This commit is contained in:
parent
64d0363322
commit
b3c28d120c
|
@ -16,6 +16,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
- added option to hide installed programs [#4139](https://github.com/sandboxie-plus/Sandboxie/issues/4139)
|
- added option to hide installed programs [#4139](https://github.com/sandboxie-plus/Sandboxie/issues/4139)
|
||||||
- added Hide Tray Icon [#4075](https://github.com/sandboxie-plus/Sandboxie/issues/4075)
|
- added Hide Tray Icon [#4075](https://github.com/sandboxie-plus/Sandboxie/issues/4075)
|
||||||
- added improved trace logging filtering [#4338](https://github.com/sandboxie-plus/Sandboxie/issues/4338)
|
- added improved trace logging filtering [#4338](https://github.com/sandboxie-plus/Sandboxie/issues/4338)
|
||||||
|
- added EventLog monitoring for SbieMessages [#4113](https://github.com/sandboxie-plus/Sandboxie/issues/4113)
|
||||||
|
- add 'LogMessageEvents=y' to the global settings to log all sbie events to the system event log
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- fixed Sign the .tmp file that gets dropped when installing or updating Sandboxie Plus [#2643](https://github.com/sandboxie-plus/Sandboxie/issues/2643) [#4343](https://github.com/sandboxie-plus/Sandboxie/issues/4343)
|
- fixed Sign the .tmp file that gets dropped when installing or updating Sandboxie Plus [#2643](https://github.com/sandboxie-plus/Sandboxie/issues/2643) [#4343](https://github.com/sandboxie-plus/Sandboxie/issues/4343)
|
||||||
|
|
|
@ -57,8 +57,6 @@ static BOOLEAN Api_FastIo_DEVICE_CONTROL(
|
||||||
ULONG IoControlCode, IO_STATUS_BLOCK *IoStatus,
|
ULONG IoControlCode, IO_STATUS_BLOCK *IoStatus,
|
||||||
DEVICE_OBJECT *DeviceObject);
|
DEVICE_OBJECT *DeviceObject);
|
||||||
|
|
||||||
//static void Api_DelWork(API_WORK_ITEM *work_item);
|
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
@ -69,8 +67,6 @@ static NTSTATUS Api_LogMessage(PROCESS *proc, ULONG64 *parms);
|
||||||
|
|
||||||
static NTSTATUS Api_GetMessage(PROCESS *proc, ULONG64 *parms);
|
static NTSTATUS Api_GetMessage(PROCESS *proc, ULONG64 *parms);
|
||||||
|
|
||||||
//static NTSTATUS Api_GetWork(PROCESS *proc, ULONG64 *parms);
|
|
||||||
|
|
||||||
static NTSTATUS Api_GetHomePath(PROCESS *proc, ULONG64 *parms);
|
static NTSTATUS Api_GetHomePath(PROCESS *proc, ULONG64 *parms);
|
||||||
|
|
||||||
static NTSTATUS Api_SetServicePort(PROCESS *proc, ULONG64 *parms);
|
static NTSTATUS Api_SetServicePort(PROCESS *proc, ULONG64 *parms);
|
||||||
|
@ -110,8 +106,7 @@ volatile HANDLE Api_ServiceProcessId = NULL;
|
||||||
|
|
||||||
static PERESOURCE Api_LockResource = NULL;
|
static PERESOURCE Api_LockResource = NULL;
|
||||||
|
|
||||||
//static LIST Api_WorkList;
|
static BOOLEAN Api_Initialized = FALSE;
|
||||||
static BOOLEAN Api_WorkListInitialized = FALSE;
|
|
||||||
|
|
||||||
static LOG_BUFFER* Api_LogBuffer = NULL;
|
static LOG_BUFFER* Api_LogBuffer = NULL;
|
||||||
|
|
||||||
|
@ -137,15 +132,13 @@ _FX BOOLEAN Api_Init(void)
|
||||||
Api_LogBuffer = log_buffer_init(8 * 8 * 1024);
|
Api_LogBuffer = log_buffer_init(8 * 8 * 1024);
|
||||||
