</source>
|
<source>Change Password</source>
|
||||||
|
@ -2225,7 +2241,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Tray options</source>
|
<source>Tray options</source>
|
||||||
<translation>磁碟選項</translation>
|
<translation>工作列選項</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Use Dark Theme</source>
|
<source>Use Dark Theme</source>
|
||||||
|
@ -2269,7 +2285,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Open urls from this ui sandboxed</source>
|
<source>Open urls from this ui sandboxed</source>
|
||||||
<translation>沙盤化在此 UI 開啟的連結</translation>
|
<translation>沙盤化從此 UI 開啟的連結</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>In the future, don't check software compatibility</source>
|
<source>In the future, don't check software compatibility</source>
|
||||||
|
@ -2281,7 +2297,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>When any of the following programs is launched outside any sandbox, Sandboxie will issue message SBIE1301.</source>
|
<source>When any of the following programs is launched outside any sandbox, Sandboxie will issue message SBIE1301.</source>
|
||||||
<translation>當下列程式在任意沙盤之外啟動時,Sandboxie 將提示 SBIE1301 訊息。</translation>
|
<translation>當下列程式在任意沙盤之外啟動時,Sandboxie 將提示錯誤代碼 SBIE1301。</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Remove Program</source>
|
<source>Remove Program</source>
|
||||||
|
@ -2301,7 +2317,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Issue message 1308 when a program fails to start</source>
|
<source>Issue message 1308 when a program fails to start</source>
|
||||||
<translation>當程式啟動失敗時提示 1308 訊息</translation>
|
<translation>當程式啟動失敗時提示錯誤代碼 1308</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Sandbox default</source>
|
<source>Sandbox default</source>
|
||||||
|
@ -2345,7 +2361,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Start UI when a sandboxed process is started</source>
|
<source>Start UI when a sandboxed process is started</source>
|
||||||
<translation>當沙盤化處理程序啟動時啟動 UI</translation>
|
<translation>當有沙盤化處理程序啟動時開啟 UI</translation>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>Show first recovery window when emptying sandboxes</source>
|
<source>Show first recovery window when emptying sandboxes</source>
|
||||||
|
@ -2396,7 +2412,7 @@ instead of "*".</source>
|
||||||
</message>
|
</message>
|
||||||
<message>
|
<message>
|
||||||
<source>SandboxiePlus - Snapshots</source>
|
<source>SandboxiePlus - Snapshots</source>
|
||||||
<translation type="unfinished"></translation>
|
<translation>SandboxiePlus - 快照</translation>
|
||||||
</message>
|
</message>
|
||||||
</context>
|
</context>
|
||||||
</TS>
|
</TS>
|
||||||
|
|
|
@ -0,0 +1,19 @@
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#define VERSION_MJR 0
|
||||||
|
#define VERSION_MIN 7
|
||||||
|
#define VERSION_REV 0
|
||||||
|
#define VERSION_UPD 0
|
||||||
|
|
||||||
|
#ifndef STR
|
||||||
|
#define STR2(X) #X
|
||||||
|
#define STR(X) STR2(X)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define VERSION_BIN VERSION_MJR,VERSION_MIN,VERSION_REV,VERSION_UPD
|
||||||
|
#define VERSION_STR STR(VERSION_MJR.VERSION_MIN.VERSION_REV.VERSION_UPD)
|
||||||
|
|
||||||
|
#define MY_PRODUCT_NAME_STRING "Sandboxie-Plus"
|
||||||
|
#define MY_COMPANY_NAME_STRING "sandboxie-plus.com"
|
||||||
|
#define MY_COPYRIGHT_STRING "Copyright (C) 2020-2021 by David Xanatos (xanasoft.com)"
|
||||||
|
|
Loading…
Reference in New Issue