mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

Merge branch 'master' into NewBoxWizard

This commit is contained in:
爱编程的叶一笑 2024-05-18 15:02:36 +08:00 committed by GitHub
parent 7fa2de6305 4a8752fce2
commit bc2bf9b53e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
149 changed files with 33265 additions and 19844 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/codespell.yml vendored
View File

@ -125,5 +125,5 @@ jobs:
echo 'tailing->trailing' >> dictionary_code.txt
# Only lowercase letters are allowed in --ignore-words-list
codespell --dictionary=dictionary.txt --dictionary=dictionary_rare.txt --dictionary=dictionary_code.txt \
--ignore-words-list="wil,unknwn,tolen,pevent,doubleclick,parm,parms,etcp,ois,ba,ptd,modell,namesd,stdio,uint,errorstring,ontext,atend,deque,ecounter,nmake,namess,inh,daa,varient,lite,uis,emai,ws,slanguage,woh,tne,typpos,enew,shft,seh,ser,servent,socio-economic,rime" \
--ignore-words-list="wil,unknwn,tolen,pevent,doubleclick,parm,parms,etcp,ois,ba,ptd,modell,namesd,stdio,uint,errorstring,ontext,atend,deque,ecounter,nmake,namess,inh,daa,varient,lite,uis,emai,ws,slanguage,woh,tne,typpos,enew,shft,seh,ser,servent,socio-economic,rime,falt,infor" \
--skip="./.git,./.github/workflows/codespell.yml,./dictionary*.txt,./Sandboxie/msgs/Text-*-*.txt,./Sandboxie/msgs/report/Report-*.txt,./SandboxiePlus/SandMan/*.ts,./Installer/Languages.iss,./Installer/isl/*.isl,./Sandboxie/common/Detours/Makefile,./Sandboxie/common/Detours/disasm.cpp,./Sandboxie/install/build.bat,./SandboxieTools/ImBox/dc/crypto_fast/xts_fast.c,./Sandboxie/apps/control/TreePropSheet.h,./Sandboxie/apps/control/PropPageFrame.h,./Sandboxie/apps/control/PropPageFrameDefault.h,./SandboxiePlus/SandMan/Troubleshooting/lang_*.json"

