From 76ca6187c4fe33ea0a7e9388a7f3149f198109ec Mon Sep 17 00:00:00 2001 From: DavidXanatos Date: Sun, 29 Nov 2020 22:28:57 +0100 Subject: [PATCH] WKMD 10.0 --- Sandboxie/core/drv/SboxDrv.vcxproj | 20 +++++++++++--------- Sandboxie/core/drv/SboxDrv.vcxproj.filters | 4 +--- Sandboxie/core/drv/api.c | 3 +-- Sandboxie/core/drv/conf_expand.c | 2 +- Sandboxie/core/drv/conf_user.c | 3 +-- Sandboxie/core/drv/driver.c | 18 ++++++++++++++++-- Sandboxie/core/drv/driver.h | 2 ++ Sandboxie/core/drv/file_xlat.c | 2 +- Sandboxie/core/drv/hook_32.c | 2 +- Sandboxie/core/drv/ipc.c | 2 +- Sandboxie/core/drv/key_flt.c | 6 +++--- Sandboxie/core/drv/mem.c | 3 +-- Sandboxie/core/drv/my_winnt.h | 12 ++++++++++-- Sandboxie/core/drv/process_api.c | 4 ++-- Sandboxie/core/drv/process_force.c | 4 ++-- Sandboxie/core/drv/process_low.c | 3 +-- Sandboxie/core/drv/process_util.c | 2 +- Sandboxie/core/drv/thread_token.c | 2 +- Sandboxie/core/drv/token.c | 6 +++--- 19 files changed, 60 insertions(+), 40 deletions(-) diff --git a/Sandboxie/core/drv/SboxDrv.vcxproj b/Sandboxie/core/drv/SboxDrv.vcxproj index 62c92b6c..3b9f74b8 100644 --- a/Sandboxie/core/drv/SboxDrv.vcxproj +++ b/Sandboxie/core/drv/SboxDrv.vcxproj @@ -21,7 +21,7 @@ Win32Proj {4019C5EB-8D1E-40E4-B7D1-5601B4B27288} - 8.1 + 10.0.17763.0 @@ -30,9 +30,11 @@ v140 - Application + Driver true - v140 + WindowsKernelModeDriver10.0 + Windows7 + WDM Application @@ -40,9 +42,11 @@ v140 - Application + Driver false - v140 + WindowsKernelModeDriver10.0 + Windows7 + WDM @@ -77,8 +81,6 @@ false false SbieDrv - C:\WinDDK\7600.16385.1\inc\ddk;C:\WinDDK\7600.16385.1\inc\crt;C:\WinDDK\7600.16385.1\inc\api;$(IncludePath) - C:\WinDDK\7600.16385.1\lib\wnet\amd64;$(LibraryPath) .sys @@ -93,8 +95,6 @@ false false SbieDrv - C:\WinDDK\7600.16385.1\inc\ddk;C:\WinDDK\7600.16385.1\inc\crt;C:\WinDDK\7600.16385.1\inc\api;$(IncludePath) - C:\WinDDK\7600.16385.1\lib\wnet\amd64;$(LibraryPath) @@ -132,6 +132,7 @@ /Wv:18 %(AdditionalOptions) + POOL_NX_OPTIN=1;%(PreprocessorDefinitions) Native @@ -198,6 +199,7 @@ + POOL_NX_OPTIN=1;%(PreprocessorDefinitions) Native diff --git a/Sandboxie/core/drv/SboxDrv.vcxproj.filters b/Sandboxie/core/drv/SboxDrv.vcxproj.filters index 414b8904..86614f12 100644 --- a/Sandboxie/core/drv/SboxDrv.vcxproj.filters +++ b/Sandboxie/core/drv/SboxDrv.vcxproj.filters @@ -40,9 +40,6 @@ xp - - xp - xp @@ -74,6 +71,7 @@ common + diff --git a/Sandboxie/core/drv/api.c b/Sandboxie/core/drv/api.c index 24cf9221..d03189ec 100644 --- a/Sandboxie/core/drv/api.c +++ b/Sandboxie/core/drv/api.c @@ -137,8 +137,7 @@ _FX BOOLEAN Api_Init(void) // initialize Fast IO dispatch pointers // - Api_FastIoDispatch = ExAllocatePoolWithTag( - NonPagedPool, sizeof(FAST_IO_DISPATCH), tzuk); + Api_FastIoDispatch = ExAllocatePoolWithTag(NonPagedPool, sizeof(FAST_IO_DISPATCH), tzuk); if (! Api_FastIoDispatch) { Log_Status(MSG_API_DEVICE, 0, STATUS_INSUFFICIENT_RESOURCES); return