|
|
||||||
//
|
//
|
||||||
// initialize work list
|
// initialize lock
|
||||||
//
|
//
|
||||||
|
|
||||||
//List_Init(&Api_WorkList);
|
|
||||||
|
|
||||||
if (! Mem_GetLockResource(&Api_LockResource, TRUE))
|
if (! Mem_GetLockResource(&Api_LockResource, TRUE))
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
Api_WorkListInitialized = TRUE;
|
Api_Initialized = TRUE;
|
||||||
|
|
||||||
//
|
//
|
||||||
// initialize Fast IO dispatch pointers
|
// initialize Fast IO dispatch pointers
|
||||||
|
@ -193,7 +186,6 @@ _FX BOOLEAN Api_Init(void)
|
||||||
//
|
//
|
||||||
|
|
||||||
Api_SetFunction(API_GET_VERSION, Api_GetVersion);
|
Api_SetFunction(API_GET_VERSION, Api_GetVersion);
|
||||||
//Api_SetFunction(API_GET_WORK, Api_GetWork);
|
|
||||||
Api_SetFunction(API_LOG_MESSAGE, Api_LogMessage);
|
Api_SetFunction(API_LOG_MESSAGE, Api_LogMessage);
|
||||||
Api_SetFunction(API_GET_MESSAGE, Api_GetMessage);
|
Api_SetFunction(API_GET_MESSAGE, Api_GetMessage);
|
||||||
Api_SetFunction(API_GET_HOME_PATH, Api_GetHomePath);
|
Api_SetFunction(API_GET_HOME_PATH, Api_GetHomePath);
|
||||||
|
@ -240,24 +232,16 @@ _FX void Api_Unload(void)
|
||||||
Api_FastIoDispatch = NULL;
|
Api_FastIoDispatch = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (Api_WorkListInitialized) {
|
if (Api_Initialized) {
|
||||||
|
|
||||||
if (Api_LogBuffer) {
|
if (Api_LogBuffer) {
|
||||||
log_buffer_free(Api_LogBuffer);
|
log_buffer_free(Api_LogBuffer);
|
||||||
Api_LogBuffer = NULL;
|
Api_LogBuffer = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*API_WORK_ITEM *work_item;
|
|
||||||
while (1) {
|
|
||||||
work_item = List_Head(&Api_WorkList);
|
|
||||||
if (! work_item)
|
|
||||||
break;
|
|
||||||
Api_DelWork(work_item);
|
|
||||||
}*/
|
|
||||||
|
|
||||||
Mem_FreeLockResource(&Api_LockResource);
|
Mem_FreeLockResource(&Api_LockResource);
|
||||||
|
|
||||||
Api_WorkListInitialized = FALSE;
|
Api_Initialized = FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (Api_ServicePortObject) {
|
if (Api_ServicePortObject) {
|
||||||
|
@ -682,11 +666,11 @@ _FX void Api_AddMessage(
|
||||||
{
|
{
|
||||||
KIRQL irql;
|
KIRQL irql;
|
||||||
|
|
||||||
if (!Api_WorkListInitialized) // if (!Api_LogBuffer)
|
if (!Api_Initialized)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
//
|
//
|
||||||
// add work at the end of the work list
|
// add message
|
||||||
//
|
//
|
||||||
|
|
||||||
irql = Api_EnterCriticalSection();
|
irql = Api_EnterCriticalSection();
|
||||||
|
@ -922,140 +906,6 @@ _FX BOOLEAN Api_SendServiceMessage(ULONG msgid, ULONG data_len, void *data)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
// Api_AddWork
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
|
|
||||||
|
|
||||||
/*_FX BOOLEAN Api_AddWork(API_WORK_ITEM *work_item)
|
|
||||||
{
|
|
||||||
KIRQL irql;
|
|
||||||
|
|
||||||
if (! Api_WorkListInitialized)
|
|
||||||
return FALSE;
|
|
||||||
|
|
||||||
//
|
|
||||||
// add work at the end of the work list
|
|
||||||
//
|
|
||||||
|
|
||||||
irql = Api_EnterCriticalSection();
|
|
||||||
|
|
||||||
List_Insert_After(&Api_WorkList, NULL, work_item);