139
CHANGELOG.md
View File

@ -6,25 +6,75 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.13.6 / 5.68.6] - 2024-04-
## [1.14.0 / 5.69.0] - 2024-05-17
### Added
- added "BlockInterferenceControl=y" option to prevent sandboxed processes from forcing windows on top and moving the mounse pointer (thanks Yeyixiao)
- Note: this option may cause issues in games hence do not enable it for gaming boxes.
- added support for hardlinks [#3826](https://github.com/sandboxie-plus/Sandboxie/issues/3826)
- Add option to limit the memory of sandboxed process and the number of process in single sandbox through job object. (thanks Yeyixiao)
- Use "TotalMemoryLimit"(Number,limit whole sandbox) and "ProcessMemoryLimit"(Number,limit single process) to set.
- Add ability to modified sandboxed process logic speed (reduced fixed latency, modified single-player speed, etc.) (thanks Yeyixiao)
- Use "UseChangeSpeed=y" to open this feature,use "AddTickSpeed"/"AddSleepSpeed"/"AddTimerSpeed"/"LowTickSpeed"/"LowSleepSpeed"/"LowTimerSpeed"(Number) to set.
- When set "AddSleepSpeed=0",all Sleep funcation call will be skip.
- Added /fcp /force_children commandline option to start.exe it allows to start a program unsandboxed but have all its children sandboxed
- added ability to fore sandboxed processes to use a pre defined socks 5 proxy
- added ability to intercept DNS queries such that thay can be log and/or redirected
- added support for SOCKS5 proxy authentication based on RFC1928 (thanks Deezzir)
- added Test Dialog UI for SOCKS5 proxy (thanks Deezzir)
- added ability to automatically removes template references that begin with “Template_Temp_” in the sandbox.
### Changed
- validated compatybility with windows build 26217 and updated dyn data
### Fixed
- fixed an issue with an early batch of Large Supporter certificates
## [1.13.7 / 5.68.7] - 2024-05-01
### Added
- added file version information for SbieDll.dll and SbieSvc.exe in the Sandboxie Plus About dialog
### Changed
- improved checkboxes about DropAdminRights in SandMan [#3851](https://github.com/sandboxie-plus/Sandboxie/pull/3851) (thanks offhub)
### Fixed
- fixed symbolic linking of files [#3852](https://github.com/sandboxie-plus/Sandboxie/issues/3852)
- fixed issue with start agent option [#3844](https://github.com/sandboxie-plus/Sandboxie/pull/3844) (thanks offhub)
- fixed issue with Delete V2 introduced in 1.13.5
## [1.13.6 / 5.68.6] - 2024-04-21
### Added
- added "BlockInterferenceControl=y" option to prevent sandboxed processes from forcing windows on top and moving the mouse pointer (thanks Yeyixiao)
- Note: this option may cause issues in games hence it's not recommended for gaming boxes
- added support for hard links [#3826](https://github.com/sandboxie-plus/Sandboxie/issues/3826)
- added mechanism to terminate stuck sandboxed processes from the driver
- added editable trigger list [#3742](https://github.com/sandboxie-plus/Sandboxie/issues/3742)
- added optional extension of the screenshot protection to the UI [#3739](https://github.com/sandboxie-plus/Sandboxie/issues/3739)
- added a button to edit local/custom templates [#3738](https://github.com/sandboxie-plus/Sandboxie/issues/3738)
- added adjustable resizing of the "Run Sandboxed" window [#3697](https://github.com/sandboxie-plus/Sandboxie/issues/3697)
- added Notepad++ template [#3836](https://github.com/sandboxie-plus/Sandboxie/pull/3836)
### Changed
- improved Avast template [#3777](https://github.com/sandboxie-plus/Sandboxie/pull/3777)
- renamed a bunch of experimental options and marked them as experimental in the UI
- "IsBlockCapture=y" -> "BlockScreenCapture=y"
- "IsProtectScreen=>" -> "CoverBoxedWindows=y"
### Fixed
- fixed When I change the BlockDNS and BlockPorts options, the Apply button is not activated [#3807](https://github.com/sandboxie-plus/Sandboxie/issues/3807)
- fixed troubleshooting wizard broke with new qt [#3810](https://github.com/sandboxie-plus/Sandboxie/discussions/3810)
- fixed Settings dialog now showing the right ram disk letter
- fixed issues with updater broke with new qt due to missing SSL support [3810](https://github.com/sandboxie-plus/Sandboxie/discussions/3810)
- fixed inactive apply button when changing BlockDNS or BlockPorts options [#3807](https://github.com/sandboxie-plus/Sandboxie/issues/3807)
- fixed troubleshooting wizard breaking with new Qt [#3810](https://github.com/sandboxie-plus/Sandboxie/discussions/3810)
- fixed Settings dialog now showing the correct RAM drive letter
- fixed broken updater due to missing SSL support in the latest Qt build [#3810](https://github.com/sandboxie-plus/Sandboxie/discussions/3810)
- fixed Enabling "DropAdminRights/FakeAdminRights" adds "BlockInterferePower and ForceProtectionOnMount" to the INI [#3825](https://github.com/sandboxie-plus/Sandboxie/issues/3825)
- fixed KeePass "Out of Memory" crash due to "BlockScreenCapture=y" [#3768](https://github.com/sandboxie-plus/Sandboxie/issues/3768)
- fixed Sandboxie 1.13.4 with IsBlockCapture=y not working on Windows 7 [#3769](https://github.com/sandboxie-plus/Sandboxie/issues/3769)
- fixed explorer.exe issue "FakeAdminRights=y" [#3638](https://github.com/sandboxie-plus/Sandboxie/issues/3638)
- fixed Make it possible to disable forced folder warning [#3569](https://github.com/sandboxie-plus/Sandboxie/issues/3569)
@ -59,15 +109,15 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- it can be enabled with "IsBlockCapture=y"
- see the sandbox option "Prevent sandboxed processes from using public methods to capture window images" in SandMan UI
- added "LingerExemptWnds=n" to make the lingering process monitor mechanism no longer exempt lingering processes with windows from termination
- Added option 'SharedTemplate' to Box Wizard [#3737](https://github.com/sandboxie-plus/Sandboxie/pull/3737) (thanks offhub)
- Added an option to force the protection of an encrypted sandbox to be enabled. [#3736](https://github.com/sandboxie-plus/Sandboxie/pull/3736) (thanks Yeyixiao)
- Added a menu and button/icon to suspend all processes [#3741] (https://github.com/sandboxie-plus/Sandboxie/issues/3741)
- added option 'SharedTemplate' to Box Wizard [#3737](https://github.com/sandboxie-plus/Sandboxie/pull/3737) (thanks offhub)
- added an option to force the protection of an encrypted sandbox to be enabled [#3736](https://github.com/sandboxie-plus/Sandboxie/pull/3736) (thanks Yeyixiao)
- added a menu and button/icon to suspend all processes [#3741] (https://github.com/sandboxie-plus/Sandboxie/issues/3741)
### Changed
- option "LingerLeniency=n" now also disabled the 5 sec grace period for freshly started lingerers [#1892](https://github.com/sandboxie-plus/Sandboxie/issues/1892)
- option "LingerLeniency=n" now also disabled the 5 second grace period for freshly started lingerers [#1892](https://github.com/sandboxie-plus/Sandboxie/issues/1892)
### Fixed
- fixed issue with symlinks related to startmenu folders
- fixed issue with symlinks related to start menu folders
@ -139,7 +189,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- reworked SCM hooking to improve Windows 10 compatibility
- reworked offset dependent handling of undocumented Windows kernel objects
- the required offsets can be now updated independently from the driver
- the DynData blob is digitally signed, when in testsigning mode the signature is however ignored
- the DynData blob is digitally signed, when in test signing mode the signature is however ignored
- when Sandboxie encounters a yet unsupported kernel build, token based isolation is disabled to prevent system instability
- this safety mechanism is disabled on systems participating in the Windows Insider program
- for systems in the Insider program, the latest known offsets are tried
@ -367,18 +417,18 @@ This project adheres to [Semantic Versioning](http://semver.org/).
### Fixed
- fixed subscription certificate recognition issue
- fixed logo cut-off in the About window [#3249](https://github.com/sandboxie-plus/Sandboxie/issues/3249)
- fixed issue with file recovery when using ramdisk [d82b62e](https://github.com/sandboxie-plus/Sandboxie/commit/d82b62ee78d865e21005b9b81dfa9dac9f524b90)
- fixed issue with file recovery when using a RAM drive [d82b62e](https://github.com/sandboxie-plus/Sandboxie/commit/d82b62ee78d865e21005b9b81dfa9dac9f524b90)
## [1.11.1 / 5.66.1] - 2023-08-31
### Added
- added 'RamDiskLetter=R:\' option allowing to mount the ramdisk root to a drive letter [938e0a8](https://github.com/sandboxie-plus/Sandboxie/commit/938e0a8c8d88e3780ece674c6702654d0b4e6ddc)
- added 'RamDiskLetter=R:\' option allowing to mount the RAM drive root to a drive letter [938e0a8](https://github.com/sandboxie-plus/Sandboxie/commit/938e0a8c8d88e3780ece674c6702654d0b4e6ddc)
### Changed
- changed the new option layout to be the default for non-vintage views (can be changed back in the settings) [94c3f5e](https://github.com/sandboxie-plus/Sandboxie/commit/94c3f5e35bf9e7c993557f2c9d4e6e5129e9d1df)
### Fixed
- fixed issue when re-creating a rambox junction [2542351](https://github.com/sandboxie-plus/Sandboxie/commit/254235136fa8b74ad147f03b646d4015208c14be)
- fixed issue when re-creating a RAM sandbox junction [2542351](https://github.com/sandboxie-plus/Sandboxie/commit/254235136fa8b74ad147f03b646d4015208c14be)
- fixed Sandboxie logo scaling in the setup wizards [#3227](https://github.com/sandboxie-plus/Sandboxie/issues/3227)
- fixed text cut-off in box creation wizard [#3226](https://github.com/sandboxie-plus/Sandboxie/issues/3226)
- fixed Windows 7 compatibility issue with ImBox.exe [1f0b2b7](https://github.com/sandboxie-plus/Sandboxie/commit/1f0b2b71ba47436252fd55eece2c3624085b46dc)
@ -392,7 +442,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.11.0 / 5.66.0] - 2023-08-25
### Added
- added ImDisk driver, allowing to create boxes residing in a ramdisk
- added ImDisk driver, allowing to create boxes residing in a RAM drive
- added Encrypted Sandbox support; this creates confidential boxes that do not leak data to the host PC
- using the ImDisk driver and a new ImBox component featuring the cryptographic implementation from [DiskCryptor](https://diskcryptor.org/) the sandbox root folder is stored in an encrypted container file
- using the SbieDrv to prevent processes not belonging to the sandbox from accessing an encrypted sandbox's root folder
@ -468,7 +518,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- fixed UGlobalHotkey library not being compatible with Qt6
### Removed
- removed hardcoded support for LogApiDll
- removed hardcoded support for LogAPI library
- use the Add-On Manager and DLL injection settings
@ -515,7 +565,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- added box scripting engine to make SandMan more flexible
- added scriptable troubleshooting wizard [#1875](https://github.com/sandboxie-plus/Sandboxie/issues/1875)
- added Add-On Manager which helps to install additional and third-party components, available add-ons:
- [ImDisk Toolkit](https://sourceforge.net/projects/imdisk-toolkit/) - used to create RAM Disks and other virtual drives
- [ImDisk Toolkit](https://sourceforge.net/projects/imdisk-toolkit/) - used to create RAM drives and other virtual drives
- [V4 Script Debugger](https://github.com/DavidXanatos/NeoScriptTools) - used to debug troubleshooting scripts
- [Microsoft Debug Help Library](https://learn.microsoft.com/en-us/windows/win32/debug/debug-help-library) - used for the stack trace feature introduced in 1.9.6
- [signcheck.exe](https://learn.microsoft.com/en-us/sysinternals/downloads/sigcheck) - used to scan files on VirusTotal before recovering them
@ -756,7 +806,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
### Fixed
- fixed issue with the new SBIE2307 message being triggered on media removal
- excluded some old token hacks (for Firefox) from being disabled
- long-standing ping issue with compartment type boxes [#1608](https://github.com/sandboxie-plus/Sandboxie/issues/1608)
- fixed long-standing ping issue with compartment type boxes [#1608](https://github.com/sandboxie-plus/Sandboxie/issues/1608)
@ -1128,7 +1178,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.5.0 / 5.60.0] - 2022-10-19
### Added
- Added support for Windows on ARM64 [#1321](https://github.com/sandboxie-plus/Sandboxie/issues/1321) [#645](https://github.com/sandboxie-plus/Sandboxie/issues/645)
- added support for Windows on ARM64 [#1321](https://github.com/sandboxie-plus/Sandboxie/issues/1321) [#645](https://github.com/sandboxie-plus/Sandboxie/issues/645)
- ported SbieDrv for ARM64
- ported low-level injection mechanism for ARM64/ARM64EC
- ported syscall hooks for ARM64/ARM64EC
@ -1228,8 +1278,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.3.4 / 5.58.4] - 2022-09-19
### Added
- Added NoRenameWinClass to the Plus UI
- Added Windows.UI.* to the list of hardcoded well-known classes to resolve issues with WinUI apps [#2109](https://github.com/sandboxie-plus/Sandboxie/issues/2109)
- added NoRenameWinClass to the Plus UI
- added Windows.UI.* to the list of hardcoded well-known classes to resolve issues with WinUI apps [#2109](https://github.com/sandboxie-plus/Sandboxie/issues/2109)
### Changed
- NoRenameWinClass now supports wildcards
@ -1857,7 +1907,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- fixed possible upgrade issue with Classic installer (by isaak654) [130c43a](https://github.com/sandboxie-plus/Sandboxie/commit/130c43a62c9778b734fa625bf4f46b12d0701719)
- fixed minor issues with Classic installer (by sredna) [#1533](https://github.com/sandboxie-plus/Sandboxie/pull/1533)
- fixed issue with Ldr_FixImagePath_2 [#1507](https://github.com/sandboxie-plus/Sandboxie/issues/1507)
- when using "Run Sandboxed" with SandMan UI and the UI is off, it will stay off.
- when using "Run Sandboxed" with SandMan UI and the UI is off, it will stay off
- fixed issue with Util_GetProcessPidByName that should resolve the driver sometimes failing to start at boot [#1451](https://github.com/sandboxie-plus/Sandboxie/issues/1451)
- SandMan will now run in background like SbieCtrl when starting a boxed process [post506](https://forum.xanasoft.com/viewtopic.php?p=506#p506)
- fixed taskbar not showing with persistent box border in full screen [post474](https://forum.xanasoft.com/viewtopic.php?p=474#p474)
@ -2413,14 +2463,14 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [0.8.9 / 5.50.9] - 2021-07-28 HotFix 2
### Fixed
Fixed issue with registering session leader
- fixed issue with registering session leader
## [0.8.9 / 5.50.9] - 2021-07-28 HotFix 1
### Fixed
Fixed issue with Windows 7
- fixed issue with Windows 7
@ -2751,7 +2801,7 @@ Fixed issue with Windows 7
- improved RPC debugging
- improved IPC handling around RpcMgmtSetComTimeout; "RpcMgmtSetComTimeout=n" is now the default behaviour
- required exceptions have been hard-coded for specific calling DLLs
- the LogApi dll is now using Sbie's tracing facility to log events instead of its own pipe server
- the LogAPI library is now using Sandboxie's tracing facility to log events instead of its own pipe server
### Fixed
- FIXED SECURITY ISSUE ID-11: elevated sandboxed processes could access volumes/disks for reading (thanks hg421)
@ -3220,8 +3270,7 @@ Fixed issue with Windows 7
### Changed
- SbieCtrl no longer auto-shows the tutorial on first start
- when hooking to the trampoline, the migrated section of the original function is no longer noped out
- it caused issues with Unity games
- when hooking to the trampoline, the migrated section of the original function is no longer noped out due to causing issues with Unity games
### Fixed
- fixed colour issue with vertical tabs in dark mode
@ -3258,7 +3307,7 @@ Fixed issue with Windows 7
- fixed issues with the new box settings editor
### Removed
- removes deprecated workaround in the hooking mechanism for an obsolete anti-malware product
- removed deprecated workaround in the hooking mechanism for an obsolete anti-malware product
@ -3295,13 +3344,13 @@ Fixed issue with Windows 7
- added finder to resource log
- added option "HideHostProcess=program.exe" to hide unsandboxed host processes
- Note: Sbie hides by default processes from other boxes, this behaviour can now be controlled with "HideOtherBoxes=n"
- Sandboxed RpcSs and DcomLaunch can now be run as system with the option "ProtectRpcSs=y" however this breaks the sandboxed Windows Explorer and others
- Built-in Clsid whitelist can now be disabled with "OpenDefaultClsid=n"
- Processes can be now terminated with the del key, and require a confirmation
- sandboxed RpcSs and DcomLaunch can now be run as system with the option "ProtectRpcSs=y" however this breaks the sandboxed Windows Explorer and others
- built-in Clsid whitelist can now be disabled with "OpenDefaultClsid=n"
- processes can be now terminated with the del key, and require a confirmation
- added sandboxed window border display to SandMan.exe
- added notification for Sbie log messages
- added Sandbox Presets submenu to quickly change some settings
- Enable/Disable API logging; logapi_dlls are now distributed with SbiePlus
- Enable/Disable API logging; LogAPI DLLs are now distributed with Sandboxie Plus
- Drop admin rights
- Block/Allow internet access
- Block/Allow access to files on the network
@ -3337,8 +3386,8 @@ Fixed issue with Windows 7
- improved debugging around process creation errors in the driver
### Fixed
- fixed some log messages going lost after driver reload
- found a workable fix for the MSI installer issue, see Proc_CreateProcessInternalW_RS5
- fixed log messages getting lost after driver reload
- fixed MSI installer issue, see Proc_CreateProcessInternalW_RS5
@ -3351,7 +3400,7 @@ Fixed issue with Windows 7
- added progress window for async operations that take time
- added DPI awareness [#56](https://github.com/sandboxie-plus/Sandboxie/issues/56)
- the driver file is now obfuscated to avoid false positives
- additional debug options to Sandboxie.ini OpenToken=y that combines UnrestrictedToken=y and UnfilteredToken=y
- additional debug option for Sandboxie.ini named OpenToken=y which combines UnrestrictedToken=y and UnfilteredToken=y
- Note: using these options weakens the sandboxing, they are intended for debugging and may be used for better application virtualization later
### Changed
@ -3360,8 +3409,8 @@ Fixed issue with Windows 7
### Fixed
- IniWatcher did not work in portable mode
- service path fix broke other services, now properly fixed, maybe
- found workaround for the MSI installer issue
- service path fix broke other services
- workaround for the MSI installer issue
@ -3389,7 +3438,7 @@ Fixed issue with Windows 7
### Added
- created a new Qt-based UI named SandMan (Sandboxie Manager)
- Resource Monitor now shows the PID
- added basic API call log using updated BSA LogApiDll
- added basic API call log using updated BSA LogAPI library
### Changed
- reworked Resource Monitor to work with multiple event consumers
@ -3400,8 +3449,8 @@ Fixed issue with Windows 7
## [5.40.1] - 2020-04-10
### Added
- "Other" type for the Resource Access Monitor
- added call to StartService to the logged Resources
- added the new "Other" type for the Resource Access Monitor
- added call to StartService to the logged Resources
### Fixed
- fixed "Windows Installer Service could not be accessed" that got introduced with Windows 1903