FALSE; diff --git a/Sandboxie/core/drv/conf_expand.c b/Sandboxie/core/drv/conf_expand.c index edfdb038..e42713f7 100644 --- a/Sandboxie/core/drv/conf_expand.c +++ b/Sandboxie/core/drv/conf_expand.c @@ -308,7 +308,7 @@ _FX WCHAR *Conf_Expand_Helper( static const WCHAR *_DefaultSpoolDirectoryPrefix = L"%SystemRoot%\\System32\\spool\\"; NTSTATUS status; - const WCHAR *ptr1, *ptr2; + const WCHAR *ptr1, *ptr2 = L""; WCHAR varname[66]; ULONG len; WCHAR *buf, *ptr; diff --git a/Sandboxie/core/drv/conf_user.c b/Sandboxie/core/drv/conf_user.c index 1c2a963f..dd95c282 100644 --- a/Sandboxie/core/drv/conf_user.c +++ b/Sandboxie/core/drv/conf_user.c @@ -91,8 +91,7 @@ _FX BOOLEAN Conf_Init_User(void) { List_Init(&Conf_Users); - Conf_Users_Event = - ExAllocatePoolWithTag(NonPagedPool, sizeof(KEVENT), tzuk); + Conf_Users_Event = ExAllocatePoolWithTag(NonPagedPool, sizeof(KEVENT), tzuk); if (! Conf_Users_Event) { Log_Msg0(MSG_1104); return FALSE; diff --git a/Sandboxie/core/drv/driver.c b/Sandboxie/core/drv/driver.c index ae518b34..107f721d 100644 --- a/Sandboxie/core/drv/driver.c +++ b/Sandboxie/core/drv/driver.c @@ -47,8 +47,8 @@ NTSTATUS DriverEntry( - DRIVER_OBJECT *DriverObject, - UNICODE_STRING *RegistryPath); + IN DRIVER_OBJECT *DriverObject, + IN UNICODE_STRING *RegistryPath); static BOOLEAN Driver_CheckOsVersion(void); @@ -56,7 +56,9 @@ static BOOLEAN Driver_InitPublicSecurity(void); static BOOLEAN Driver_FindHomePath(UNICODE_STRING *RegistryPath); +#ifdef WINXP_SUPPORT static BOOLEAN Driver_FindMissingServices(void); +#endif // WINXP_SUPPORT static void SbieDrv_DriverUnload(DRIVER_OBJECT *DriverObject); @@ -68,7 +70,9 @@ static void SbieDrv_DriverUnload(DRIVER_OBJECT *DriverObject); #pragma alloc_text (INIT, DriverEntry) #pragma alloc_text (INIT, Driver_CheckOsVersion) #pragma alloc_text (INIT, Driver_FindHomePath) +#ifdef WINXP_SUPPORT #pragma alloc_text (INIT, Driver_FindMissingServices) +#endif // WINXP_SUPPORT #endif // ALLOC_PRAGMA @@ -122,7 +126,9 @@ ULONG Process_Flags3 = 0; //--------------------------------------------------------------------------- +#ifdef WINXP_SUPPORT P_NtSetInformationToken ZwSetInformationToken = NULL; +#endif // WINXP_SUPPORT //--------------------------------------------------------------------------- @@ -136,6 +142,8 @@ _FX NTSTATUS DriverEntry( { BOOLEAN ok = TRUE; + ExInitializeDriverRuntime(DrvRtPoolNxOptIn); + // // initialize global driver variables // @@ -188,8 +196,10 @@ _FX NTSTATUS DriverEntry( if (ok) ok = Session_Init(); +#ifdef WINXP_SUPPORT if (ok) ok = Driver_FindMissingServices(); +#endif // WINXP_SUPPORT if (ok) ok = Token_Init(); @@ -585,6 +595,8 @@ _FX BOOLEAN Driver_FindHomePath(UNICODE_STRING *RegistryPath) //--------------------------------------------------------------------------- +#ifdef WINXP_SUPPORT + #define FIND_SERVICE(svc,prmcnt) \ { \ static const char *ProcName = #svc; \ @@ -634,6 +646,8 @@ _FX BOOLEAN Driver_FindMissingServices(void) #undef FIND_SERVICE +#endif // WINXP_SUPPORT + //--------------------------------------------------------------------------- // DriverUnload diff --git a/Sandboxie/core/drv/driver.h b/Sandboxie/core/drv/driver.h index bc5be2fa..62d6c9bb 100644 --- a/Sandboxie/core/drv/driver.h +++ b/Sandboxie/core/drv/driver.h @@ -83,7 +83,9 @@ typedef struct _KEY_MOUNT KEY_MOUNT; //--------------------------------------------------------------------------- +#ifdef WINXP_SUPPORT extern P_NtSetInformationToken ZwSetInformationToken; +#endif // WINXP_SUPPORT //--------------------------------------------------------------------------- diff --git a/Sandboxie/core/drv/file_xlat.c b/Sandboxie/core/drv/file_xlat.c index 3823d735..99202359 100644 --- a/Sandboxie/core/drv/file_xlat.c +++ b/Sandboxie/core/drv/file_xlat.c @@ -284,7 +284,7 @@ _FX NTSTATUS File_TranslateShares( _FX NTSTATUS File_TranslateSymlinks(WCHAR *name, ULONG max_len) { NTSTATUS status; - HANDLE handle; + HANDLE handle = NULL; OBJECT_ATTRIBUTES objattrs; UNICODE_STRING uni; ULONG len, rem, ofs; diff --git a/Sandboxie/core/drv/hook_32.c b/Sandboxie/core/drv/hook_32.c index 99cf8853..617954c4 100644 --- a/Sandboxie/core/drv/hook_32.c +++ b/Sandboxie/core/drv/hook_32.c @@ -250,7 +250,7 @@ skip_padding_bytes: _FX ULONG Hook_Find_ZwRoutine_2(ULONG ServiceNum, void **out_routine) { - UCHAR *addr; + UCHAR *addr = NULL; BOOLEAN found = FALSE; ULONG subcode = 0; int i; diff --git a/Sandboxie/core/drv/ipc.c b/Sandboxie/core/drv/ipc.c index 44af19c4..e19b998a 100644 --- a/Sandboxie/core/drv/ipc.c +++ b/Sandboxie/core/drv/ipc.c @@ -1323,7 +1323,7 @@ _FX NTSTATUS Ipc_Api_CreateDirOrLink(PROCESS *proc, ULONG64 *parms) NTSTATUS status; HANDLE handle; UNICODE_STRING64 *user_uni; - WCHAR *user_buf, *objname_buf, *target_buf; + WCHAR *user_buf, *objname_buf = NULL, *target_buf; ULONG user_len, objname_len, target_len; OBJECT_ATTRIBUTES objattrs; UNICODE_STRING objname, target; diff --git a/Sandboxie/core/drv/key_flt.c b/Sandboxie/core/drv/key_flt.c index 45778f62..64384024 100644 --- a/Sandboxie/core/drv/key_flt.c +++ b/Sandboxie/core/drv/key_flt.c @@ -487,13 +487,13 @@ WCHAR * Key_GetSandboxPath(ULONG spid, void *Object) if (temp) { // Matches "\REGISTRY\USER\S-1-5-21*\" - if (!wcsnicmp(&KeyName->Buffer[head_len], USERS, wcslen(USERS))) + if (!_wcsnicmp(&KeyName->Buffer[head_len], USERS, wcslen(USERS))) { ULONG sidSize = (ULONG)temp - (ULONG)&KeyName->Buffer[head_len]; if (sidSize < MAX_USER_SID_SIZE) { // Matches "\REGISTRY\USER\S-1-5-21*_Classes\" - if (!wcsnicmp(temp - wcslen(CLASSES), L"_Classes", wcslen(CLASSES))) + if (!_wcsnicmp(temp - wcslen(CLASSES), L"_Classes", wcslen(CLASSES))) { wcscpy(targetName + path_len, L"\\user\\current_classes"); path_len += wcslen(L"\\user\\current_classes"); @@ -510,7 +510,7 @@ WCHAR * Key_GetSandboxPath(ULONG spid, void *Object) } } // starts with "\REGISTRY\\MACHINE\" - else if (!wcsnicmp(KeyName->Buffer, HEADER_MACHINE, wcslen(HEADER_MACHINE))) + else if (!