Update start.cpp

2024-05-18 11:25:48 +02:00 · 2024-05-18 11:25:48 +02:00 · 9a5aefe44c
parent e7816f2230
commit 9a5aefe44c
1 changed files with 59 additions and 96 deletions
--- a/Sandboxie/apps/start/start.cpp
+++ b/Sandboxie/apps/start/start.cpp
@ -29,6 +29,8 @@
 #include "common/my_version.h"
 #include "msgs/msgs.h"
 #include "core/drv/api_defs.h"
+#include <psapi.h>
+#include <Shlwapi.h>


 //---------------------------------------------------------------------------
@ -61,7 +63,6 @@ extern WCHAR *DoStartMenu(void);
 extern BOOL WriteStartMenuResult(const WCHAR *MapName, const WCHAR *Command);
 extern void DeleteSandbox(
    const WCHAR *BoxName, BOOL bLogoff, BOOL bSilent, int phase);
-DWORD GetParentPIDAndName(DWORD ProcessID, LPTSTR lpszBuffer_Parent_Name, PDWORD ErrCodeForBuffer);


 extern "C" {
@ -1661,6 +1662,44 @@ void StartAllAutoRunEntries()
 }


+//---------------------------------------------------------------------------
+// GetParentPIDAndName
+//---------------------------------------------------------------------------
+
+extern "C" WINBASEAPI BOOL WINAPI QueryFullProcessImageNameW(HANDLE hProcess, DWORD dwFlags, LPWSTR lpExeName, PDWORD lpdwSize);
+
+DWORD GetParentPIDAndName(DWORD ProcessID, LPTSTR lpszBuffer_Parent_Name) 
+{
+	HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, ProcessID);
+	if (!ProcessID) 
+		return 0;
+
+	PROCESS_BASIC_INFORMATION pbi;
+	NTSTATUS status = NtQueryInformationProcess(hProcess, ProcessBasicInformation, (LPVOID)&pbi, sizeof(pbi), NULL);
+
+	DWORD dwParentID = 0;
+	if (NT_SUCCESS(status)) {
+		
+		dwParentID = (DWORD)pbi.InheritedFromUniqueProcessId;
+
+		if (NULL != lpszBuffer_Parent_Name) {
+
+			HANDLE hParentProcess = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, dwParentID);
+            if (hParentProcess) {
+
+                DWORD dwSize;
+                BOOL ret = QueryFullProcessImageNameW(hParentProcess, 0, lpszBuffer_Parent_Name, &dwSize);
+
+                CloseHandle(hParentProcess);
+            }
+		}
+	}
+
+	CloseHandle(hProcess);
+	return dwParentID;
+}
+
+
 //---------------------------------------------------------------------------
 // RestartInSandbox
 //---------------------------------------------------------------------------
@ -1721,6 +1760,25 @@ ULONG RestartInSandbox(void)

    SbieApi_GetHomePath(NULL, 0, dir, 1020);

+    //
+    //
+    //
+
+	if (SbieApi_QueryConfBool(BoxName, L"AlertBeforeStart", FALSE)) {
+
+        WCHAR parent_image[1020] = L"";
+		GetParentPIDAndName(GetCurrentProcessId(), parent_image);
+
+		WCHAR* text = SbieDll_FormatMessage1(MSG_3198, BoxName);
+		if (MessageBoxW(NULL, text, Sandboxie_Start_Title, MB_YESNO) == IDNO)
+			return EXIT_FAILURE;
+
+        if (_wcsnicmp(parent_image, dir, wcslen(dir)) != 0) {
+            if (MessageBoxW(NULL, SbieDll_FormatMessage0(3199), Sandboxie_Start_Title, MB_YESNO) == IDNO)
+                return EXIT_FAILURE;
+        }
+	}
+
    //
    //
    //
@ -1918,22 +1976,6 @@ int __stdcall WinMainCRTStartup(

    run_program:

-		if (SbieApi_QueryConfBool(BoxName, L"AlertBeforeStart", FALSE)) {
-			WCHAR* tips=L"";
-			wprintf(SbieDll_FormatMessage0(3198), BoxName);
-			if (MessageBoxW(NULL, tips, L"Sandboxie Start", MB_YESNO) == IDNO)
-				die(10000);
-			else {
-				DWORD error;
-				WCHAR buf[255] = L"";
-				GetParentPIDAndName(GetCurrentProcessId(), buf, &error);
-				WCHAR dir[1020] = L"";
-				SbieApi_GetHomePath(NULL, 0, dir, 1020);
-				if (wcsstr(buf, dir) == NULL)
-					if (MessageBoxW(NULL, SbieDll_FormatMessage0(3199), L"Warn", MB_YESNO) == IDNO)
-						die(10000);
-			}
-		}
        start = ::GetTickCount();

        rc = Program_Start();
@ -1951,86 +1993,7 @@ int __stdcall WinMainCRTStartup(

    return die(rc);
 }
-#include <psapi.h>
-#include <Shlwapi.h>
-typedef
-__kernel_entry NTSTATUS
-(NTAPI* NQIP)(
-	IN HANDLE ProcessHandle,
-	IN PROCESSINFOCLASS ProcessInformationClass,
-	OUT PVOID ProcessInformation,
-	IN ULONG ProcessInformationLength,
-	OUT PULONG ReturnLength OPTIONAL
-	);
-typedef BOOL (*QFPIN)(
-	      HANDLE hProcess,
-	      DWORD  dwFlags,
-	     LPTSTR  lpExeName,
-	 PDWORD lpdwSize
-);
-DWORD GetParentPIDAndName(DWORD ProcessID, LPTSTR lpszBuffer_Parent_Name, PDWORD ErrCodeForBuffer) {

-	HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, ProcessID);
-	if (!ProcessID) {
-		return 0;
-	}
-
-
-	HMODULE hNtdll = GetModuleHandle(L"ntdll.dll");
-	if (!hNtdll) {
-
-		CloseHandle(hProcess);
-		return 0;
-	}
-
-	NQIP _NtQueryInformationProcess = (NQIP)GetProcAddress(hNtdll, "NtQueryInformationProcess");
-	if (!_NtQueryInformationProcess) {
-		CloseHandle(hProcess);
-		return 0;
-	}
-	HMODULE hKer32 = GetModuleHandle(L"kernel32.dll");
-	if (!hKer32) {
-
-		CloseHandle(hProcess);
-		return 0;
-	}
-
-	QFPIN _QueryFullProcessImageNameW = (QFPIN)GetProcAddress(hKer32, "QueryFullProcessImageNameW");
-	if (!_QueryFullProcessImageNameW) {
-		CloseHandle(hProcess);
-		return 0;
-	}
-	PROCESS_BASIC_INFORMATION pbi;
-	NTSTATUS status = _NtQueryInformationProcess(
-		hProcess,
-		ProcessBasicInformation,
-		(LPVOID)&pbi, sizeof(PROCESS_BASIC_INFORMATION),
-		NULL);
-
-	DWORD dwParentID = 0;
-	if (NT_SUCCESS(status)) {
-		
-		dwParentID = (DWORD)pbi.InheritedFromUniqueProcessId;
-
-		if (NULL != lpszBuffer_Parent_Name) {
-			HANDLE hParentProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwParentID);
-			if (hParentProcess) {
-
-				DWORD bufs;
-				
-				BOOL ret = _QueryFullProcessImageNameW(hParentProcess, 0,lpszBuffer_Parent_Name,&bufs);
-				
-
-
-			}
-			if (hParentProcess)
-				CloseHandle(hParentProcess);
-		}
-	}
-
-	CloseHandle(hProcess);
-	return dwParentID;
-}

 int __stdcall WinMain(
    HINSTANCE hInstance,