1.12.6
This commit is contained in:
parent
03488113b9
commit
6419d1c5d8
|
@ -11,6 +11,7 @@ todo: improve behaviorue of toolbar customization menu
|
|||
|
||||
### Fixed
|
||||
- fixed fix for [#3475](https://github.com/sandboxie-plus/Sandboxie/issues/3475) not working without FileRootPath being explicitly set
|
||||
- fixed "The directory name is invalid" when starting a process in a encrypted private box [#3475](https://github.com/sandboxie-plus/Sandboxie/issues/3475)
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -189,18 +189,21 @@ _FX BOOLEAN File_Init(void)
|
|||
// implement workaround, see SbieDll_TranslateNtToDosPath
|
||||
//
|
||||
|
||||
ULONG BoxFilePathLen = (0x1000 + 1) * sizeof(WCHAR);
|
||||
WCHAR* BoxFilePathConf = Dll_AllocTemp(BoxFilePathLen);
|
||||
if (!NT_SUCCESS(SbieApi_QueryConf(NULL, L"FileRootPath", 0, BoxFilePathConf, BoxFilePathLen)))
|
||||
SbieApi_QueryConf(NULL, L"\\??\\%SystemDrive%\\Sandbox\\%USER%\\%SANDBOX%", CONF_JUST_EXPAND, BoxFilePathConf, BoxFilePathLen);
|
||||
|
||||
if (SbieDll_TranslateNtToDosPath(BoxFilePathConf))
|
||||
ULONG BoxFilePathLen = 0;
|
||||
if (NT_SUCCESS(SbieApi_QueryProcessInfoStr(0, 'root', NULL, &BoxFilePathLen)))
|
||||
{
|
||||
Dll_BoxFileDosPathLen = wcslen(BoxFilePathConf);
|
||||
Dll_BoxFileDosPath = Dll_Alloc((Dll_BoxFileDosPathLen + 1) * sizeof(WCHAR));
|
||||
wcscpy((WCHAR *)Dll_BoxFileDosPath, BoxFilePathConf);
|
||||
WCHAR* BoxFilePathConf = Dll_AllocTemp(BoxFilePathLen);
|
||||
if (NT_SUCCESS(SbieApi_QueryProcessInfoStr(0, 'root', BoxFilePathConf, &BoxFilePathLen)))
|
||||
{
|
||||
if (SbieDll_TranslateNtToDosPath(BoxFilePathConf))
|
||||
{
|
||||
Dll_BoxFileDosPathLen = wcslen(BoxFilePathConf);
|
||||
Dll_BoxFileDosPath = Dll_Alloc((Dll_BoxFileDosPathLen + 1) * sizeof(WCHAR));
|
||||
wcscpy((WCHAR*)Dll_BoxFileDosPath, BoxFilePathConf);
|
||||
}
|
||||
}
|
||||
Dll_Free(BoxFilePathConf);
|
||||
}
|
||||
Dll_Free(BoxFilePathConf);
|
||||
}
|
||||
else
|
||||
Dll_BoxFileDosPathLen = wcslen(Dll_BoxFileDosPath);
|
||||
|
|
|
@ -662,6 +662,47 @@ _FX ULONG64 SbieApi_QueryProcessInfoEx(
|
|||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// SbieApi_QueryProcessInfoStr
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX LONG SbieApi_QueryProcessInfoStr(
|
||||
HANDLE ProcessId,
|
||||
ULONG info_type,
|
||||
WCHAR *out_str,
|
||||
ULONG *inout_str_len)
|
||||
{
|
||||
NTSTATUS status;
|
||||
__declspec(align(8)) UNICODE_STRING64 UniStr;
|
||||
__declspec(align(8)) ULONG64 parms[API_NUM_ARGS];
|
||||
API_QUERY_PROCESS_INFO_ARGS *args = (API_QUERY_PROCESS_INFO_ARGS *)parms;
|
||||
|
||||
memzero(parms, sizeof(parms));
|
||||
args->func_code = API_QUERY_PROCESS_INFO;
|
||||
|
||||
args->process_id.val64 = (ULONG64)(ULONG_PTR)ProcessId;
|
||||
args->info_type.val64 = (ULONG64)(ULONG_PTR)info_type;
|
||||
args->info_data.val64 = (ULONG64)(ULONG_PTR)inout_str_len;
|
||||
|
||||
if (out_str) {
|
||||
UniStr.Length = 0;
|
||||
UniStr.MaximumLength = (USHORT)*inout_str_len;
|
||||
UniStr.Buffer = (ULONG64)(ULONG_PTR)out_str;
|
||||
args->ext_data.val64 = (ULONG64)(ULONG_PTR)&UniStr;
|
||||
}
|
||||
|
||||
status = SbieApi_Ioctl(parms);