_wcsnicmp(KeyName->Buffer, HEADER_MACHINE, wcslen(HEADER_MACHINE))) { wcscpy(targetName + path_len, KeyName->Buffer + 9); targetFound = 1; diff --git a/Sandboxie/core/drv/mem.c b/Sandboxie/core/drv/mem.c index 579d150d..1e417a4e 100644 --- a/Sandboxie/core/drv/mem.c +++ b/Sandboxie/core/drv/mem.c @@ -130,8 +130,7 @@ _FX void Mem_FreeString(WCHAR *string) _FX BOOLEAN Mem_GetLockResource(PERESOURCE *ppResource, BOOLEAN InitMsg) { - *ppResource = ExAllocatePoolWithTag( - NonPagedPool, sizeof(ERESOURCE), tzuk); + *ppResource = ExAllocatePoolWithTag(NonPagedPool, sizeof(ERESOURCE), tzuk); if (*ppResource) { ExInitializeResourceLite(*ppResource); return TRUE; diff --git a/Sandboxie/core/drv/my_winnt.h b/Sandboxie/core/drv/my_winnt.h index 4d871014..70f93070 100644 --- a/Sandboxie/core/drv/my_winnt.h +++ b/Sandboxie/core/drv/my_winnt.h @@ -45,7 +45,7 @@ #define SE_GROUP_LOGON_ID (0xC0000000L) #define SE_GROUP_RESOURCE (0x20000000L) - +#ifdef WINXP_SUPPORT typedef enum _TOKEN_INFORMATION_CLASS2 { TokenIsAppContainer = 29, TokenCapabilities, @@ -63,6 +63,7 @@ typedef enum _TOKEN_INFORMATION_CLASS2 { TokenPrivateNameSpace//, //MaxTokenInfoClass // MaxTokenInfoClass should always be the last enum } TOKEN_INFORMATION_CLASS2; +#endif // WINXP_SUPPORT NTOS_NTSTATUS ZwOpenThreadToken( IN HANDLE ThreadHandle, @@ -310,8 +311,13 @@ NTOS_NTSTATUS ZwSetInformationProcess( #define THREAD_DIRECT_IMPERSONATION (0x0200) #define THREAD_SET_LIMITED_INFORMATION (0x0400) // vista #define THREAD_QUERY_LIMITED_INFORMATION (0x0800) // vista +#if (NTDDI_VERSION >= NTDDI_VISTA) #define THREAD_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \ - 0x3FF) + 0xFFFF) +#else +#define THREAD_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \ + 0x3FF) +#endif NTOS_NTSTATUS PsSetThreadHardErrorsAreDisabled( @@ -624,6 +630,7 @@ typedef ULONG OB_OPERATION; #define OB_OPERATION_HANDLE_CREATE 0x00000001 #define OB_OPERATION_HANDLE_DUPLICATE 0x00000002 +#if (NTDDI_VERSION < NTDDI_VISTASP1) NTOS_NTSTATUS ObRegisterCallbacks( __in POB_CALLBACK_REGISTRATION CallbackRegistration, __deref_out PVOID *RegistrationHandle); @@ -631,6 +638,7 @@ NTOS_NTSTATUS ObRegisterCallbacks( NTOS_NTSTATUS ObUnRegisterCallbacks( __in PVOID RegistrationHandle); +#endif // ------------------------------------------------------------------ diff --git a/Sandboxie/core/drv/process_api.c b/Sandboxie/core/drv/process_api.c index 8d30ae3f..29491ab4 100644 --- a/Sandboxie/core/drv/process_api.c +++ b/Sandboxie/core/drv/process_api.c @@ -54,8 +54,8 @@ _FX NTSTATUS Process_Api_Start(PROCESS *proc, ULONG64 *parms) { LONG_PTR user_box_parm; HANDLE user_pid_parm; - BOX *box; - PEPROCESS ProcessObject; + BOX *box = NULL; + PEPROCESS ProcessObject = NULL; NTSTATUS status; // diff --git a/Sandboxie/core/drv/process_force.c