35
Sandboxie/apps/start/start.cpp
View File

@ -28,6 +28,7 @@
#include "core/svc/SbieIniWire.h"
#include "common/my_version.h"
#include "msgs/msgs.h"
#include "core/drv/api_defs.h"
//---------------------------------------------------------------------------
@ -88,6 +89,7 @@ BOOL execute_auto_run = FALSE;
BOOL execute_open_with = FALSE;
BOOL run_elevated_2 = FALSE;
BOOL disable_force_on_this_program = FALSE;
BOOL force_children_on_this_program = FALSE;
BOOL auto_select_default_box = FALSE;
WCHAR *StartMenuSectionName = NULL;
BOOL run_silent = FALSE;
@ -716,6 +718,17 @@ BOOL Parse_Command_Line(void)
disable_force_on_this_program = TRUE;
//
// Command line switch /force_children or /fcp
//
} else if (_wcsnicmp(cmd, L"force_children", 14) == 0 ||
_wcsnicmp(cmd, L"fcp", 3) == 0) {
cmd = Eat_String(cmd);
force_children_on_this_program = TRUE;
//
// Command line switch /hide_window
//
@ -1193,7 +1206,7 @@ int Program_Start(void)
shExecInfo.cbSize = sizeof(SHELLEXECUTEINFO);
shExecInfo.fMask = SEE_MASK_FLAG_NO_UI | SEE_MASK_DOENVSUBST
| SEE_MASK_FLAG_DDEWAIT | SEE_MASK_NOZONECHECKS;
if (wait_for_process || keep_alive)
if (wait_for_process || keep_alive || force_children_on_this_program)
shExecInfo.fMask |= SEE_MASK_NOCLOSEPROCESS;
shExecInfo.hwnd = NULL;
shExecInfo.lpVerb = NULL;
@ -1337,6 +1350,8 @@ int Program_Start(void)
if (ok && (wait_for_process || keep_alive))
hNewProcess = shExecInfo.hProcess;
else if(ok && force_children_on_this_program)
pi.dwProcessId = GetProcessId(shExecInfo.hProcess);
if (! ok) {
@ -1364,9 +1379,16 @@ int Program_Start(void)
// we know for sure that SandboxieRpcSs has opened it
//
if (ok && (! disable_force_on_this_program)) {
if (ok) {
SbieDll_StartCOM(FALSE);
if (force_children_on_this_program) {
SbieApi_Call(API_FORCE_CHILDREN, 2, pi.dwProcessId, BoxName);
} else if (!disable_force_on_this_program) {
SbieDll_StartCOM(FALSE);
}
}
//
@ -1395,7 +1417,9 @@ int Program_Start(void)
}
}
} else if (GetModuleHandle(L"protect.dll")) {
}
// $Workaround$ - 3rd party fix
else if (GetModuleHandle(L"protect.dll")) {
//
// hack for FortKnox firewall -- keep Start.exe around for a few
@ -1833,8 +1857,9 @@ int __stdcall WinMainCRTStartup(
ULONG NewState = DISABLE_JUST_THIS_PROCESS;
SbieApi_DisableForceProcess(&NewState, NULL);
return die(Program_Start());
}
if (disable_force_on_this_program || force_children_on_this_program)
return die(Program_Start());
}
return die(RestartInSandbox());

19
Sandboxie/common/my_version.h
View File

@ -21,9 +21,22 @@
#ifndef _MY_VERSION_H
#define _MY_VERSION_H
#define MY_VERSION_BINARY 5,68,6
#define MY_VERSION_STRING "5.68.6"
#define MY_ABI_VERSION 0x56800
#define STR2(X) #X
#define STR(X) STR2(X)
#define VERSION_MJR 5
#define VERSION_MIN 69
#define VERSION_REV 0
#define VERSION_UPD 0
#if VERSION_UPD > 0
#define MY_VERSION_BINARY VERSION_MJR,VERSION_MIN,VERSION_REV,VERSION_UPD
#define MY_VERSION_STRING STR(VERSION_MJR.VERSION_MIN.VERSION_REV.VERSION_UPD)
#else
#define MY_VERSION_BINARY VERSION_MJR,VERSION_MIN,VERSION_REV
#define MY_VERSION_STRING STR(VERSION_MJR.VERSION_MIN.VERSION_REV)
#endif
#define MY_ABI_VERSION 0x56800
// These #defines are used by either Resource Compiler or NSIS installer
#define SBIE_INSTALLER_PATH "..\\Bin\\"

61
Sandboxie/common/my_wsa.h
View File

@ -1,5 +1,5 @@
/*
* Copyright 2021 DavidXanatos, xanasoft.com
* Copyright 2021-2024 DavidXanatos, xanasoft.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -53,6 +53,53 @@
#define IPPROTO_ANY 256
#define SD_RECEIVE 0x00
#define SD_SEND 0x01
#define SD_BOTH 0x02
#define SOCKS_SUCCESS 0
#define SOCKS_GENERAL_FAILURE 1
#define MSG_WAITALL 0x8 /* do not complete until packet is completely filled */
#define FIONBIO 0x8004667e
/*
* WinSock 2 extension -- bit values and indices for FD_XXX network events
*/
#define FD_READ_BIT 0
#define FD_READ (1 << FD_READ_BIT)
#define FD_WRITE_BIT 1
#define FD_WRITE (1 << FD_WRITE_BIT)
#define FD_OOB_BIT 2
#define FD_OOB (1 << FD_OOB_BIT)
#define FD_ACCEPT_BIT 3
#define FD_ACCEPT (1 << FD_ACCEPT_BIT)
#define FD_CONNECT_BIT 4
#define FD_CONNECT (1 << FD_CONNECT_BIT)
#define FD_CLOSE_BIT 5
#define FD_CLOSE (1 << FD_CLOSE_BIT)
#define FD_QOS_BIT 6
#define FD_QOS (1 << FD_QOS_BIT)
#define FD_GROUP_QOS_BIT 7
#define FD_GROUP_QOS (1 << FD_GROUP_QOS_BIT)
#define FD_ROUTING_INTERFACE_CHANGE_BIT 8
#define FD_ROUTING_INTERFACE_CHANGE (1 << FD_ROUTING_INTERFACE_CHANGE_BIT)
#define FD_ADDRESS_LIST_CHANGE_BIT 9
#define FD_ADDRESS_LIST_CHANGE (1 << FD_ADDRESS_LIST_CHANGE_BIT)
#define FD_MAX_EVENTS 10
#define FD_ALL_EVENTS ((1 << FD_MAX_EVENTS) - 1)
//---------------------------------------------------------------------------
// Structures and Types
@ -81,6 +128,13 @@ typedef struct {
};
} SCOPE_ID, *PSCOPE_ID;
typedef struct sockaddr {
ADDRESS_FAMILY sa_family; // Address family.
CHAR sa_data[14]; // Up to 14 bytes of direct address.
} SOCKADDR, *PSOCKADDR, FAR *LPSOCKADDR;
typedef struct sockaddr_in {
ADDRESS_FAMILY sin_family;
@ -109,6 +163,11 @@ typedef struct sockaddr_un {
typedef void (*PIPFORWARD_CHANGE_CALLBACK)
(void *CallerContext, void *Row, ULONG NotificationType);
typedef struct _WSANETWORKEVENTS {
long lNetworkEvents;
int iErrorCode[FD_MAX_EVENTS];
} WSANETWORKEVENTS, FAR * LPWSANETWORKEVENTS;
#endif
//---------------------------------------------------------------------------