|
||||
|
||||
if (!NT_SUCCESS(status)) {
|
||||
if (out_str)
|
||||
*out_str = L'\0';
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// SbieApi_QueryBoxPath
|
||||
//---------------------------------------------------------------------------
|
||||
|
|
|
@ -138,6 +138,13 @@ ULONG64 SbieApi_QueryProcessInfoEx(
|
|||
ULONG info_type,
|
||||
ULONG64 ext_data);
|
||||
|
||||
SBIEAPI_EXPORT
|
||||
LONG SbieApi_QueryProcessInfoStr(
|
||||
HANDLE ProcessId,
|
||||
ULONG info_type,
|
||||
WCHAR *out_str,
|
||||
ULONG *inout_str_len);
|
||||
|
||||
SBIEAPI_EXPORT
|
||||
LONG SbieApi_QueryBoxPath(
|
||||
const WCHAR *box_name, // WCHAR [34]
|
||||
|
|
|
@ -113,6 +113,8 @@ _FX void Box_Free(BOX *box)
|
|||
Mem_Free(box->expand_args, sizeof(CONF_EXPAND_ARGS));
|
||||
if (box->file_path)
|
||||
Mem_Free(box->file_path, box->file_path_len);
|
||||
if (box->file_raw_path)
|
||||
Mem_Free(box->file_raw_path, box->file_raw_path_len);
|
||||
if (box->key_path)
|
||||
Mem_Free(box->key_path, box->key_path_len);
|
||||
if (box->ipc_path)
|
||||
|
@ -526,6 +528,7 @@ _FX BOX *Box_Clone(POOL *pool, const BOX *model)
|
|||
|
||||
CLONE_MEMBER(sid);
|
||||
CLONE_MEMBER(file_path);
|
||||
CLONE_MEMBER(file_raw_path);
|
||||
CLONE_MEMBER(key_path);
|
||||
CLONE_MEMBER(ipc_path);
|
||||
CLONE_MEMBER(pipe_path);
|
||||
|
|
|
@ -68,6 +68,11 @@ struct _BOX {
|
|||
WCHAR *file_path;
|
||||
ULONG file_path_len; // in bytes, including NULL
|
||||
|
||||
// when the file_path was redirected by a reparse point, we keep the original
|
||||
|
||||
WCHAR *file_raw_path;
|
||||
ULONG file_raw_path_len; // in bytes, including NULL
|
||||
|
||||
// 2. the registry entry point into the sandbox
|
||||
// (but note that the Registry.dat file resides below file_path)
|
||||
// default: HKEY_CURRENT_USER\Sandbox\BoxName
|
||||
|
|
|
@ -533,6 +533,9 @@ _FX void File_AdjustBoxFilePath(PROCESS *proc, HANDLE handle)
|
|||
|
||||
path_len = (path_len + 1) * sizeof(WCHAR);
|
||||
|
||||
InterlockedExchangePointer(&box->file_raw_path, box->file_path);
|
||||
InterlockedExchange(&box->file_raw_path_len, box->file_path_len);
|
||||
|
||||
InterlockedExchange(&box->file_path_len, 0);
|
||||
InterlockedExchangePointer(&box->file_path, path);
|
||||
InterlockedExchange(&box->file_path_len, path_len);
|
||||
|
@ -1252,7 +1255,7 @@ _FX NTSTATUS File_Generic_MyParseProc(
|
|||
}
|
||||
}
|
||||
|
||||
} else if (Box_IsBoxedPath(proc->box, file, &Name->Name))
|
||||
} else if (Box_IsBoxedPath(proc->box, file, &Name->Name) || (proc->box->file_raw_path && Box_IsBoxedPath(proc->box, file_raw, &Name->Name)))
|
||||
IsBoxedPath = TRUE;
|
||||
|
||||
//
|
||||
|
|
|
@ -357,9 +357,6 @@ _FX NTSTATUS Process_Api_QueryInfo(PROCESS *proc, ULONG64 *parms)
|
|||
|
||||
__try {
|
||||
|
||||
ULONG64 *data = args->info_data.val;
|
||||
ProbeForWrite(data, sizeof(ULONG64), sizeof(ULONG64));
|
||||
|
||||
if (args->info_type.val == 0) {
|
||||
|
||||
ULONG64 flags = 0;
|
||||
|
@ -410,18 +407,24 @@ _FX NTSTATUS Process_Api_QueryInfo(PROCESS *proc, ULONG64 *parms)
|
|||
flags = SBIE_FLAG_HOST_INJECT_PROCESS;
|
||||
}
|
||||
|
||||
*data = flags;
|
||||
