mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

1.5.0

This commit is contained in:
DavidXanatos 2022-10-12 22:23:30 +02:00
parent e00cacb0b9
commit a5629b36b4
15 changed files with 63 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Sandboxie/apps/start/aboutdlg.cpp
View File

@ -317,8 +317,7 @@ bool DoAboutDialog(bool bReminder)
if (NT_SUCCESS(SbieApi_Call(API_GET_SECURE_PARAM, 3, L"ReminderShedule", (ULONG_PTR)&ReminderShedule, sizeof(ReminderShedule)))) {
for (USHORT* Cur = ReminderShedule; (ULONG_PTR)Cur < (ULONG_PTR)ReminderShedule + sizeof(ReminderShedule) && *Cur != 0; Cur += 2) {
if (Days > Cur[0]) {
if (Interval > Cur[1])
Interval = Cur[1];
if (Cur[1] < Interval) Interval = Cur[1];
break;
}
}

2
Sandboxie/apps/start/start.cpp
View File

@ -789,7 +789,7 @@ BOOL Parse_Command_Line(void)
return TRUE;
// show abouth dialog
// show about dialog
} else if (wcsncmp(cmd, about_dialog, wcslen(about_dialog)) == 0) {

2
Sandboxie/common/my_version.h
View File

@ -72,8 +72,6 @@
#define MY_AUTOPLAY_CLSID 0x7E950284, 0xE123, 0x49F4, \
{ 0xB3, 0x2B, 0xA8,0x06, 0xC0, 0x90, 0xD7, 0x47 }
#define SBIECTRL_LOGO_IMAGE "../res/MastheadLogo.jpg"
#define TITLE_SUFFIX_W L" [#]"
#define TITLE_SUFFIX_A " [#]"

11
Sandboxie/common/ntproto.h
View File

@ -186,8 +186,8 @@ typedef NTSTATUS (*P_NtCreateKeyTransacted)(
IN ULONG TitleIndex,
IN PUNICODE_STRING Class OPTIONAL,
IN ULONG CreateOptions,
OUT PULONG Disposition OPTIONAL,
IN PVOID Transaction);
IN PVOID Transaction,
OUT PULONG Disposition OPTIONAL);
typedef NTSTATUS (*P_NtCreateMutant)(
OUT PHANDLE MutantHandle,
@ -648,6 +648,13 @@ typedef NTSTATUS (*P_NtOpenKeyTransacted)(
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN PVOID Transaction);
typedef NTSTATUS (*P_NtOpenKeyTransactedEx)(
OUT PHANDLE KeyHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN ULONG OpenOptions,
IN PVOID Transaction);
typedef NTSTATUS (*P_NtOpenMutant)(
OUT PHANDLE MutantHandle,
IN ACCESS_MASK DesiredAccess,

13
Sandboxie/common/win32_ntddk.h
View File

@ -306,6 +306,14 @@ NtCreateDirectoryObject(
IN POBJECT_ATTRIBUTES ObjectAttributes
);
__declspec(dllimport) NTSTATUS __stdcall
NtCreateDirectoryObjectEx(
OUT PHANDLE DirectoryHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN HANDLE ShadowDirectoryHandle,
IN ULONG Flags);
__declspec(dllimport) NTSTATUS __stdcall
NtOpenDirectoryObject(
OUT PHANDLE DirectoryHandle,
@ -1988,6 +1996,11 @@ __declspec(dllimport) NTSTATUS __stdcall NtLoadKey(
POBJECT_ATTRIBUTES TargetObjectAttributes,
POBJECT_ATTRIBUTES SourceObjectAttributes);
__declspec(dllimport) NTSTATUS __stdcall NtLoadKey2(
POBJECT_ATTRIBUTES TargetObjectAttributes,
POBJECT_ATTRIBUTES SourceObjectAttributes,
ULONG Flags);
__declspec(dllimport) NTSTATUS __stdcall NtSaveKey(
HANDLE KeyHandle,
HANDLE FileHandle);