b/Sandboxie/core/drv/process_force.c index 5dde3ca0..6ea4aaf2 100644 --- a/Sandboxie/core/drv/process_force.c +++ b/Sandboxie/core/drv/process_force.c @@ -138,9 +138,9 @@ _FX BOX *Process_GetForcedStartBox( NTSTATUS status; ULONG SessionId; UNICODE_STRING SidString; - WCHAR *ImagePath2; + WCHAR *ImagePath2 = L""; ULONG ImagePath2_len; - const WCHAR *ImageName; + const WCHAR *ImageName = L""; PEPROCESS ProcessObject; WCHAR *CurDir, *DocArg; diff --git a/Sandboxie/core/drv/process_low.c b/Sandboxie/core/drv/process_low.c index 2a09987f..6e642576 100644 --- a/Sandboxie/core/drv/process_low.c +++ b/Sandboxie/core/drv/process_low.c @@ -58,8 +58,7 @@ static KEVENT *Process_Low_Event = NULL; _FX BOOLEAN Process_Low_Init(void) { - Process_Low_Event = - ExAllocatePoolWithTag(NonPagedPool, sizeof(KEVENT), tzuk); + Process_Low_Event = ExAllocatePoolWithTag(NonPagedPool, sizeof(KEVENT), tzuk); if (! Process_Low_Event) { Log_Msg0(MSG_1104); return FALSE; diff --git a/Sandboxie/core/drv/process_util.c b/Sandboxie/core/drv/process_util.c index 05d836a9..1e960182 100644 --- a/Sandboxie/core/drv/process_util.c +++ b/Sandboxie/core/drv/process_util.c @@ -915,7 +915,7 @@ _FX NTSTATUS Process_GetSidStringAndSessionId( UNICODE_STRING *SidString, ULONG *SessionId) { NTSTATUS status; - PEPROCESS ProcessObject; + PEPROCESS ProcessObject = NULL; PACCESS_TOKEN TokenObject; if (ProcessHandle == NtCurrentProcess()) { diff --git a/Sandboxie/core/drv/thread_token.c b/Sandboxie/core/drv/thread_token.c index 5a432558..9c5998eb 100644 --- a/Sandboxie/core/drv/thread_token.c +++ b/Sandboxie/core/drv/thread_token.c @@ -1172,7 +1172,7 @@ _FX NTSTATUS Thread_SetInformationThread_ImpersonationToken( void *ProcessObject; PROCESS *proc2; THREAD *thrd2; - HANDLE MyTokenHandle; + HANDLE MyTokenHandle = NULL; NTSTATUS status; SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; BOOLEAN MustCreateThread; diff --git a/Sandboxie/core/drv/token.c b/Sandboxie/core/drv/token.c index aa3169ef..99d9da1b 100644 --- a/Sandboxie/core/drv/token.c +++ b/Sandboxie/core/drv/token.c @@ -501,7 +501,7 @@ _FX void *Token_FilterPrimary(PROCESS *proc, void *ProcessObject) _FX void *Token_Filter(void *TokenObject, ULONG DropRights, ULONG SessionId) { TOKEN_GROUPS *groups; - void *ReturnToken; + void *ReturnToken = NULL; NTSTATUS status; ULONG i, j; BOOLEAN ShouldFilterToken = FALSE; @@ -1015,7 +1015,7 @@ _FX BOOLEAN Token_IsSharedSid_W8(void *TokenObject) _FX void *Token_RestrictHelper1( void *TokenObject, ULONG *OutIntegrityLevel, PROCESS *proc) { - void *NewTokenObject; + void *NewTokenObject = NULL; SID_AND_ATTRIBUTES *SidAndAttrsInToken = NULL; ULONG RestrictedSidCount_offset = 0; ULONG RestrictedSids_offset = 0; @@ -1505,7 +1505,7 @@ _FX NTSTATUS Token_AssignPrimaryHandle( { NTSTATUS status; HANDLE ProcessHandle; - ULONG *PtrPrimaryTokenFrozen; + ULONG *PtrPrimaryTokenFrozen = NULL; ULONG SavePrimaryTokenFrozen; //