ProbeForWrite(args->info_data.val, sizeof(ULONG64), sizeof(ULONG64));
|
||||
*args->info_data.val = flags;
|
||||
|
||||
} else if (args->info_type.val == 'pril') {
|
||||
|
||||
*data = proc->integrity_level;
|
||||
ProbeForWrite(args->info_data.val, sizeof(ULONG64), sizeof(ULONG64));
|
||||
*args->info_data.val = proc->integrity_level;
|
||||
|
||||
} else if (args->info_type.val == 'nt32') {
|
||||
|
||||
*data = proc->ntdll32_base;
|
||||
ProbeForWrite(args->info_data.val, sizeof(ULONG64), sizeof(ULONG64));
|
||||
*args->info_data.val = proc->ntdll32_base;
|
||||
|
||||
} else if (args->info_type.val == 'ptok') { // primary token
|
||||
|
||||
ULONG64 *data = args->info_data.val;
|
||||
ProbeForWrite(data, sizeof(ULONG64), sizeof(ULONG64));
|
||||
|
||||
if(is_caller_sandboxed)
|
||||
status = STATUS_ACCESS_DENIED;
|
||||
else
|
||||
|
@ -449,6 +452,9 @@ _FX NTSTATUS Process_Api_QueryInfo(PROCESS *proc, ULONG64 *parms)
|
|||
|
||||
} else if (args->info_type.val == 'itok' || args->info_type.val == 'ttok') { // impersonation token / test thread token
|
||||
|
||||
ULONG64 *data = args->info_data.val;
|
||||
ProbeForWrite(data, sizeof(ULONG64), sizeof(ULONG64));
|
||||
|
||||
if(is_caller_sandboxed)
|
||||
status = STATUS_ACCESS_DENIED;
|
||||
else if(!proc->threads_lock)
|
||||
|
@ -506,6 +512,9 @@ _FX NTSTATUS Process_Api_QueryInfo(PROCESS *proc, ULONG64 *parms)
|
|||
|
||||
} else if (args->info_type.val == 'ippt') { // is primary process token
|
||||
|
||||
ULONG64 *data = args->info_data.val;
|
||||
ProbeForWrite(data, sizeof(ULONG64), sizeof(ULONG64));
|
||||
|
||||
HANDLE handle = (HANDLE)(args->ext_data.val);
|
||||
|
||||
OBJECT_TYPE* object;
|
||||
|
@ -524,11 +533,34 @@ _FX NTSTATUS Process_Api_QueryInfo(PROCESS *proc, ULONG64 *parms)
|
|||
|
||||
proc->detected_image_type = (ULONG)(args->ext_data.val);
|
||||
|
||||
*data = 0;
|
||||
|
||||
} else if (args->info_type.val == 'gpit') { // get process image type
|
||||
|
||||
*data = proc->detected_image_type;
|
||||
ProbeForWrite(args->info_data.val, sizeof(ULONG64), sizeof(ULONG64));
|
||||
*args->info_data.val = proc->detected_image_type;
|
||||
|
||||
} else if (args->info_type.val == 'root') {
|
||||
|
||||
//
|
||||
// When querygin a sandboxed process API_QUERY_PROCESS_PATH return the reparsed file root path
|
||||
// this info class is used to retrive the raw i.e. not reparsed file root path
|
||||
//
|
||||
// Note: API_QUERY_BOX_PATH when invoked by a sandboxed process also returns its reparsed file root path
|
||||
//
|
||||
|
||||
if(!proc->box->file_raw_path)
|
||||
status = STATUS_VARIABLE_NOT_FOUND;
|
||||
else
|
||||
{
|
||||
ULONG* file_path_len = (ULONG*)args->info_data.val64;
|
||||
UNICODE_STRING64 *file_path = (UNICODE_STRING64*)args->ext_data.val64;
|
||||
|
||||
if (file_path_len) {
|
||||
ProbeForWrite(file_path_len, sizeof(ULONG), sizeof(ULONG));
|
||||
*file_path_len = proc->box->file_raw_path_len;
|
||||
}
|
||||
|
||||
Api_CopyStringToUser(file_path, proc->box->file_raw_path, proc->box->file_raw_path_len);
|
||||
}
|
||||
|
||||
} else
|
||||
status = STATUS_INVALID_INFO_CLASS;
|
||||
|
|
Loading…
Reference in New Issue