mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

1.15.1

This commit is contained in:
DavidXanatos 2024-10-21 16:51:13 +02:00
parent d6976196c1
commit 5f248c4779
5 changed files with 76 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -8,7 +8,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
### Fixed ### Fixed
- fixed Sandboxie crypto fails to start in red boxes - fixed Sandboxie crypto fails to start in red boxes
- fixed issue with breakout process when usign explorer.exe

2
Sandboxie/core/dll/dll.h
View File

@ -603,6 +603,8 @@ ULONG_PTR ProtectCall4(
void *CallAddress, void *CallAddress,
ULONG_PTR Arg1, ULONG_PTR Arg2, ULONG_PTR Arg3, ULONG_PTR Arg4); ULONG_PTR Arg1, ULONG_PTR Arg2, ULONG_PTR Arg3, ULONG_PTR Arg4);
BOOL SH32_BreakoutDocument(const WCHAR* path, ULONG len);
BOOL SH32_DoRunAs( BOOL SH32_DoRunAs(
const WCHAR *CmdLine, const WCHAR *WorkDir, const WCHAR *CmdLine, const WCHAR *WorkDir,
PROCESS_INFORMATION *pi, BOOL *cancelled); PROCESS_INFORMATION *pi, BOOL *cancelled);

22
Sandboxie/core/dll/proc.c
View File

@ -1307,6 +1307,28 @@ _FX BOOL Proc_CreateProcessInternalW(
} }
} }
} }
//
// Explorer does not use ShellExecuteExW, so for explorer we set BreakoutDocumentProcess=explorer.exe,y
// in the Tempaltes.ini and check whenever explorer wants to start a process
//
if (lpCommandLine && Config_GetSettingsForImageName_bool(L"BreakoutDocumentProcess", FALSE))
{
const WCHAR* temp = lpCommandLine;
if (*temp == L'"') temp = wcschr(temp + 1, L'"');
else temp = wcschr(temp, L' ');
if (temp) while (*++temp == L' ');
const WCHAR* arg1 = temp;
const WCHAR* arg1_end = NULL;
if (*arg1 == L'"') temp = wcschr(arg1 + 1, L'"');
if (!arg1_end) arg1_end = wcschr(arg1, L'\0');
if (arg1 && arg1 != arg1_end && SH32_BreakoutDocument(arg1, (ULONG)(arg1_end - arg1)))
return TRUE;
}
#endif #endif
// //

85
Sandboxie/core/dll/sh.c
View File

@ -303,6 +303,54 @@ _FX WCHAR *SH32_AdjustPath(WCHAR *src, WCHAR **pArgs)
} }
//---------------------------------------------------------------------------
// SH32_BreakoutDocument
//---------------------------------------------------------------------------
_FX BOOL SH32_BreakoutDocument(const WCHAR* path, ULONG len)
{
if (SbieDll_CheckPatternInList(path, len, NULL, L"BreakoutDocument")) {
NTSTATUS status;
static WCHAR* _QueueName = NULL;
if (!_QueueName) {
_QueueName = Dll_Alloc(32 * sizeof(WCHAR));
Sbie_snwprintf(_QueueName, 32, L"*USERPROXY_%08X", Dll_SessionId);
}
ULONG path_len = (len + 1) * sizeof(WCHAR);
ULONG req_len = sizeof(USER_SHELL_EXEC_REQ) + path_len;
ULONG path_pos = sizeof(USER_SHELL_EXEC_REQ);
USER_SHELL_EXEC_REQ* req = (USER_SHELL_EXEC_REQ*)Dll_AllocTemp(req_len);
WCHAR* path_buff = ((UCHAR*)req) + path_pos;
memcpy(path_buff, path, path_len);
req->msgid = USER_SHELL_EXEC;
req->FileNameOffset = path_pos;
ULONG* rpl = SbieDll_CallProxySvr(_QueueName, req, req_len, sizeof(*rpl), 100);
if (!rpl)
status = STATUS_INTERNAL_ERROR;
else {
status = rpl[0];
Dll_Free(rpl);
}
Dll_Free(req);
return TRUE;
}
return FALSE;
}
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
// SH32_ShellExecuteExW // SH32_ShellExecuteExW
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
@ -324,42 +372,9 @@ _FX BOOL SH32_ShellExecuteExW(SHELLEXECUTEINFOW *lpExecInfo)
// //
if (lpExecInfo->lpFile) { if (lpExecInfo->lpFile) {
if (SbieDll_CheckPatternInList(lpExecInfo->lpFile, (ULONG)wcslen(lpExecInfo->lpFile), NULL, L"BreakoutDocument")) {
NTSTATUS status; if (SH32_BreakoutDocument(lpExecInfo->lpFile, wcslen(lpExecInfo->lpFile)))
static WCHAR* _QueueName = NULL; return TRUE;
if (!_QueueName) {
_QueueName = Dll_Alloc(32 * sizeof(WCHAR));
Sbie_snwprintf(_QueueName, 32, L"*USERPROXY_%08X", Dll_SessionId);
}
ULONG path_len = (wcslen(lpExecInfo->lpFile) + 1) * sizeof(WCHAR);
ULONG req_len = sizeof(USER_SHELL_EXEC_REQ) + path_len;
ULONG path_pos = sizeof(USER_SHELL_EXEC_REQ);
USER_SHELL_EXEC_REQ *req = (USER_SHELL_EXEC_REQ *)Dll_AllocTemp(req_len);
WCHAR* path_buff = ((UCHAR*)req) + path_pos;
memcpy(path_buff, lpExecInfo->lpFile, path_len);
req->msgid = USER_SHELL_EXEC;
req->FileNameOffset = path_pos;
ULONG *rpl = SbieDll_CallProxySvr(_QueueName, req, req_len, sizeof(*rpl), 100);
if (!rpl)
status = STATUS_INTERNAL_ERROR;
else {
status = rpl[0];
Dll_Free(rpl);
}
Dll_Free(req);
return NT_SUCCESS(status);
}
} }
// //

1
Sandboxie/install/Templates.ini
View File

@ -592,6 +592,7 @@ ClosedClsid={C2F03A33-21F5-47FA-B4BB-156362A2F239}
ClosedClsid={470C0EBD-5D73-4D58-9CED-E91E22E23282} ClosedClsid={470C0EBD-5D73-4D58-9CED-E91E22E23282}
# never fake admin rights for explorer.exe (issue 3516) # never fake admin rights for explorer.exe (issue 3516)
FakeAdminRights=explorer.exe,n FakeAdminRights=explorer.exe,n
BreakoutDocumentProcess=explorer.exe,y
[Template_ThirdPartyIsolation] [Template_ThirdPartyIsolation]
# block VMNet0 virtual network configuration (issue 1102) # block VMNet0 virtual network configuration (issue 1102)