|
|
||||||
|
|
||||||
Api_LeaveCriticalSection(irql);
|
|
||||||
|
|
||||||
//
|
|
||||||
// set the work event so SbieSvc wakes up
|
|
||||||
//
|
|
||||||
|
|
||||||
if (work_item->session_id != -1)
|
|
||||||
return TRUE;
|
|
||||||
|
|
||||||
return TRUE;
|
|
||||||
}*/
|
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
// Api_DelWork
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
|
|
||||||
|
|
||||||
/*_FX void Api_DelWork(API_WORK_ITEM *work_item)
|
|
||||||
{
|
|
||||||
// this assumes Api_WorkList is already locked using Api_Lock
|
|
||||||
|
|
||||||
List_Remove(&Api_WorkList, work_item);
|
|
||||||
Mem_Free(work_item, work_item->length);
|
|
||||||
}*/
|
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
// Api_GetWork
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
|
|
||||||
|
|
||||||
/*_FX NTSTATUS Api_GetWork(PROCESS *proc, ULONG64 *parms)
|
|
||||||
{
|
|
||||||
API_GET_WORK_ARGS *args = (API_GET_WORK_ARGS *)parms;
|
|
||||||
NTSTATUS status;
|
|
||||||
void *buffer_ptr;
|
|
||||||
ULONG buffer_len;
|
|
||||||
ULONG *result_len;
|
|
||||||
ULONG length;
|
|
||||||
API_WORK_ITEM *work_item;
|
|
||||||
KIRQL irql;
|
|
||||||
|
|
||||||
//
|
|
||||||
// caller must not be sandboxed, and caller has to be SbieSvc
|
|
||||||
// if session parameter is -1
|
|
||||||
//
|
|
||||||
|
|
||||||
if (proc)
|
|
||||||
return STATUS_NOT_IMPLEMENTED;
|
|
||||||
|
|
||||||
if (args->session_id.val == -1 &&
|
|
||||||
PsGetCurrentProcessId() != Api_ServiceProcessId)
|
|
||||||
return STATUS_ACCESS_DENIED;
|
|
||||||
|
|
||||||
//
|
|
||||||
// find next work/log item for the session
|
|
||||||
//
|
|
||||||
|
|
||||||
buffer_ptr = args->buffer.val;
|
|
||||||
buffer_len = args->buffer_len.val;
|
|
||||||
result_len = args->result_len_ptr.val;
|
|
||||||
|
|
||||||
irql = Api_EnterCriticalSection();
|
|
||||||
|
|
||||||
work_item = List_Head(&Api_WorkList);
|
|
||||||
while (work_item) {
|
|
||||||
if (work_item->session_id == args->session_id.val)
|
|
||||||
break;
|
|
||||||
work_item = List_Next(work_item);
|
|
||||||
}
|
|
||||||
|
|
||||||
__try {
|
|
||||||
|
|
||||||
if (! work_item) {
|
|
||||||
|
|
||||||
status = STATUS_NO_MORE_ENTRIES;
|
|
||||||
|
|
||||||
} else {
|
|
||||||
|
|
||||||
if (work_item->length <= buffer_len) {
|
|
||||||
|
|
||||||
length = work_item->length
|
|
||||||
- FIELD_OFFSET(API_WORK_ITEM, type);
|
|
||||||
ProbeForWrite(buffer_ptr, length, sizeof(UCHAR));
|
|
||||||
memcpy(buffer_ptr, &work_item->type, length);
|
|
||||||
|
|
||||||
status = STATUS_SUCCESS;
|
|
||||||
|
|
||||||
} else {
|
|
||||||
|
|
||||||
length = work_item->length;
|
|
||||||
status = STATUS_BUFFER_TOO_SMALL;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (result_len) {
|
|
||||||
ProbeForWrite(result_len, sizeof(ULONG), sizeof(ULONG));
|
|
||||||
*result_len = length;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (status == STATUS_SUCCESS)
|
|
||||||
Api_DelWork(work_item);
|
|
||||||
}
|
|
||||||
|
|
||||||
} __except (EXCEPTION_EXECUTE_HANDLER) {
|
|
||||||
status = GetExceptionCode();
|