33
Sandboxie/common/netfw.c
View File

@ -450,7 +450,7 @@ const WCHAR* wcsnchr(const WCHAR* str, size_t max, WCHAR ch)
int _inet_pton(int af, const wchar_t* src, void* dst);
int _inet_xton(const WCHAR* src, ULONG src_len, IP_ADDRESS *dst)
int _inet_xton(const WCHAR* src, ULONG src_len, IP_ADDRESS *dst, USHORT *type)
{
WCHAR tmp[46 + 1]; // INET6_ADDRSTRLEN
if (src_len > ARRAYSIZE(tmp) - 1) src_len = ARRAYSIZE(tmp) - 1;
@ -460,7 +460,7 @@ int _inet_xton(const WCHAR* src, ULONG src_len, IP_ADDRESS *dst)
USHORT af = wcschr(tmp, L':') != NULL ? AF_INET6 : AF_INET;
//dst->Type = af
int ret = _inet_pton(af, tmp, dst->Data);
if (type) *type = af;
return ret;
}
@ -522,16 +522,16 @@ BOOLEAN NetFw_ParseRule(NETFW_RULE* rule, const WCHAR* found_value)
ULONG ip_len2 = (ULONG)(ip_value - ip_str2);
IP_ADDRESS ip1;
_inet_xton(ip_str1, ip_len1, &ip1);
_inet_xton(ip_str1, ip_len1, &ip1, NULL);
IP_ADDRESS ip2;
_inet_xton(ip_str2, ip_len2, &ip2);
_inet_xton(ip_str2, ip_len2, &ip2, NULL);
NetFw_RuleAddIpRange(&rule->ip_map, &ip1, &ip2, rule->pool);
}
else
{
IP_ADDRESS ip;
_inet_xton(ip_str1, ip_len1, &ip);
_inet_xton(ip_str1, ip_len1, &ip, NULL);
NetFw_RuleAddIpRange(&rule->ip_map, &ip, &ip, rule->pool);
}
}
@ -552,6 +552,29 @@ BOOLEAN NetFw_ParseRule(NETFW_RULE* rule, const WCHAR* found_value)
}
BOOLEAN is_localhost(const struct sockaddr* name)
{
if (name->sa_family == AF_INET) {
const SOCKADDR_IN* v4 = (const SOCKADDR_IN*)name;
return v4->sin_addr.s_net == 0x7f;
}
if (name->sa_family == AF_INET6) {
const SOCKADDR_IN6_LH* v6 = (const SOCKADDR_IN6_LH*)name;
return v6->sin6_addr.u.Word[0] == 0 && v6->sin6_addr.u.Word[1] == 0 &&
v6->sin6_addr.u.Word[2] == 0 && v6->sin6_addr.u.Word[3] == 0 &&
v6->sin6_addr.u.Word[4] == 0 && v6->sin6_addr.u.Word[5] == 0 &&
v6->sin6_addr.u.Word[6] == 0 && v6->sin6_addr.u.Byte[14] == 0 &&
v6->sin6_addr.u.Byte[15] == 1;
}
return FALSE;
}
BOOLEAN is_inet(const struct sockaddr* name)
{
return name->sa_family == AF_INET || name->sa_family == AF_INET6;
}
#include <inaddr.h>
#include <in6addr.h>

8
Sandboxie/common/netfw.h
View File

@ -27,4 +27,12 @@ BOOLEAN NetFw_ParseRule(NETFW_RULE* rule, const WCHAR* RuleStr);
void NetFw_FreeRule(NETFW_RULE* rule);
int _wntoi(const WCHAR* str, ULONG max);
int _inet_pton(int af, const wchar_t* src, void* dst);
int _inet_aton(const wchar_t* from, struct in_addr* in);
int _inet_xton(const WCHAR* src, ULONG max, IP_ADDRESS* dst, USHORT* type);
BOOLEAN is_localhost(const struct sockaddr* name);
BOOLEAN is_inet(const struct sockaddr* name);
#endif

26
Sandboxie/common/pattern.c
View File

@ -58,6 +58,9 @@ struct _PATTERN {
// a value denoting the match level for the process
ULONG level;
// optional auxyliary data to be associated with this pattern
PVOID aux;
// array of pointers to constant parts. the actual number of
// elements is indicate by info.num_cons, and the strings are
// allocated as part of this PATTERN object
@ -308,6 +311,17 @@ _FX ULONG Pattern_Level(PATTERN *pat)
}
//---------------------------------------------------------------------------
// Pattern_Aux
//---------------------------------------------------------------------------
_FX PVOID* Pattern_Aux(PATTERN *pat)
{
return &pat->aux;
}
//---------------------------------------------------------------------------
// Pattern_Wildcards
//---------------------------------------------------------------------------
@ -655,7 +669,7 @@ _FX const WCHAR *Pattern_wcsnstr_ex(
_FX int Pattern_MatchPathList(
WCHAR *path_lwr, ULONG path_len, LIST *list, ULONG* plevel, ULONG* pflags, USHORT* pwildc, const WCHAR** patsrc)
WCHAR *path_lwr, ULONG path_len, LIST *list, ULONG* plevel, ULONG* pflags, USHORT* pwildc, PATTERN **found)
{
PATTERN *pat;
int match_len = 0;
@ -682,7 +696,7 @@ _FX int Pattern_MatchPathList(
level = cur_level;
flags = cur_exact ? MATCH_FLAG_EXACT : 0;
wildc = cur_wildc;
if (patsrc) *patsrc = Pattern_Source(pat);
if (found) *found = pat;
// we need to test all entries to find the best match, so we don't break here
// unless we found an exact match, than there can't be a batter one
@ -705,7 +719,7 @@ _FX int Pattern_MatchPathList(
level = cur_level;
flags = MATCH_FLAG_AUX | (cur_exact ? MATCH_FLAG_EXACT : 0);
wildc = cur_wildc;
if (patsrc) *patsrc = Pattern_Source(pat);
if (found) *found = pat;
}
}
@ -727,7 +741,7 @@ _FX int Pattern_MatchPathList(
_FX BOOLEAN Pattern_MatchPathListEx(WCHAR *path_lwr, ULONG path_len, LIST *list, ULONG* plevel, int* pmatch_len, ULONG* pflags, USHORT* pwildc, const WCHAR** patsrc)
{
const WCHAR* cur_patsrc;
PATTERN* found;
ULONG cur_level;
ULONG cur_flags;
USHORT cur_wildc;
@ -737,7 +751,7 @@ _FX BOOLEAN Pattern_MatchPathListEx(WCHAR *path_lwr, ULONG path_len, LIST *list,
cur_level = *plevel;
cur_flags = *pflags;
cur_wildc = *pwildc;
cur_len = Pattern_MatchPathList(path_lwr, path_len, list, &cur_level, &cur_flags, &cur_wildc, &cur_patsrc);
cur_len = Pattern_MatchPathList(path_lwr, path_len, list, &cur_level, &cur_flags, &cur_wildc, &found);
if (cur_level <= *plevel && (
((*pflags & MATCH_FLAG_EXACT) == 0 && (cur_flags & MATCH_FLAG_EXACT) != 0) || // an exact match overrules any non exact match
((*pflags & MATCH_FLAG_AUX) != 0 && (cur_flags & MATCH_FLAG_AUX) == 0) || // a rule with a primary match overrules auxiliary matches
@ -748,7 +762,7 @@ _FX BOOLEAN Pattern_MatchPathListEx(WCHAR *path_lwr, ULONG path_len, LIST *list,
*pflags = cur_flags;
*pwildc = cur_wildc;
*pmatch_len = cur_len;
if (patsrc) *patsrc = cur_patsrc;
if (patsrc) *patsrc = Pattern_Source(found);
return TRUE;
}

10
Sandboxie/common/pattern.h
View File

@ -71,7 +71,13 @@ const WCHAR *Pattern_Source(PATTERN *pat);
ULONG Pattern_Level(PATTERN *pat);
//
// Pattern_Wildcards: returns count of wildcards in the pattern, not counting the trailing * when present
// Pattern_Aux: returns the associated auxyliary data.
//
PVOID* Pattern_Aux(PATTERN *pat);
//
// Pattern_Wildcards: returns count of wildcards in the pattern, not counting the tailing * when rpresent
//
USHORT Pattern_Wildcards(PATTERN *pat);
@ -99,7 +105,7 @@ int Pattern_MatchX(PATTERN *pat, const WCHAR *string, int string_len);
#define MATCH_FLAG_AUX 0x02
int Pattern_MatchPathList(
WCHAR* path_lwr, ULONG path_len, LIST* list, ULONG* plevel, ULONG* pflags, USHORT* pwildc, const WCHAR** patsrc);
WCHAR* path_lwr, ULONG path_len, LIST* list, ULONG* plevel, ULONG* pflags, USHORT* pwildc, PATTERN **found);
BOOLEAN Pattern_MatchPathListEx(
WCHAR* path_lwr, ULONG path_len, LIST* list, ULONG* plevel, int* pmatch_len, ULONG* pflags, USHORT* pwildc, const WCHAR** patsrc);

