From f452bfbbf6c98746f5252b0b9d777a4e67e788ab Mon Sep 17 00:00:00 2001 From: typpos <28550406+typpos@users.noreply.github.com> Date: Mon, 15 Feb 2021 18:43:48 +1100 Subject: [PATCH 1/3] Fix byte-len vs wchar-len error --- Sandboxie/core/drv/session.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Sandboxie/core/drv/session.c b/Sandboxie/core/drv/session.c index 74b5b1c8..7f08ed6b 100644 --- a/Sandboxie/core/drv/session.c +++ b/Sandboxie/core/drv/session.c @@ -974,11 +974,11 @@ _FX NTSTATUS Session_Api_MonitorGetEx(PROCESS *proc, ULONG64 *parms) if (log_tid != NULL) ProbeForWrite(log_tid, sizeof(ULONG64), sizeof(ULONG64)); - log_len = args->log_len.val / sizeof(WCHAR); + log_len = args->log_len.val / sizeof(WCHAR) * sizeof(WCHAR); if (!log_len) return STATUS_INVALID_PARAMETER; log_data = args->log_ptr.val; - ProbeForWrite(log_data, log_len * sizeof(WCHAR), sizeof(WCHAR)); + ProbeForWrite(log_data, log_len, sizeof(WCHAR)); *log_type = 0; if (log_pid != NULL) From f90eae89db5bed3dbf855c81afc4a512bede0e6c Mon Sep 17 00:00:00 2001 From: typpos <28550406+typpos@users.noreply.github.com> Date: Mon, 15 Feb 2021 19:18:41 +1100 Subject: [PATCH 2/3] Fix double-fetch from user space. --- Sandboxie/core/drv/session.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Sandboxie/core/drv/session.c b/Sandboxie/core/drv/session.c index 7f08ed6b..af762742 100644 --- a/Sandboxie/core/drv/session.c +++ b/Sandboxie/core/drv/session.c @@ -504,7 +504,8 @@ _FX NTSTATUS Session_Api_DisableForce(PROCESS *proc, ULONG64 *parms) in_flag = args->set_flag.val; if (in_flag) { ProbeForRead(in_flag, sizeof(ULONG), sizeof(ULONG)); - if (*in_flag) { + ULONG in_flag_value = *in_flag; + if (in_flag_value) { if (! Session_CheckAdminAccess(L"ForceDisableAdminOnly")) return STATUS_ACCESS_DENIED; @@ -513,7 +514,7 @@ _FX NTSTATUS Session_Api_DisableForce(PROCESS *proc, ULONG64 *parms) } else time.QuadPart = 0; - if (*in_flag == DISABLE_JUST_THIS_PROCESS) { + if (in_flag_value == DISABLE_JUST_THIS_PROCESS) { Process_DfpInsert(PROCESS_TERMINATED, PsGetCurrentProcessId()); From 76d7f6dbc04b828376d3e73809b936e8fac74e34 Mon Sep 17 00:00:00 2001 From: typpos <28550406+typpos@users.noreply.github.com> Date: Fri, 19 Feb 2021 15:04:01 +1100 Subject: [PATCH 3/3] Fix #586: Sandboxie crash when saving Sandboxie-Classic Sandbox appearance settings. --- Sandboxie/apps/control/BoxPage.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Sandboxie/apps/control/BoxPage.cpp b/Sandboxie/apps/control/BoxPage.cpp index cb374b12..b0dbd4c3 100644 --- a/Sandboxie/apps/control/BoxPage.cpp +++ b/Sandboxie/apps/control/BoxPage.cpp @@ -966,7 +966,7 @@ void CBoxPage::Appearance_OnOK(CBox &box) BOOL enable = (pCheckBox3->GetCheck() == BST_CHECKED ? TRUE : FALSE); BOOL title = (pCheckBox4->GetCheck() == BST_CHECKED ? TRUE : FALSE); CString str; - GetDlgItem(ID_MIGRATE_KB)->GetWindowText(str); + GetDlgItem(ID_BORDER_WIDTH)->GetWindowText(str); int width = _wtoi(str); ok = box.SetBorder(enable, Appearance_BorderColor, title, width); }