|
||||||
}
|
|
||||||
|
|
||||||
Api_LeaveCriticalSection(irql);
|
|
||||||
|
|
||||||
return status;
|
|
||||||
}*/
|
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Api_GetHomePath
|
// Api_GetHomePath
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
|
@ -39,17 +39,6 @@
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
/*typedef struct _API_WORK_ITEM {
|
|
||||||
|
|
||||||
LIST_ELEM list_elem;
|
|
||||||
ULONG length; // length includes both header and data
|
|
||||||
ULONG session_id;
|
|
||||||
ULONG type;
|
|
||||||
|
|
||||||
ULONG data[1];
|
|
||||||
|
|
||||||
} API_WORK_ITEM;*/
|
|
||||||
|
|
||||||
typedef struct _Sbie_SeFilterTokenArg
|
typedef struct _Sbie_SeFilterTokenArg
|
||||||
{
|
{
|
||||||
PACCESS_TOKEN ExistingToken;
|
PACCESS_TOKEN ExistingToken;
|
||||||
|
@ -106,14 +95,6 @@ void Api_ResetServiceProcess(void);
|
||||||
|
|
||||||
BOOLEAN Api_SendServiceMessage(ULONG msgid, ULONG data_len, void *data);
|
BOOLEAN Api_SendServiceMessage(ULONG msgid, ULONG data_len, void *data);
|
||||||
|
|
||||||
//
|
|
||||||
// Publish WORK_ITEM to be consumed by SandboxieService. Caller must
|
|
||||||
// allocate work_item from Driver_Pool, and initialize type, length and data
|
|
||||||
//
|
|
||||||
|
|
||||||
//BOOLEAN Api_AddWork(API_WORK_ITEM *work_item);
|
|
||||||
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// Add message to log buffer
|
// Add message to log buffer
|
||||||
//
|
//
|
||||||
|
|
|
@ -26,6 +26,7 @@
|
||||||
#include "api.h"
|
#include "api.h"
|
||||||
#include "util.h"
|
#include "util.h"
|
||||||
#include "session.h"
|
#include "session.h"
|
||||||
|
#include "conf.h"
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Functions
|
// Functions
|
||||||
|
@ -37,12 +38,6 @@ static void Log_Event_Msg(
|
||||||
const WCHAR *string1,
|
const WCHAR *string1,
|
||||||
const WCHAR *string2);
|
const WCHAR *string2);
|
||||||
|
|
||||||
/*static void Log_Popup_Msg_2(
|
|
||||||
NTSTATUS error_code,
|
|
||||||
const WCHAR *string1, ULONG string1_len,
|
|
||||||
const WCHAR *string2, ULONG string2_len,
|
|
||||||
ULONG session_id);*/
|
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Log_Event_Msg
|
// Log_Event_Msg
|
||||||
|
@ -151,9 +146,6 @@ _FX void Log_Popup_MsgEx(
|
||||||
if ((Driver_OsVersion >= DRIVER_WINDOWS_VISTA) && (session_id == 0))
|
if ((Driver_OsVersion >= DRIVER_WINDOWS_VISTA) && (session_id == 0))
|
||||||
session_id = 1;
|
session_id = 1;
|
||||||
|
|
||||||
//Log_Popup_Msg_2(
|
|
||||||
// error_code, string1, string1_len, string2, string2_len, session_id, (ULONG)pid);
|
|
||||||
|
|
||||||
const WCHAR* strings[3] = { string1, string2, NULL };
|
const WCHAR* strings[3] = { string1, string2, NULL };
|
||||||
ULONG lengths[3] = { string1_len, string2_len, 0 };
|
ULONG lengths[3] = { string1_len, string2_len, 0 };
|
||||||
Api_AddMessage(error_code, strings, lengths, session_id, (ULONG)pid);
|
Api_AddMessage(error_code, strings, lengths, session_id, (ULONG)pid);
|
||||||
|
@ -162,71 +154,17 @@ _FX void Log_Popup_MsgEx(
|
||||||
// log message to SbieSvc and trigger SbieSvc to wake up and collect it
