From b733669f738fe71105ba3797fd0a22375c357c7d Mon Sep 17 00:00:00 2001 From: DavidXanatos <3890945+DavidXanatos@users.noreply.github.com> Date: Tue, 17 Dec 2024 10:12:12 +0100 Subject: [PATCH] 1.15.4 --- Sandboxie/core/drv/file_flt.c | 3 +-- Sandboxie/core/drv/process.c | 38 ++++++++++++++++---------------- Sandboxie/core/drv/process.h | 4 +++- Sandboxie/core/drv/process_api.c | 10 ++++----- Sandboxie/core/drv/thread.c | 7 +++++- Sandboxie/core/drv/token.c | 2 +- Sandboxie/core/drv/util_asm.asm | 2 ++ 7 files changed, 37 insertions(+), 29 deletions(-) diff --git a/Sandboxie/core/drv/file_flt.c b/Sandboxie/core/drv/file_flt.c index c5c96285..49e04505 100644 --- a/Sandboxie/core/drv/file_flt.c +++ b/Sandboxie/core/drv/file_flt.c @@ -406,8 +406,7 @@ _FX FLT_PREOP_CALLBACK_STATUS File_PreOperation( if (ulOwnerPid) { proc = Process_Find((HANDLE)ulOwnerPid, NULL); // is this a sandboxed process? - if (proc && proc != PROCESS_TERMINATED && - !proc->ipc_allowSpoolerPrintToFile) // if process specifically allowed to use spooler print to file, we can skip everything below + if (proc && !proc->terminated && !proc->ipc_allowSpoolerPrintToFile) // if process specifically allowed to use spooler print to file, we can skip everything below { FLT_FILE_NAME_INFORMATION *pTargetFileNameInfo = NULL; BOOLEAN result = FALSE; diff --git a/Sandboxie/core/drv/process.c b/Sandboxie/core/drv/process.c index ca07dd8d..f5586661 100644 --- a/Sandboxie/core/drv/process.c +++ b/Sandboxie/core/drv/process.c @@ -539,7 +539,7 @@ _FX PROCESS *Process_Find(HANDLE ProcessId, KIRQL *out_irql) // Process_FindSandboxed //--------------------------------------------------------------------------- - +#ifdef XP_SUPPORT _FX PROCESS *Process_FindSandboxed(HANDLE ProcessId, KIRQL *out_irql) { PROCESS* proc = Process_Find(ProcessId, out_irql); @@ -552,30 +552,30 @@ _FX PROCESS *Process_FindSandboxed(HANDLE ProcessId, KIRQL *out_irql) } return proc; } - +#endif //--------------------------------------------------------------------------- // Process_Find_ByHandle //--------------------------------------------------------------------------- -_FX PROCESS *Process_Find_ByHandle(HANDLE Handle, KIRQL *out_irql) -{ - NTSTATUS Status; - PEPROCESS ProcessObject = NULL; - PROCESS* Process = NULL; - - Status = ObReferenceObjectByHandle(Handle, PROCESS_QUERY_INFORMATION, *PsProcessType, UserMode, (PVOID*)&ProcessObject, NULL); - if (NT_SUCCESS(Status)) { - - Process = Process_Find(PsGetProcessId(ProcessObject), out_irql); - - // Dereference the process object - ObDereferenceObject(ProcessObject); - } - - return Process; -} +//_FX PROCESS *Process_Find_ByHandle(HANDLE Handle, KIRQL *out_irql) +//{ +// NTSTATUS Status; +// PEPROCESS ProcessObject = NULL; +// PROCESS* Process = NULL; +// +// Status = ObReferenceObjectByHandle(Handle, PROCESS_QUERY_INFORMATION, *PsProcessType, UserMode, (PVOID*)&ProcessObject, NULL); +// if (NT_SUCCESS(Status)) { +// +// Process = Process_Find(PsGetProcessId(ProcessObject), out_irql); +// +// // Dereference the process object +// ObDereferenceObject(ProcessObject); +// } +// +// return Process; +//} //--------------------------------------------------------------------------- diff --git a/Sandboxie/core/drv/process.h b/Sandboxie/core/drv/process.h index 95058675..b041b13d 100644 --- a/Sandboxie/core/drv/process.h +++ b/Sandboxie/core/drv/process.h @@ -237,9 +237,11 @@ void Process_Unload(BOOLEAN FreeLock); PROCESS *Process_Find(HANDLE ProcessId, KIRQL *out_irql); +#ifdef XP_SUPPORT PROCESS *Process_FindSandboxed(HANDLE ProcessId, KIRQL *out_irql); +#endif -PROCESS *Process_Find_ByHandle(HANDLE Handle, KIRQL *out_irql); +//PROCESS *Process_Find_ByHandle(HANDLE Handle, KIRQL *out_irql); // Start supervising a new process diff --git a/Sandboxie/core/drv/process_api.c b/Sandboxie/core/drv/process_api.c index 02bd43e4..f8284948 100644 --- a/Sandboxie/core/drv/process_api.c +++ b/Sandboxie/core/drv/process_api.c @@ -92,7 +92,7 @@ _FX NTSTATUS Process_Api_Start(PROCESS *proc, ULONG64 *parms) KIRQL irql; proc2 = Process_Find((HANDLE)(-user_box_parm), &irql); - if (proc2) + if (proc2 && !proc2->terminated) box = Box_Clone(Driver_Pool, proc2->box); ExReleaseResourceLite(Process_ListLock); @@ -245,7 +245,7 @@ _FX NTSTATUS Process_Api_Query(PROCESS *proc, ULONG64 *parms) if (ProcessId) { proc = Process_Find(ProcessId, &irql); - if (! proc) { + if (!proc || proc->terminated) { ExReleaseResourceLite(Process_ListLock); KeLowerIrql(irql); return STATUS_INVALID_CID; @@ -343,7 +343,7 @@ _FX NTSTATUS Process_Api_QueryInfo(PROCESS *proc, ULONG64 *parms) if (ProcessId) { proc = Process_Find(ProcessId, &irql); - if (! proc) { + if (!proc || proc->terminated) { ExReleaseResourceLite(Process_ListLock); KeLowerIrql(irql); return STATUS_INVALID_CID; @@ -663,7 +663,7 @@ _FX NTSTATUS Process_Api_QueryProcessPath(PROCESS *proc, ULONG64 *parms) if (ProcessId) { proc = Process_Find(ProcessId, &irql); - if ((! proc) || proc->terminated) { + if (!proc || proc->terminated) { ExReleaseResourceLite(Process_ListLock); KeLowerIrql(irql); return STATUS_INVALID_CID; @@ -779,7 +779,7 @@ _FX NTSTATUS Process_Api_QueryPathList(PROCESS *proc, ULONG64 *parms) proc = Process_Find(args->process_id.val, &irql); - if (! proc) { + if (!proc || proc->terminated) { ExReleaseResourceLite(Process_ListLock); KeLowerIrql(irql); diff --git a/Sandboxie/core/drv/thread.c b/Sandboxie/core/drv/thread.c index 1858a877..7a086ca5 100644 --- a/Sandboxie/core/drv/thread.c +++ b/Sandboxie/core/drv/thread.c @@ -1119,7 +1119,12 @@ _FX ACCESS_MASK Thread_CheckObject_CommonEx( KIRQL irql; PROCESS* proc2 = Process_Find(pid, &irql); - if (proc2 && !proc2->bHostInject) { + // + // Process_CreateTerminated creates a process object without a box, + // in that case we need to ignore it. + // + + if (proc2 && !proc2->box && !proc2->bHostInject) { ACCESS_MASK WriteAccess; if (EntireProcess) diff --git a/Sandboxie/core/drv/token.c b/Sandboxie/core/drv/token.c index 38b03837..1fe464c5 100644 --- a/Sandboxie/core/drv/token.c +++ b/Sandboxie/core/drv/token.c @@ -2007,7 +2007,7 @@ _FX NTSTATUS Token_Api_Filter(PROCESS* proc, ULONG64* parms) ProbeForWrite(pHandle, sizeof(HANDLE), sizeof(HANDLE)); proc = Process_Find(ProcessId, &irql); - if (! proc) { + if (!proc || proc->terminated) { ExReleaseResourceLite(Process_ListLock); KeLowerIrql(irql); return STATUS_INVALID_CID; diff --git a/Sandboxie/core/drv/util_asm.asm b/Sandboxie/core/drv/util_asm.asm index 17f976fe..fa3e0726 100644 --- a/Sandboxie/core/drv/util_asm.asm +++ b/Sandboxie/core/drv/util_asm.asm @@ -97,6 +97,7 @@ endif ;---------------------------------------------------------------------------- ifdef _WIN64 +ifdef XP_SUPPORT EXTERN Process_FindSandboxed : proc @@ -129,6 +130,7 @@ Process_FindSandboxed64 PROC FRAME Process_FindSandboxed64 ENDP +endif endif ;----------------------------------------------------------------------------