110
Sandboxie/common/rc4.c Normal file
View File

@ -0,0 +1,110 @@
/*
* Copyright 2024 David Xanatos, xanasoft.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
//---------------------------------------------------------------------------
// Simple INSECURE Encryption Functions
//---------------------------------------------------------------------------
#ifdef RC4_HEADER_ONLY
//---------------------------------------------------------------------------
// Functions
//---------------------------------------------------------------------------
#ifdef __cplusplus
extern "C" {
#endif
void rc4_crypt(const unsigned char *key_ptr, unsigned int key_len, unsigned int stream_pos, unsigned char *buffer_ptr, unsigned int buffer_len);
#ifdef __cplusplus
} // extern "C"
#endif
//---------------------------------------------------------------------------
// Body
//---------------------------------------------------------------------------
#else RC4_HEADER_ONLY
typedef struct rc4_sbox_s
{
unsigned char state[256];
unsigned int x;
unsigned int y;
} rc4_sbox_t;
void rc4_swap(unsigned char &a, unsigned char &b)
{
unsigned char c = a;
a = b;
b = c;
}
void rc4_init(rc4_sbox_t *rc4_sbox, const unsigned char *key_ptr, unsigned int key_len)
{
rc4_sbox->x = 0;
rc4_sbox->y = 0;
// Initialisation of the permutation
unsigned int i;
for (i = 0; i < 256; i++)
rc4_sbox->state[i] = (char)i;
// Mixing permutation
unsigned int j = 0;
unsigned int k;
for (i = 0; i < 256; i++)
{
k = i % key_len;
j = (key_ptr[k] + rc4_sbox->state[i] + j) & 0xff;
rc4_swap(rc4_sbox->state[i], rc4_sbox->state[j]);
}
}
void rc4_transform(rc4_sbox_t *rc4_sbox, unsigned char *buffer_ptr, unsigned int buffer_len)
{
unsigned int i;
for (i = 0; i < buffer_len; i++)
{
// The pseudo-random generation algorithm
rc4_sbox->x = (rc4_sbox->x + 1) & 0xff;
rc4_sbox->y = (rc4_sbox->y + rc4_sbox->state[rc4_sbox->x]) & 0xff;
rc4_swap(rc4_sbox->state[rc4_sbox->x], rc4_sbox->state[rc4_sbox->y]);
unsigned char keyChar = rc4_sbox->state[(rc4_sbox->state[rc4_sbox->x] + rc4_sbox->state[rc4_sbox->y]) & 0xff];
if (buffer_ptr) // NULL when seeking
buffer_ptr[i] ^= keyChar;
}
}
void rc4_crypt(const unsigned char* key_ptr, unsigned int key_len, unsigned int stream_pos, unsigned char* buffer_ptr, unsigned int buffer_len)
{
rc4_sbox_s sbox;
rc4_init(&sbox, key_ptr, key_len);
if(stream_pos) // RC4 is very insecure but the first few kb are espetially insecure
rc4_transform(&sbox, NULL, stream_pos);
rc4_transform(&sbox, buffer_ptr, buffer_len);
}
#endif RC4_HEADER_ONLY

10
Sandboxie/core/dll/SboxDll.vcxproj
View File

@ -622,6 +622,7 @@
<ClCompile Include="iphlp.c" />
<ClCompile Include="ipstore_enum.cpp" />
<ClCompile Include="ipstore_impl.cpp" />
<ClCompile Include="kernel.c" />
<ClCompile Include="key.c" />
<ClCompile Include="key_del.c">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">true</ExcludedFromBuild>
@ -673,6 +674,7 @@
<ClCompile Include="ole.cpp" />
<ClCompile Include="pdh.c" />
<ClCompile Include="proc.c" />
<ClCompile Include="proxy.c" />
<ClCompile Include="pst.cpp" />
<ClCompile Include="rpcrt.c" />
<ClCompile Include="sbieapi.c" />
@ -787,14 +789,16 @@
<ItemGroup>
<ClInclude Include="..\..\apps\com\common.h" />
<ClInclude Include="..\..\common\arm64_asm.h" />
<ClInclude Include="..\..\common\defines.h" />
<ClInclude Include="..\..\common\Detours\detours.h" />
<ClInclude Include="..\..\common\Detours\detver.h" />
<ClInclude Include="..\..\common\dllimport.h" />
<ClInclude Include="..\..\common\map.h" />
<ClInclude Include="..\..\common\my_version.h" />
<ClInclude Include="..\..\common\my_wsa.h" />
<ClInclude Include="..\..\common\my_xeb.h" />
<ClInclude Include="..\..\common\ntproto.h" />
<ClInclude Include="..\..\common\str_util.h" />
<ClInclude Include="..\..\common\my_wsa.h" />
<ClInclude Include="..\..\common\list.h" />
<ClInclude Include="..\..\common\netfw.h" />
<ClInclude Include="..\..\common\pattern.h" />
@ -805,6 +809,9 @@
<ClInclude Include="advapi.h" />
<ClInclude Include="debug.h" />
<ClInclude Include="dll.h" />
<ClCompile Include="dns_filter.c">
<FileType>CppCode</FileType>
</ClCompile>
<ClInclude Include="dump.h" />
<ClInclude Include="guidlg.h" />
<ClInclude Include="gui_p.h" />
@ -819,6 +826,7 @@
<ClInclude Include="sbiedll.h" />
<ClInclude Include="taskbar.h" />
<ClInclude Include="trace.h" />
<ClInclude Include="wsa_defs.h" />
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="lowlevel.rc" />

22
Sandboxie/core/dll/SboxDll.vcxproj.filters
View File

@ -256,6 +256,13 @@
<ClCompile Include="..\..\common\hook_util.c">
<Filter>common</Filter>
</ClCompile>
<ClCompile Include="proxy.c">
<Filter>net</Filter>
</ClCompile>
<ClCompile Include="dns_filter.c">
<Filter>net</Filter>
</ClCompile>
<ClCompile Include="kernel.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="advapi.h" />
@ -311,9 +318,6 @@
<ClInclude Include="..\..\common\list.h">
<Filter>common</Filter>
</ClInclude>
<ClInclude Include="..\..\common\my_wsa.h">
<Filter>common</Filter>
</ClInclude>
<ClInclude Include="..\..\common\str_util.h">
<Filter>common</Filter>
</ClInclude>
@ -356,6 +360,18 @@
<ClInclude Include="..\..\common\arm64_asm.h">
<Filter>common</Filter>
</ClInclude>
<ClInclude Include="..\..\common\defines.h">
<Filter>common</Filter>
</ClInclude>
<ClInclude Include="wsa_defs.h">
<Filter>net</Filter>
</ClInclude>
<ClInclude Include="..\..\common\my_wsa.h">
<Filter>common</Filter>
</ClInclude>
<ClInclude Include="..\..\common\my_xeb.h">
<Filter>common</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="resource.rc" />

6
Sandboxie/core/dll/config.c
View File

@ -322,14 +322,14 @@ _FX BOOLEAN Config_InitPatternList(const WCHAR* boxname, const WCHAR* setting, L
if (!NT_SUCCESS(status))
break;
++index;
if (dos)
SbieDll_TranslateNtToDosPath(conf_buf);
ULONG level;
WCHAR* value = Config_MatchImageAndGetValue(conf_buf, Dll_ImageName, &level);
if (value)
{
if (dos && *value != L'*')
SbieDll_TranslateNtToDosPath(value);
pat = Pattern_Create(Dll_Pool, value, TRUE, level);
List_Insert_After(list, NULL, pat);

18
Sandboxie/core/dll/dll.h
View File

@ -200,6 +200,7 @@ typedef struct _THREAD_DATA {
BOOLEAN proc_create_process_capture_image;
BOOLEAN proc_create_process_force_elevate;
BOOLEAN proc_create_process_as_invoker;
BOOLEAN proc_create_process_fake_admin;
BOOLEAN proc_image_is_copy;
WCHAR *proc_image_path;
WCHAR *proc_command_line;
@ -310,6 +311,8 @@ extern ULONG Dll_Windows;
extern PSECURITY_DESCRIPTOR Secure_NormalSD;
extern PSECURITY_DESCRIPTOR Secure_EveryoneSD;
extern BOOLEAN Secure_FakeAdmin;
extern BOOLEAN Ldr_BoxedImage;
extern WCHAR *Ldr_ImageTruePath;
@ -401,19 +404,6 @@ void SbieDll_ReleaseFilePathLock();
BOOLEAN SbieDll_HasReadableSubPath(WCHAR path_code, const WCHAR* TruePath);
#define PATH_OPEN_FLAG 0x10
#define PATH_CLOSED_FLAG 0x20
#define PATH_WRITE_FLAG 0x40
#define PATH_IS_OPEN(f) (((f) & PATH_OPEN_FLAG) != 0)
#define PATH_NOT_OPEN(f) (((f) & PATH_OPEN_FLAG) == 0)
#define PATH_IS_CLOSED(f) (((f) & PATH_CLOSED_FLAG) != 0)
#define PATH_NOT_CLOSED(f) (((f) & PATH_CLOSED_FLAG) == 0)
#define PATH_IS_WRITE(f) (((f) & PATH_WRITE_FLAG) != 0)
#define PATH_NOT_WRITE(f) (((f) & PATH_WRITE_FLAG) == 0)
//---------------------------------------------------------------------------
// Functions (dllmain)
@ -731,6 +721,8 @@ BOOLEAN SH32_Init_ZipFldr(HMODULE);
BOOLEAN SH32_Init_UxTheme(HMODULE);
BOOLEAN Kernel_Init();
BOOLEAN Gui_Init(HMODULE);
BOOLEAN Gui_Init_IMM32(HMODULE);

3
Sandboxie/core/dll/dllmain.c
View File

@ -496,6 +496,9 @@ _FX void Dll_InitInjected(void)
if (ok)
ok = Proc_Init();
if (ok)
ok = Kernel_Init();
if (ok)
ok = Gui_InitConsole1();