54
Sandboxie/core/dll/com.c
View File

@ -105,9 +105,6 @@ static HRESULT __fastcall Com_CoUnmarshalInterface_W81(
ULONG_PTR StreamAddr, ULONG zero, REFIID riid, void **ppv);
#endif
static HRESULT Com_CoUnmarshalInterface_W10(
ULONG_PTR StreamAddr, REFIID riid,void **ppv);
static HRESULT Com_CoUnmarshalInterface(
IStream *pStream, REFIID riid, void **ppv);
@ -197,8 +194,6 @@ typedef ULONG (__fastcall *P_CoUnmarshalInterface_W8)(
typedef ULONG (__fastcall *P_CoUnmarshalInterface_W81)(
ULONG_PTR StreamAddr, ULONG zero, REFIID riid, void **ppv);
typedef ULONG(*P_CoUnmarshalInterface_W10)(
ULONG_PTR StreamAddr, REFIID riid,void **ppv );
typedef ULONG (*P_CoMarshalInterface)(
IStream *pStream, REFIID riid, IUnknown *pUnknown,
@ -239,7 +234,6 @@ P_CoUnmarshalInterface __sys_CoUnmarshalInterface = NULL;
P_CoUnmarshalInterface_W8 __sys_CoUnmarshalInterface_W8 = NULL;
P_CoUnmarshalInterface_W81 __sys_CoUnmarshalInterface_W81 = NULL;
#endif
P_CoUnmarshalInterface_W10 __sys_CoUnmarshalInterface_W10 = NULL;
P_CoMarshalInterface __sys_CoMarshalInterface = NULL;
P_CoGetPSClsid __sys_CoGetPSClsid = NULL;
@ -898,12 +892,6 @@ _FX BOOLEAN Com_Hook_CoUnmarshalInterface_W8(UCHAR *code, HMODULE module)
// have to do some __fastcall magic. see Com_CoUnmarshalInterface_W8
//
P_CoUnmarshalInterface_W10 CoUnmarshalInterface_W10 = (P_CoUnmarshalInterface_W10)GetProcAddress(GetModuleHandle(L"combase.dll"), "CoUnmarshalInterface");
if (CoUnmarshalInterface_W10) {
SBIEDLL_HOOK(Com_, CoUnmarshalInterface_W10);
return TRUE;
}
#ifdef _WIN64
if (Dll_OsBuild >= 15002) { // Windows 10 1703 preview
@ -1114,50 +1102,8 @@ _FX HRESULT __fastcall Com_CoUnmarshalInterface_W81(
return Com_CoUnmarshalInterface_Common(pStream, riid, ppv, &posl);
}
_FX HRESULT Com_CoUnmarshalInterface_W10(
ULONG_PTR StreamAddr, REFIID riid, void **ppv)
{
const HRESULT HR_OR_INVALID_OXID =
MAKE_HRESULT(SEVERITY_ERROR, FACILITY_WIN32, OR_INVALID_OXID);
HRESULT hr;
LARGE_INTEGER posl;
ULARGE_INTEGER posu;
//
// on 32-bit Windows 8.1, combase!_CoUnmarshalInterface is a true
// fastcall function which gets its second argument in edx. this is
// unlike the Windows 8 version which gets the second argument on the
// stack, which requires a small trick with ULONG64 (see above)
//
IStream *pStream = (IStream *)StreamAddr;
//
// first invoke the COM unmarshaller. it returns OR_INVALID_OXID
// when the interface was marshalled in SbieSvc, because SbieSvc
// uses a different epmapper than the sandboxed epmapper
//
posl.QuadPart = 0;
hr = IStream_Seek(pStream, posl, STREAM_SEEK_CUR, &posu);
if (FAILED(hr))
return hr;
hr = __sys_CoUnmarshalInterface_W10(StreamAddr, riid, ppv);
if (hr != HR_OR_INVALID_OXID)
return hr;
posl.QuadPart = posu.QuadPart;
hr = IStream_Seek(pStream, posl, STREAM_SEEK_SET, &posu);
if (FAILED(hr))
return hr;
return Com_CoUnmarshalInterface_Common(pStream, riid, ppv, &posl);
}
#endif
//---------------------------------------------------------------------------
// Com_CoUnmarshalInterface
//---------------------------------------------------------------------------