|
// log message to SbieSvc and trigger SbieSvc to wake up and collect it
|
||||||
//
|
//
|
||||||
|
|
||||||
//Log_Popup_Msg_2(
|
|
||||||
// error_code, string1, string1_len, string2, string2_len, -1, (ULONG)pid);
|
|
||||||
|
|
||||||
ULONG data = 0;
|
ULONG data = 0;
|
||||||
|
|
||||||
|
if (Conf_Get_Boolean(NULL, L"LogMessageEvents", 0, FALSE))
|
||||||
|
data |= 0x01;
|
||||||
|
|
||||||
Api_SendServiceMessage(SVC_LOG_MESSAGE, sizeof(ULONG), &data);
|
Api_SendServiceMessage(SVC_LOG_MESSAGE, sizeof(ULONG), &data);
|
||||||
|
|
||||||
// DbgPrint("POPUP %04d %S %S\n", error_code & 0xFFFF, string1, string2);
|
// DbgPrint("POPUP %04d %S %S\n", error_code & 0xFFFF, string1, string2);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
// Log_Popup_Msg_2
|
|
||||||
//---------------------------------------------------------------------------
|
|
||||||
|
|
||||||
|
|
||||||
/*_FX void Log_Popup_Msg_2(
|
|
||||||
NTSTATUS error_code,
|
|
||||||
const WCHAR *string1, ULONG string1_len,
|
|
||||||
const WCHAR *string2, ULONG string2_len,
|
|
||||||
ULONG session_id)
|
|
||||||
{
|
|
||||||
API_WORK_ITEM *work_item;
|
|
||||||
ULONG length;
|
|
||||||
WCHAR *ptr;
|
|
||||||
|
|
||||||
length = sizeof(API_WORK_ITEM)
|
|
||||||
+ sizeof(ULONG) // msgid
|
|
||||||
+ (string1_len + 1) * sizeof(WCHAR)
|
|
||||||
+ (string2_len + 1) * sizeof(WCHAR);
|
|
||||||
|
|
||||||
//
|
|
||||||
// prepare work item
|
|
||||||
//
|
|
||||||
|
|
||||||
work_item = Mem_Alloc(Driver_Pool, length);
|
|
||||||
if (work_item) {
|
|
||||||
|
|
||||||
work_item->length = length;
|
|
||||||
|
|
||||||
work_item->session_id = session_id;
|
|
||||||
|
|
||||||
work_item->type = API_LOG_MESSAGE;
|
|
||||||
|
|
||||||
work_item->data[0] = error_code;
|
|
||||||
|
|
||||||
ptr = (WCHAR *)&work_item->data[1];
|
|
||||||
|
|
||||||
if (string1_len) {
|
|
||||||
wmemcpy(ptr, string1, string1_len);
|
|
||||||
ptr += string1_len;
|
|
||||||
}
|
|
||||||
*ptr = L'\0';
|
|
||||||
++ptr;
|
|
||||||
|
|
||||||
if (string2_len) {
|
|
||||||
wmemcpy(ptr, string2, string2_len);
|
|
||||||
ptr += string2_len;
|
|
||||||
}
|
|
||||||
*ptr = L'\0';
|
|
||||||
|
|
||||||
Api_AddWork(work_item);
|
|
||||||
}
|
|
||||||
}*/
|
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// Log_Msg
|
// Log_Msg
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
|
@ -303,7 +303,7 @@ void DriverAssist::MsgWorkerThread(void *MyMsg)
|
||||||
}
|
}
|
||||||
else if (msgid == SVC_LOG_MESSAGE) {
|
else if (msgid == SVC_LOG_MESSAGE) {
|
||||||
|
|
||||||
LogMessage();
|
LogMessage(data_ptr);
|
||||||
|
|
||||||
}
|
}
|
||||||
else if (msgid == SVC_CONFIG_UPDATED) {
|
else if (msgid == SVC_CONFIG_UPDATED) {
|
||||||
|
|
|
@ -103,7 +103,7 @@ private:
|
||||||
// log messages to file
|
// log messages to file
|
||||||
//
|
//
|
||||||
|
|
||||||
void LogMessage();
|
void LogMessage(void *_msg);
|
||||||
|
|
||||||
void LogMessage_Single(ULONG code, wchar_t* data, ULONG pid);
|
void LogMessage_Single(ULONG code, wchar_t* data, ULONG pid);
|
||||||
void LogMessage_Multi(ULONG msgid, const WCHAR *path, const WCHAR *text);