139
Sandboxie/core/dll/dllpath.c
View File

@ -28,7 +28,6 @@
#include "core/drv/api_defs.h"
#include "core/drv/api_flags.h"
#define USE_MATCH_PATH_EX
//---------------------------------------------------------------------------
// Structures and Types
@ -317,20 +316,11 @@ _FX ULONG SbieDll_MatchPath2(WCHAR path_code, const WCHAR *path, BOOLEAN bCheckO
LIST *open_list, *closed_list, *write_list;
PATTERN *pat;
#endif
WCHAR *path_lwr;
ULONG path_len;
ULONG mp_flags;
ULONG monflag;
mp_flags = 0;
if (path == (const WCHAR *)-1) {
path = NULL;
path_len = 0;
} else {
path_len = wcslen(path);
if (! path_len)
return 0;
}
if (path_code == L'f') {
@ -446,13 +436,82 @@ _FX ULONG SbieDll_MatchPath2(WCHAR path_code, const WCHAR *path, BOOLEAN bCheckO
} else
return 0;
#ifdef USE_MATCH_PATH_EX
BOOLEAN use_rule_specificity = (path_code == L'f' || path_code == L'k' || path_code == L'i') && (Dll_ProcessFlags & SBIE_FLAG_RULE_SPECIFICITY) != 0;
//BOOLEAN use_privacy_mode = (path_code == L'f' || path_code == L'k') && (Dll_ProcessFlags & SBIE_FLAG_PRIVACY_MODE) != 0;
//mp_flags = SbieDll_MatchPathImpl(use_rule_specificity, use_privacy_mode, path, normal_list, open_list, closed_list, write_list, read_list);
mp_flags = SbieDll_MatchPathImpl(use_rule_specificity, path, normal_list, open_list, closed_list, write_list, read_list);
#else
mp_flags = SbieDll_MatchPathImpl(path, open_list, closed_list, write_list);
#endif
if (path_code == L'f')
LeaveCriticalSection(&Dll_FilePathListCritSec);
//
// scan paths list. if the path to match does not already end with
// a backslash character, we will check it twice, second time with
// a suffixing backslash. this will make sure we match C:\X even
// even when {Open,Closed}XxxPath=C:\X\ (with a backslash suffix)
// make sure that Sandboxie resources marked "always in box"
// will not match any OpenIpcPath or ClosedIpcPath settings
//
if (path_code == L'i' && mp_flags && path) {
WCHAR *LastBackSlash = wcsrchr(path, L'\\');
if (LastBackSlash && wcsncmp(LastBackSlash + 1,
SBIE_BOXED_, SBIE_BOXED_LEN) == 0) {
mp_flags = 0;
}
}
//
// log access request in the resource access monitor
//
if (path && monflag) {
if (PATH_IS_CLOSED(mp_flags))
monflag |= MONITOR_DENY;
// If hts file or key it will be logged by the driver's trace facility
// we only have to log closed events as those never reach the driver
// we need to always log to have also logs in compartment mode
//else if (monflag == MONITOR_FILE || monflag == MONITOR_KEY)
// bMonitorLog = FALSE;
else if (PATH_IS_OPEN(mp_flags))
monflag |= MONITOR_OPEN;
if (bMonitorLog)
{
SbieApi_MonitorPut2(monflag, path, bCheckObjectExists);
}
}
return mp_flags;
}
//---------------------------------------------------------------------------
// SbieDll_MatchPath2
//---------------------------------------------------------------------------
#ifdef USE_MATCH_PATH_EX
//_FX ULONG SbieDll_MatchPathImpl(BOOLEAN use_rule_specificity, BOOLEAN use_privacy_mode, const WCHAR* path, LIST* normal_list, LIST* open_list, LIST* closed_list, LIST* write_list, LIST* read_list)
_FX ULONG SbieDll_MatchPathImpl(BOOLEAN use_rule_specificity, const WCHAR* path, LIST* normal_list, LIST* open_list, LIST* closed_list, LIST* write_list, LIST* read_list)
#else
_FX ULONG SbieDll_MatchPathImpl(const WCHAR* path, LIST* open_list, LIST* closed_list, LIST* write_list)
#endif
{
WCHAR *path_lwr;
ULONG path_len = 0;
ULONG mp_flags = 0;
if(path) {
path_len = wcslen(path);
if (! path_len)
return 0;
}
path_lwr = Dll_AllocTemp((path_len + 4) * sizeof(WCHAR));
wmemcpy(path_lwr, path, path_len);
@ -468,8 +527,6 @@ _FX ULONG SbieDll_MatchPath2(WCHAR path_code, const WCHAR *path, BOOLEAN bCheckO
ULONG flags;
USHORT wildc;
BOOLEAN use_rule_specificity = (path_code == L'f' || path_code == L'k' || path_code == L'i') && (Dll_ProcessFlags & SBIE_FLAG_RULE_SPECIFICITY) != 0;
//
// set default behaviour
//
@ -506,7 +563,7 @@ _FX ULONG SbieDll_MatchPath2(WCHAR path_code, const WCHAR *path, BOOLEAN bCheckO
//
if (Pattern_MatchPathListEx(path_lwr, path_len, read_list, &level, &match_len, &flags, &wildc, NULL)) { //patsrc)) {
mp_flags = PATH_OPEN_FLAG; // say its open and let the driver deny the write access
mp_flags = PATH_READ_FLAG;
if (!use_rule_specificity) goto finish;
}
@ -531,6 +588,14 @@ _FX ULONG SbieDll_MatchPath2(WCHAR path_code, const WCHAR *path, BOOLEAN bCheckO
finish:
#else
//
// scan paths list. if the path to match does not already end with
// a backslash character, we will check it twice, second time with
// a suffixing backslash. this will make sure we match C:\X even
// even when {Open,Closed}XxxPath=C:\X\ (with a backslash suffix)
//
//
// ClosedXxxPath
//
@ -621,46 +686,6 @@ finish:
}
#endif
if (path_code == L'f')
LeaveCriticalSection(&Dll_FilePathListCritSec);
//
// make sure that Sandboxie resources marked "always in box"
// will not match any OpenIpcPath or ClosedIpcPath settings
//
if (path_code == L'i' && mp_flags && path) {
WCHAR *LastBackSlash = wcsrchr(path, L'\\');
if (LastBackSlash && wcsncmp(LastBackSlash + 1,
SBIE_BOXED_, SBIE_BOXED_LEN) == 0) {
mp_flags = 0;
}
}
//
// log access request in the resource access monitor
//
if (path && monflag) {
if (PATH_IS_CLOSED(mp_flags))
monflag |= MONITOR_DENY;
// If hts file or key it will be logged by the driver's trace facility
// we only have to log closed events as those never reach the driver
// we need to always log to have also logs in compartment mode
//else if (monflag == MONITOR_FILE || monflag == MONITOR_KEY)
// bMonitorLog = FALSE;
else if (PATH_IS_OPEN(mp_flags))
monflag |= MONITOR_OPEN;
if (bMonitorLog)
{
SbieApi_MonitorPut2(monflag, path, bCheckObjectExists);
}
}
Dll_Free(path_lwr);
return mp_flags;