2
Sandboxie/core/dll/config.c
View File

@ -23,7 +23,7 @@
#define NOGDI
#include "dll.h"
#include "common/pool.h"
#include "common\pattern.h"
#include "common/pattern.h"
#include "core/svc/SbieIniWire.h"
//---------------------------------------------------------------------------

4
Sandboxie/core/dll/custom.c
View File

@ -1463,9 +1463,7 @@ _FX BOOLEAN Custom_OsppcDll(HMODULE module)
InitializeObjectAttributes(
&objattrs, &uni, OBJ_CASE_INSENSITIVE, NULL, NULL);
RtlInitUnicodeString(&uni,
L"\\registry\\user\\current\\software"
L"\\Microsoft\\Office\\14.0");
RtlInitUnicodeString(&uni, L"\\registry\\user\\current\\software\\Microsoft\\Office\\14.0");
status = Key_OpenIfBoxed(&hOfficeKey, KEY_ALL_ACCESS | Wow64, &objattrs);
if (! NT_SUCCESS(status))

4
Sandboxie/core/dll/dllmain.c
View File

@ -309,7 +309,9 @@ _FX void Dll_InitInjected(void)
while (!IsDebuggerPresent()) {
OutputDebugString(L"Waiting for Debugger\n");
Sleep(500);
} __debugbreak();
}
if(!SbieApi_QueryConfBool(NULL, L"WaitForDebuggerSilent", TRUE))
__debugbreak();
}

18
Sandboxie/core/dll/key.c
View File

@ -419,12 +419,12 @@ _FX BOOLEAN Key_Init(void)
SBIEDLL_HOOK(Key_,NtNotifyChangeMultipleKeys);
void* NtRenameKey = GetProcAddress(Dll_Ntdll, "NtRenameKey");
if (NtRenameKey) {
if (NtRenameKey) { // Windows XP
SBIEDLL_HOOK(Key_,NtRenameKey);
}
void* NtOpenKeyEx = GetProcAddress(Dll_Ntdll, "NtOpenKeyEx");
if (NtOpenKeyEx) {
if (NtOpenKeyEx) { // windows server 2008 R2
SBIEDLL_HOOK(Key_, NtOpenKeyEx);
}
@ -432,22 +432,20 @@ _FX BOOLEAN Key_Init(void)
SBIEDLL_HOOK(Key_, NtSaveKey);
void* NtSaveKeyEx = GetProcAddress(Dll_Ntdll, "NtSaveKeyEx");
if (NtSaveKeyEx) {
if (NtSaveKeyEx) { // Windows XP
SBIEDLL_HOOK(Key_,NtSaveKeyEx);
}
SBIEDLL_HOOK(Key_, NtLoadKey);
SBIEDLL_HOOK(Key_, NtLoadKey2);
void* NtLoadKey2 = GetProcAddress(Dll_Ntdll, "NtLoadKey2");
if (NtLoadKey2) {
SBIEDLL_HOOK(Key_,NtLoadKey2);
}
void* NtLoadKey3 = GetProcAddress(Dll_Ntdll, "NtLoadKey3");
if (NtLoadKey3) {
if (NtLoadKey3) { // Windows 10 2004
SBIEDLL_HOOK(Key_,NtLoadKey3);
}
void* NtLoadKeyEx = GetProcAddress(Dll_Ntdll, "NtLoadKeyEx");
if (NtLoadKeyEx) {
if (NtLoadKeyEx) { // Windows Server 2003
SBIEDLL_HOOK(Key_,NtLoadKeyEx);
}
@ -2869,6 +2867,7 @@ _FX NTSTATUS Key_NtQueryKeyImpl(
KeyInformationClass != KeyCachedInformation)
{
status = STATUS_INVALID_PARAMETER;
SbieApi_Log(2205, L"NtQueryKeyImpl KeyInfo: %d", KeyInformationClass);
__leave;
}
@ -3046,6 +3045,7 @@ _FX NTSTATUS Key_NtEnumerateKey(
KeyInformationClass != KeyNodeInformation &&
KeyInformationClass != KeyFullInformation)
{
SbieApi_Log(2205, L"NtEnumerateKey KeyInfo: %d", KeyInformationClass);
status = STATUS_INVALID_PARAMETER;
__leave;
}