|
void LogMessage_Multi(ULONG msgid, const WCHAR *path, const WCHAR *text);
|
||||||
|
|
|
@ -69,29 +69,33 @@ bool GetUserNameFromProcess(DWORD pid, WCHAR* user, DWORD userSize, WCHAR* domai
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
void DriverAssist::LogMessage()
|
void DriverAssist::LogMessage(void *_msg)
|
||||||
{
|
{
|
||||||
|
ULONG data = _msg ? *(ULONG*)_msg : 0;
|
||||||
|
|
||||||
|
bool LogMessageEvents = (data & 0x01) != 0;
|
||||||
|
|
||||||
EnterCriticalSection(&m_LogMessage_CritSec);
|
EnterCriticalSection(&m_LogMessage_CritSec);
|
||||||
|
|
||||||
ULONG m_workItemLen = 4096;
|
ULONG m_MessageLen = 4096;
|
||||||
void *m_workItemBuf = NULL;
|
void *m_MessageBuf = NULL;
|
||||||
|
|
||||||
while (1) {
|
while (1) {
|
||||||
|
|
||||||
m_workItemBuf = HeapAlloc(GetProcessHeap(), 0, m_workItemLen);
|
m_MessageBuf = HeapAlloc(GetProcessHeap(), 0, m_MessageLen);
|
||||||
if (! m_workItemBuf)
|
if (! m_MessageBuf)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
ULONG len = m_workItemLen;
|
ULONG len = m_MessageLen;
|
||||||
ULONG message_number = m_last_message_number;
|
ULONG message_number = m_last_message_number;
|
||||||
ULONG code = -1;
|
ULONG code = -1;
|
||||||
ULONG pid = 0;
|
ULONG pid = 0;
|
||||||
ULONG status = SbieApi_GetMessage(&message_number, -1, &code, &pid, (wchar_t*)m_workItemBuf, len);
|
ULONG status = SbieApi_GetMessage(&message_number, -1, &code, &pid, (wchar_t*)m_MessageBuf, len);
|
||||||
|
|
||||||
if (status == STATUS_BUFFER_TOO_SMALL) {
|
if (status == STATUS_BUFFER_TOO_SMALL) {
|
||||||
HeapFree(GetProcessHeap(), 0, m_workItemBuf);
|
HeapFree(GetProcessHeap(), 0, m_MessageBuf);
|
||||||
m_workItemBuf = NULL;
|
m_MessageBuf = NULL;
|
||||||
m_workItemLen += 4096;
|
m_MessageLen += 4096;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -111,14 +115,21 @@ void DriverAssist::LogMessage()
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
//
|
//
|
||||||
// Add to log
|
// Add to event log
|
||||||
//
|
//
|
||||||
|
|
||||||
LogMessage_Single(code, (wchar_t*)m_workItemBuf, pid);
|
if (LogMessageEvents)
|
||||||
|
LogMessage_Event(code, (wchar_t*)m_MessageBuf, pid);
|
||||||
|
|
||||||
|
//
|
||||||
|
// Add to log file
|
||||||
|
//
|
||||||
|
|
||||||
|
LogMessage_Single(code, (wchar_t*)m_MessageBuf, pid);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (m_workItemBuf)
|
if (m_MessageBuf)
|
||||||
HeapFree(GetProcessHeap(), 0, m_workItemBuf);
|
HeapFree(GetProcessHeap(), 0, m_MessageBuf);
|
||||||
|
|
||||||
LeaveCriticalSection(&m_LogMessage_CritSec);
|
LeaveCriticalSection(&m_LogMessage_CritSec);
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,6 +45,8 @@ NTSTATUS LsaLookupAuthenticationPackage(
|
||||||
|
|
||||||
ULONG DriverAssist::StartDriverAsync(void *arg)
|
ULONG DriverAssist::StartDriverAsync(void *arg)
|
||||||
{
|
{
|
||||||
|
DriverAssist* This = (DriverAssist*)arg;
|
||||||
|
|
||||||
//
|
//
|
||||||
// get windows version
|
// get windows version
|
||||||
//
|
//
|
||||||
|
@ -309,7 +311,7 @@ driver_started:
|
||||||