437
Sandboxie/core/dll/dns_filter.c Normal file
View File

@ -0,0 +1,437 @@
/*
* Copyright 2022 David Xanatos, xanasoft.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
//---------------------------------------------------------------------------
// DNS Filter
//---------------------------------------------------------------------------
#define NOGDI
#include "dll.h"
#include <windows.h>
#include <wchar.h>
#include <oleauto.h>
#include "common/my_wsa.h"
#include "common/netfw.h"
#include "common/map.h"
#include "wsa_defs.h"
#include "common/pattern.h"
#include "common/str_util.h"
#include "core/drv/api_defs.h"
#include "core/drv/verify.h"
//---------------------------------------------------------------------------
// Functions
//---------------------------------------------------------------------------
static int WSA_WSALookupServiceBeginW(
LPWSAQUERYSETW lpqsRestrictions,
DWORD dwControlFlags,
LPHANDLE lphLookup);
static int WSA_WSALookupServiceNextW(
HANDLE hLookup,
DWORD dwControlFlags,
LPDWORD lpdwBufferLength,
LPWSAQUERYSETW lpqsResults);
static int WSA_WSALookupServiceEnd(HANDLE hLookup);
BOOLEAN WSA_GetIP(const short* addr, int addrlen, IP_ADDRESS* pIP);
void WSA_DumpIP(ADDRESS_FAMILY af, IP_ADDRESS* pIP, wchar_t* pStr);
//---------------------------------------------------------------------------
static P_WSALookupServiceBeginW __sys_WSALookupServiceBeginW = NULL;
static P_WSALookupServiceNextW __sys_WSALookupServiceNextW = NULL;
static P_WSALookupServiceEnd __sys_WSALookupServiceEnd = NULL;
//---------------------------------------------------------------------------
// Variables
//---------------------------------------------------------------------------
extern POOL* Dll_Pool;
static LIST WSA_FilterList;
static BOOLEAN WSA_FilterEnabled = FALSE;
typedef struct _IP_ENTRY
{
LIST_ELEM list_elem;
USHORT Type;
IP_ADDRESS IP;
} IP_ENTRY;
typedef struct _WSA_LOOKUP {
LIST* pEntries;
BOOLEAN NoMore;
} WSA_LOOKUP;
static HASH_MAP WSA_LookupMap;
static BOOLEAN WSA_DnsTraceFlag = FALSE;
//---------------------------------------------------------------------------
// WSA_GetLookup
//---------------------------------------------------------------------------
_FX WSA_LOOKUP* WSA_GetLookup(HANDLE h, BOOLEAN bCanAdd)
{
WSA_LOOKUP* pLookup = (WSA_LOOKUP*)map_get(&WSA_LookupMap, h);
if (pLookup == NULL && bCanAdd)
pLookup = (WSA_LOOKUP*)map_insert(&WSA_LookupMap, h, NULL, sizeof(WSA_LOOKUP));
return pLookup;
}
//---------------------------------------------------------------------------
// WSA_InitNetDnsFilter
//---------------------------------------------------------------------------
_FX BOOLEAN WSA_InitNetDnsFilter(HMODULE module)
{
P_WSALookupServiceBeginW WSALookupServiceBeginW;
P_WSALookupServiceNextW WSALookupServiceNextW;
P_WSALookupServiceEnd WSALookupServiceEnd;
List_Init(&WSA_FilterList);
//
// Load filter rules
//
WCHAR conf_buf[256];
for (ULONG index = 0; ; ++index) {
NTSTATUS status = SbieApi_QueryConf(
NULL, L"NetworkDnsFilter", index, conf_buf, sizeof(conf_buf) - 16 * sizeof(WCHAR));
if (!NT_SUCCESS(status))
break;
ULONG level = -1;
WCHAR* value = Config_MatchImageAndGetValue(conf_buf, Dll_ImageName, &level);
if (!value)
continue;
WCHAR* domain_ip = wcschr(value, L':');
if (domain_ip)
*domain_ip++ = L'\0';
PATTERN* pat = Pattern_Create(Dll_Pool, value, TRUE, level);
if (domain_ip) {
LIST* entries = (LIST*)Dll_Alloc(sizeof(LIST));
List_Init(entries);
BOOLEAN HasV6 = FALSE;
const WCHAR* ip_value = domain_ip;
ULONG ip_len = wcslen(domain_ip);
for (const WCHAR* ip_end = ip_value + ip_len; ip_value < ip_end;) {
const WCHAR* ip_str1;
ULONG ip_len1;
ip_value = SbieDll_GetTagValue(ip_value, ip_end, &ip_str1, &ip_len1, L';');
IP_ENTRY* entry = (IP_ENTRY*)Dll_Alloc(sizeof(IP_ENTRY));
if (_inet_xton(ip_str1, ip_len1, &entry->IP, &entry->Type) == 1) {
if (entry->Type == AF_INET6)
HasV6 = TRUE;
List_Insert_After(entries, NULL, entry);
}
}
if (!HasV6) {
//
// when there are no IPv6 entries create mapped once from the v4 ips
//
for (IP_ENTRY* entry = (IP_ENTRY*)List_Head(entries); entry && entry->Type == AF_INET; entry = (IP_ENTRY*)List_Next(entry)) {
IP_ENTRY* entry6 = (IP_ENTRY*)Dll_Alloc(sizeof(IP_ENTRY));
entry6->Type = AF_INET6;
entry6->IP = entry->IP;
List_Insert_After(entries, NULL, entry6);
}
}
PVOID* aux = Pattern_Aux(pat);
*aux = entries;
}
List_Insert_After(&WSA_FilterList, NULL, pat);
}
if (WSA_FilterList.count > 0) {
WSA_FilterEnabled = TRUE;
map_init(&WSA_LookupMap, Dll_Pool);
SCertInfo CertInfo = { 0 };
if (!NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, -1, (ULONG_PTR)&CertInfo, sizeof(CertInfo))) || !CERT_IS_LEVEL(CertInfo, eCertAdvanced)) {
const WCHAR* strings[] = { L"NetworkDnsFilter" , NULL };
SbieApi_LogMsgExt(-1, 6009, strings);
WSA_FilterEnabled = FALSE;
}
}
//
// Setup DNS hooks
//
WSALookupServiceBeginW = (P_WSALookupServiceBeginW)GetProcAddress(module, "WSALookupServiceBeginW");
if (WSALookupServiceBeginW) {
SBIEDLL_HOOK(WSA_,WSALookupServiceBeginW);
}
WSALookupServiceNextW = (P_WSALookupServiceNextW)GetProcAddress(module, "WSALookupServiceNextW");
if (WSALookupServiceNextW) {
SBIEDLL_HOOK(WSA_,WSALookupServiceNextW);
}
WSALookupServiceEnd = (P_WSALookupServiceEnd)GetProcAddress(module, "WSALookupServiceEnd");
if (WSALookupServiceEnd) {
SBIEDLL_HOOK(WSA_,WSALookupServiceEnd);
}
// If there are any DnsTrace options set, then output this debug string
WCHAR wsTraceOptions[4];
if (SbieApi_QueryConf(NULL, L"DnsTrace", 0, wsTraceOptions, sizeof(wsTraceOptions)) == STATUS_SUCCESS && wsTraceOptions[0] != L'\0')
WSA_DnsTraceFlag = TRUE;
return TRUE;
}
//---------------------------------------------------------------------------
// WSA_WSALookupServiceBeginW
//---------------------------------------------------------------------------
_FX int WSA_WSALookupServiceBeginW(
LPWSAQUERYSETW lpqsRestrictions,
DWORD dwControlFlags,
LPHANDLE lphLookup)
{
int ret = __sys_WSALookupServiceBeginW(lpqsRestrictions, dwControlFlags, lphLookup);
if (WSA_DnsTraceFlag) {
WCHAR ClsId[64] = { 0 };
if (lpqsRestrictions->lpServiceClassId) {
Sbie_snwprintf(ClsId, 64, L" (ClsId: %08lX-%04hX-%04hX-%02hhX%02hhX-%02hhX%02hhX%02hhX%02hhX%02hhX%02hhX)",
lpqsRestrictions->lpServiceClassId->Data1, lpqsRestrictions->lpServiceClassId->Data2, lpqsRestrictions->lpServiceClassId->Data3,
lpqsRestrictions->lpServiceClassId->Data4[0], lpqsRestrictions->lpServiceClassId->Data4[1], lpqsRestrictions->lpServiceClassId->Data4[2], lpqsRestrictions->lpServiceClassId->Data4[3],
lpqsRestrictions->lpServiceClassId->Data4[4], lpqsRestrictions->lpServiceClassId->Data4[5], lpqsRestrictions->lpServiceClassId->Data4[6], lpqsRestrictions->lpServiceClassId->Data4[7]);
}
WCHAR msg[256];
Sbie_snwprintf(msg, 256, L"DNS Request Begin: %s%s, NS: %d, Hdl: 0x%x, Err: %d)",
lpqsRestrictions->lpszServiceInstanceName ? lpqsRestrictions->lpszServiceInstanceName : L"Unnamed",
ClsId, lpqsRestrictions->dwNameSpace, lphLookup ? *lphLookup : NULL, ret == SOCKET_ERROR ? GetLastError() : 0);
SbieApi_MonitorPutMsg(MONITOR_DNS, msg);
}
if (WSA_FilterEnabled && ret == NO_ERROR) {
if (lpqsRestrictions->lpszServiceInstanceName) {
ULONG path_len = wcslen(lpqsRestrictions->lpszServiceInstanceName);
WCHAR* path_lwr = (WCHAR*)Dll_AllocTemp((path_len + 4) * sizeof(WCHAR));
wmemcpy(path_lwr, lpqsRestrictions->lpszServiceInstanceName, path_len);
path_lwr[path_len] = L'\0';
_wcslwr(path_lwr);
PATTERN* found;
if (Pattern_MatchPathList(path_lwr, path_len, &WSA_FilterList, NULL, NULL, NULL, &found) > 0) {
WCHAR msg[256];
Sbie_snwprintf(msg, 256, L"DNS Request Filtered: %s (Hdl: 0x%x)", Pattern_Source(found), *lphLookup);
SbieApi_MonitorPutMsg(MONITOR_DNS | MONITOR_DENY, msg);
WSA_LOOKUP* pLookup = WSA_GetLookup(*lphLookup, TRUE);
PVOID* aux = Pattern_Aux(found);
if (*aux)
pLookup->pEntries = (LIST*)*aux;
else
pLookup->NoMore = TRUE;
}
}
}
return ret;
}
//---------------------------------------------------------------------------
// WSA_WSALookupServiceNextW
//---------------------------------------------------------------------------
_FX int WSA_WSALookupServiceNextW(
HANDLE hLookup,
DWORD dwControlFlags,
LPDWORD lpdwBufferLength,
LPWSAQUERYSETW lpqsResults)
{
WSA_LOOKUP* pLookup = NULL;
if (WSA_FilterEnabled) {
pLookup = WSA_GetLookup(hLookup, FALSE);
if (pLookup && pLookup->NoMore) {
SetLastError(WSA_E_NO_MORE);
return SOCKET_ERROR;
}
}
int ret = __sys_WSALookupServiceNextW(hLookup, dwControlFlags, lpdwBufferLength, lpqsResults);
if (pLookup && pLookup->pEntries) {
//
// This is a bit a simplified implementation, it assumes that all results are always of the same time
// else it may truncate it early, also it cant return more results the have been found.
//
if (lpqsResults->dwNumberOfCsAddrs > 0) {
IP_ENTRY* entry = (IP_ENTRY*)List_Head(pLookup->pEntries);
for (DWORD i = 0; i < lpqsResults->dwNumberOfCsAddrs; i++) {
USHORT af = lpqsResults->lpcsaBuffer[i].RemoteAddr.lpSockaddr->sa_family;
for (; entry && entry->Type != af; entry = (IP_ENTRY*)List_Next(entry)); // skip to an antry of teh right type
if (!entry) { // no more entries clear remaining results
lpqsResults->dwNumberOfCsAddrs = i;
break;
}
if (af == AF_INET6)
memcpy(((SOCKADDR_IN6_LH*)lpqsResults->lpcsaBuffer[i].RemoteAddr.lpSockaddr)->sin6_addr.u.Byte, entry->IP.Data, 16);
else if (af == AF_INET)
((SOCKADDR_IN*)lpqsResults->lpcsaBuffer[i].RemoteAddr.lpSockaddr)->sin_addr.S_un.S_addr = entry->IP.Data32[3];
entry = (IP_ENTRY*)List_Next(entry);
}
}
if (lpqsResults->lpBlob != NULL) {
IP_ENTRY* entry = (IP_ENTRY*)List_Head(pLookup->pEntries);
HOSTENT* hp = (HOSTENT*)lpqsResults->lpBlob->pBlobData;
if (hp->h_addrtype == AF_INET6 || hp->h_addrtype == AF_INET) {
for (PCHAR* Addr = (PCHAR*)(((UINT_PTR)hp->h_addr_list + (UINT_PTR)hp)); *Addr; Addr++) {
for (; entry && entry->Type != hp->h_addrtype; entry = (IP_ENTRY*)List_Next(entry)); // skip to an antry of teh right type
if (!entry) { // no more entries clear remaining results
*Addr = 0;
continue;
}
PCHAR ptr = (PCHAR)(((UINT_PTR)*Addr + (UINT_PTR)hp));
if (hp->h_addrtype == AF_INET6)
memcpy(ptr, entry->IP.Data, 16);
else if (hp->h_addrtype == AF_INET)
*(DWORD*)ptr = entry->IP.Data32[3];
entry = (IP_ENTRY*)List_Next(entry);
}
}
}
pLookup->NoMore = TRUE;
}
if (WSA_DnsTraceFlag) {
WCHAR msg[2048];
Sbie_snwprintf(msg, 256, L"DNS Request Found: %s (NS: %d, Hdl: 0x%x, Err: %d)",
lpqsResults->lpszServiceInstanceName, lpqsResults->dwNameSpace, hLookup, ret == SOCKET_ERROR ? GetLastError() : 0);
for (DWORD i = 0; i < lpqsResults->dwNumberOfCsAddrs; i++) {
IP_ADDRESS ip;
if (WSA_GetIP(lpqsResults->lpcsaBuffer[i].RemoteAddr.lpSockaddr, lpqsResults->lpcsaBuffer[i].RemoteAddr.iSockaddrLength, &ip))
WSA_DumpIP(lpqsResults->lpcsaBuffer[i].RemoteAddr.lpSockaddr->sa_family, &ip, msg);
}
if (lpqsResults->lpBlob != NULL) {
HOSTENT* hp = (HOSTENT*)lpqsResults->lpBlob->pBlobData;
if (hp->h_addrtype != AF_INET6 && hp->h_addrtype != AF_INET) {
WSA_DumpIP(hp->h_addrtype, NULL, msg);
}
else if (hp->h_addr_list) {
for (PCHAR* Addr = (PCHAR*)(((UINT_PTR)hp->h_addr_list + (UINT_PTR)hp)); *Addr; Addr++) {
PCHAR ptr = (PCHAR)(((UINT_PTR)*Addr + (UINT_PTR)hp));
IP_ADDRESS ip;
if (hp->h_addrtype == AF_INET6)
memcpy(ip.Data, ptr, 16);
else if (hp->h_addrtype == AF_INET)
ip.Data32[3] = *(DWORD*)ptr;
WSA_DumpIP(hp->h_addrtype, &ip, msg);
}
}
}
SbieApi_MonitorPutMsg(MONITOR_DNS, msg);
}
return ret;
}
//---------------------------------------------------------------------------
// WSA_WSALookupServiceEnd
//---------------------------------------------------------------------------
_FX int WSA_WSALookupServiceEnd(HANDLE hLookup)
{
if (WSA_FilterEnabled)
map_remove(&WSA_LookupMap, hLookup);
if (WSA_DnsTraceFlag) {
WCHAR msg[256];
Sbie_snwprintf(msg, 256, L"DNS Request End (Hdl: 0x%x)", hLookup);
SbieApi_MonitorPutMsg(MONITOR_DNS, msg);
}
return __sys_WSALookupServiceEnd(hLookup);
}