22
Sandboxie/core/drv/process_api.c
View File

@ -434,34 +434,33 @@ _FX NTSTATUS Process_Api_QueryInfo(PROCESS *proc, ULONG64 *parms)
if(is_caller_sandboxed || (args->info_type.val == 'itok' && !Session_CheckAdminAccess(TRUE)))
status = STATUS_ACCESS_DENIED;
else if(!proc->threads_lock)
status = STATUS_NOT_FOUND;
else
{
HANDLE tid = (HANDLE)(args->ext_data.val);
THREAD *thrd = Thread_GetByThreadId(proc, tid);
KIRQL irql2;
KeRaiseIrql(APC_LEVEL, &irql2);
ExAcquireResourceExclusiveLite(proc->threads_lock, TRUE);
THREAD *thrd = Thread_GetOrCreate(proc, tid, FALSE);
if (thrd)
{
if (args->info_type.val == 'ttok')
{
*data = thrd->token_object ? TRUE : FALSE;
}
else
else //if (args->info_type.val == 'itok')
{
KIRQL irql2;
void* ImpersonationTokenObject;
KeRaiseIrql(APC_LEVEL, &irql2);
ExAcquireResourceExclusiveLite(proc->threads_lock, TRUE);
ImpersonationTokenObject = thrd->token_object;
if (ImpersonationTokenObject) {
ObReferenceObject(ImpersonationTokenObject);
}
ExReleaseResourceLite(proc->threads_lock);
KeLowerIrql(irql2);
if (ImpersonationTokenObject)
{
HANDLE MyTokenHandle;
@ -474,9 +473,14 @@ _FX NTSTATUS Process_Api_QueryInfo(PROCESS *proc, ULONG64 *parms)
else
status = STATUS_NO_IMPERSONATION_TOKEN;
}
//else
// status = STATUS_INVALID_PARAMETER;
}
else
status = STATUS_NOT_FOUND;
ExReleaseResourceLite(proc->threads_lock);
KeLowerIrql(irql2);
}
} else if (args->info_type.val == 'ippt') { // is primary process token

2
Sandboxie/core/drv/thread.c
View File

@ -41,7 +41,7 @@ static void Thread_Notify(HANDLE ProcessId, HANDLE ThreadId, BOOLEAN Create);
static PROCESS *Thread_FindAndInitProcess(
PROCESS *proc1, void *ProcessObject2, KIRQL *out_irql);
static THREAD *Thread_GetOrCreate(PROCESS *proc, HANDLE tid, BOOLEAN create);
THREAD *Thread_GetOrCreate(PROCESS *proc, HANDLE tid, BOOLEAN create);
static NTSTATUS Thread_MyImpersonateClient(
PETHREAD ThreadObject, void *TokenObject,