// messages that were logged while the driver was starting
|
// messages that were logged while the driver was starting
|
||||||
//
|
//
|
||||||
|
|
||||||
m_instance->LogMessage();
|
m_instance->LogMessage(NULL);
|
||||||
|
|
||||||
m_instance->m_DriverReady = true;
|
m_instance->m_DriverReady = true;
|
||||||
|
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
#include "stdafx.h"
|
#include "stdafx.h"
|
||||||
|
|
||||||
#include <Sddl.h>
|
#include <Sddl.h>
|
||||||
|
#include <lmcons.h>
|
||||||
#include "MountManager.h"
|
#include "MountManager.h"
|
||||||
#include "DriverAssist.h"
|
#include "DriverAssist.h"
|
||||||
#include "PipeServer.h"
|
#include "PipeServer.h"
|
||||||
|
@ -336,6 +337,61 @@ void LogEvent(ULONG msgid, ULONG level, ULONG detail)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// LogMessage_Event
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
void LogMessage_Event(ULONG code, wchar_t* data, ULONG pid)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// get log message
|
||||||
|
//
|
||||||
|
|
||||||
|
WCHAR *str1 = data;
|
||||||
|
ULONG str1_len = wcslen(str1);
|
||||||
|
WCHAR *str2 = str1 + str1_len + 1;
|
||||||
|
ULONG str2_len = wcslen(str2);
|
||||||
|
|
||||||
|
WCHAR *text = SbieDll_FormatMessage2(code, str1, str2);
|
||||||
|
if (! text)
|
||||||
|
return;
|
||||||
|
|
||||||
|
//
|
||||||
|
// add user name
|
||||||
|
//
|
||||||
|
/*
|
||||||
|
WCHAR user[UNLEN + 1];
|
||||||
|
WCHAR domain[DNLEN + 1];
|
||||||
|
bool GetUserNameFromProcess(DWORD pid, WCHAR * user, DWORD userSize, WCHAR * domain, DWORD domainSize);
|
||||||
|
if (GetUserNameFromProcess(pid, user, UNLEN + 1, domain, DNLEN + 1)) {
|
||||||
|
|
||||||
|
WCHAR *text2 = (WCHAR *)LocalAlloc(
|
||||||
|
LMEM_FIXED, (wcslen(text) + UNLEN + DNLEN + 10) * sizeof(WCHAR));
|
||||||
|
if (text2) {
|
||||||
|
|
||||||
|
wsprintf(text2, L"%s (%s\\%s)", text, domain, user);
|
||||||
|
|
||||||
|
LocalFree(text);
|
||||||
|
text = text2;
|
||||||
|
}
|
||||||
|
}*/
|
||||||
|
|
||||||
|
//
|
||||||
|
// add event
|
||||||
|
//
|
||||||
|
|
||||||
|
const WCHAR* ptr_extra[2] = { text, NULL };
|
||||||
|
USHORT num_extra = 1;
|
||||||
|
|
||||||
|
if (EventLog) {
|
||||||
|
ReportEvent(EventLog, EVENTLOG_INFORMATION_TYPE, 0, code, NULL, num_extra, 0, ptr_extra, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
LocalFree(text);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
// AbortServer
|
// AbortServer
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
|
@ -21,6 +21,7 @@
|
||||||
#include "msgs/msgs.h"
|
#include "msgs/msgs.h"
|
||||||
|
|
||||||
void LogEvent(ULONG msgid, ULONG level, ULONG detail);
|
void LogEvent(ULONG msgid, ULONG level, ULONG detail);
|
||||||
|
void LogMessage_Event(ULONG code, wchar_t* data, ULONG pid);
|
||||||
void AbortServer(void);
|
void AbortServer(void);
|
||||||
bool RestrictToken(void);
|
bool RestrictToken(void);
|
||||||
bool CheckDropRights(const WCHAR *BoxName, const WCHAR *ExeName);
|
bool CheckDropRights(const WCHAR *BoxName, const WCHAR *ExeName);
|
||||||
|
|
Loading…
Reference in New Issue