1
Sandboxie/core/drv/thread.h
View File

@ -93,6 +93,7 @@ NTSTATUS Thread_CheckTokenObject(
PROCESS *proc, void *Object, ACCESS_MASK GrantedAccess);
THREAD *Thread_GetByThreadId(PROCESS *proc, HANDLE tid);
THREAD *Thread_GetOrCreate(PROCESS *proc, HANDLE tid, BOOLEAN create);
NTSTATUS Thread_CheckObject_Common(
PROCESS *proc, PEPROCESS ProcessObject,

14
Sandboxie/core/drv/verify.c
View File

@ -17,6 +17,7 @@
*/
#include "driver.h"
#include "util.h"
#include <bcrypt.h>
@ -482,7 +483,7 @@ _FX LONGLONG KphGetDateInterval(CSHORT days, CSHORT months, CSHORT years)
#define SOFTWARE_NAME L"Sandboxie-Plus"
union SCertInfo {
union _SCertInfo {
ULONGLONG State;
struct {
ULONG
@ -490,7 +491,8 @@ union SCertInfo {
expired : 1, // certificate is expired but may be active
outdated : 1, // certificate is expired, not anymore valid for the current build
business : 1, // certificate is siutable for business use
reservd_1 : 4,
evaluation: 1, // evaluation certificate
reservd_1 : 3,
reservd_2 : 8,
reservd_3 : 8,
reservd_4 : 8;
@ -524,6 +526,8 @@ _FX NTSTATUS KphValidateCertificate(void)
//WCHAR* key = NULL;
LARGE_INTEGER cert_date = { 0 };
Verify_CertInfo.State = 0; // clear
if(!NT_SUCCESS(status = MyInitHash(&hashObj)))
goto CleanupExit;
@ -682,7 +686,6 @@ _FX NTSTATUS KphValidateCertificate(void)
status = KphVerifySignature(hash, hashSize, signature, signatureSize);
Verify_CertInfo.State = 0; // clear
if (NT_SUCCESS(status)) {
Verify_CertInfo.valid = 1;
@ -722,8 +725,8 @@ _FX NTSTATUS KphValidateCertificate(void)
#define TEST_CERT_DATE(days, months, years) \
if ((cert_date.QuadPart + KphGetDateInterval(days, months, years)) < LocalTime.QuadPart){ \
Verify_CertInfo.expired = 1; \
} else \
Verify_CertInfo.expirers_in_sec = (ULONG)(((cert_date.QuadPart + KphGetDateInterval(0, 0, 1)) - LocalTime.QuadPart) / 10000000ll); // 100ns steps -> 1sec
} \
Verify_CertInfo.expirers_in_sec = (ULONG)(((cert_date.QuadPart + KphGetDateInterval(days, months, years)) - LocalTime.QuadPart) / 10000000ll); // 100ns steps -> 1sec
// Check if the certificate is valid for the current build, failing this locks features out
#define TEST_VALIDITY(days, months, years) \
@ -756,6 +759,7 @@ _FX NTSTATUS KphValidateCertificate(void)
}
}
else if (type && _wcsicmp(type, L"EVALUATION") == 0) {
Verify_CertInfo.evaluation = 1;
// evaluation
if (level) { // in days
TEST_EXPIRATION((CSHORT)_wtoi(level), 0, 0);

2
Sandboxie/core/svc/sbieiniserver.cpp
View File

@ -938,7 +938,7 @@ finish:
// set a ini header with a descriptive comment
m_pConfigIni->Sections.push_back(SIniSection{ L"" });
m_pConfigIni->Sections.back().Entries.push_back(SIniEntry{ L"", L"#" });
m_pConfigIni->Sections.back().Entries.push_back(SIniEntry{ L"", L"# Sandboxie-Plus configuration file" });
m_pConfigIni->Sections.back().Entries.push_back(SIniEntry{ L"", L"# Sandboxie configuration file" });
m_pConfigIni->Sections.back().Entries.push_back(SIniEntry{ L"", L"#" });
m_pConfigIni->Sections.push_back(SIniSection{ L"GlobalSettings" });