118
Sandboxie/core/dll/file.c
View File

@ -118,6 +118,9 @@ SBIEDLL_EXPORT NTSTATUS File_GetName(
HANDLE RootDirectory, UNICODE_STRING *ObjectName,
WCHAR **OutTruePath, WCHAR **OutCopyPath, ULONG *OutFlags);
static WCHAR *File_TranslateDosToNtPath2(
const WCHAR *DosPath, ULONG DosPathLen);
static WCHAR *File_GetName_TranslateSymlinks(
THREAD_DATA *TlsData, const WCHAR *objname_buf, ULONG objname_len,
BOOLEAN *translated);
@ -262,6 +265,15 @@ static NTSTATUS File_NtDeleteFile(OBJECT_ATTRIBUTES *ObjectAttributes);
static NTSTATUS File_NtDeleteFileImpl(OBJECT_ATTRIBUTES *ObjectAttributes);
static WCHAR *File_ConcatPath2(
const WCHAR *Path1, ULONG Path1Len, const WCHAR *Path2, ULONG Path2Len);
static WCHAR* File_CanonizePath(
const wchar_t* absolute_path, ULONG abs_path_len, const wchar_t* relative_path, ULONG rel_path_len);
static NTSTATUS File_OpenForRenameFile(
HANDLE* pSourceHandle, const WCHAR *TruePath);
static NTSTATUS File_RenameFile(
HANDLE FileHandle, void *info, BOOLEAN LinkOp);
@ -6659,6 +6671,63 @@ _FX LONG File_RenameOpenFile(
}
//---------------------------------------------------------------------------
// File_OpenForRenameFile
//---------------------------------------------------------------------------
_FX NTSTATUS File_OpenForRenameFile(
HANDLE* pSourceHandle, const WCHAR *TruePath)
{
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
NTSTATUS status;
OBJECT_ATTRIBUTES objattrs;
UNICODE_STRING objname;
IO_STATUS_BLOCK IoStatusBlock;
InitializeObjectAttributes(
&objattrs, &objname, OBJ_CASE_INSENSITIVE, NULL, Secure_NormalSD);
//
// open the file for write access. this should cause the file
// to be migrated into the sandbox, including its parent directories
//
RtlInitUnicodeString(&objname, TruePath);
++TlsData->file_dont_strip_write_access;
status = NtCreateFile(
pSourceHandle, FILE_GENERIC_WRITE | DELETE, &objattrs,
&IoStatusBlock, NULL, 0, FILE_SHARE_VALID_FLAGS,
FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0);
if (status == STATUS_SHARING_VIOLATION ||
status == STATUS_ACCESS_DENIED) {
//
// Windows Mail opens *.eml files with a combination of
// FILE_SHARE_READ | FILE_SHARE_DELETE, but not FILE_SHARE_WRITE,
// which means we can't open them with FILE_GENERIC_WRITE
// during rename processing here
//
// also, for read-only files, we get an error when we open them
// for FILE_GENERIC_WRITE, but just DELETE should also work
//
status = NtCreateFile(
pSourceHandle, SYNCHRONIZE | DELETE, &objattrs,
&IoStatusBlock, NULL, 0, FILE_SHARE_VALID_FLAGS,
FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0);
}
--TlsData->file_dont_strip_write_access;
return status;
}
//---------------------------------------------------------------------------
// File_RenameFile
//---------------------------------------------------------------------------
@ -6718,52 +6787,23 @@ _FX NTSTATUS File_RenameFile(
__leave;
//
// open the file for write access. this should cause the file
// to be migrated into the sandbox, including its parent directories
// migrate into the sandbox, including its parent directories
//
RtlInitUnicodeString(&objname, TruePath);
status = File_OpenForRenameFile(&SourceHandle, TruePath);
++TlsData->file_dont_strip_write_access;
//
// if we still get STATUS_SHARING_VIOLATION, give up on trying
// to make sure the file is migrated into the sandbox, and hope
// that the input FileHandle is suitable for a rename operation
//
status = NtCreateFile(
&SourceHandle, FILE_GENERIC_WRITE | DELETE, &objattrs,
&IoStatusBlock, NULL, 0, FILE_SHARE_VALID_FLAGS,
FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0);
if (status == STATUS_SHARING_VIOLATION) {
if (status == STATUS_SHARING_VIOLATION ||
status == STATUS_ACCESS_DENIED) {
//
// Windows Mail opens *.eml files with a combination of
// FILE_SHARE_READ | FILE_SHARE_DELETE, but not FILE_SHARE_WRITE,
// which means we can't open them with FILE_GENERIC_WRITE
// during rename processing here
//
// also, for read-only files, we get an error when we open them
// for FILE_GENERIC_WRITE, but just DELETE should also work
//
status = NtCreateFile(
&SourceHandle, SYNCHRONIZE | DELETE, &objattrs,
&IoStatusBlock, NULL, 0, FILE_SHARE_VALID_FLAGS,
FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0);
//
// if we still get STATUS_SHARING_VIOLATION, give up on trying
// to make sure the file is migrated into the sandbox, and hope
// that the input FileHandle is suitable for a rename operation
//
if (status == STATUS_SHARING_VIOLATION) {
SourceHandle = FileHandle;
status = STATUS_SUCCESS;
}
SourceHandle = FileHandle;
status = STATUS_SUCCESS;
}
--TlsData->file_dont_strip_write_access;
if (! NT_SUCCESS(status))
__leave;

25
Sandboxie/core/dll/file_del.c
View File

@ -549,11 +549,11 @@ _FX VOID File_SavePathTree_internal(LIST* Root, const WCHAR* name, WCHAR* (*Tran
//---------------------------------------------------------------------------
// File_TranslateNtToDosPath2
// File_TranslateNtToDosPathForDatFile
//---------------------------------------------------------------------------
_FX WCHAR* File_TranslateNtToDosPath2(const WCHAR *NtPath)
_FX WCHAR* File_TranslateNtToDosPathForDatFile(const WCHAR *NtPath)
{
WCHAR *DosPath = NULL;
ULONG len_nt;
@ -635,7 +635,7 @@ _FX BOOLEAN File_SavePathTree()
{
EnterCriticalSection(File_PathRoot_CritSec);
File_SavePathTree_internal(&File_PathRoot, FILE_PATH_FILE_NAME, File_TranslateNtToDosPath2);
File_SavePathTree_internal(&File_PathRoot, FILE_PATH_FILE_NAME, File_TranslateNtToDosPathForDatFile);
File_GetAttributes_internal(FILE_PATH_FILE_NAME, &File_PathsFileSize, &File_PathsFileDate, NULL);
@ -764,14 +764,13 @@ _FX BOOLEAN File_LoadPathTree_internal(LIST* Root, const WCHAR* name, WCHAR* (*T
//---------------------------------------------------------------------------
// File_TranslateDosToNtPath2
// File_TranslateDosToNtPathForDatFile
//---------------------------------------------------------------------------
_FX WCHAR *File_TranslateDosToNtPath2(const WCHAR *DosPath)
_FX WCHAR *File_TranslateDosToNtPathForDatFile(const WCHAR *DosPath)
{
WCHAR *NtPath = NULL;
ULONG len_dos;
if (DosPath && DosPath[0] && DosPath[1]) {
@ -782,10 +781,7 @@ _FX WCHAR *File_TranslateDosToNtPath2(const WCHAR *DosPath)
//
DosPath += 2;
len_dos = wcslen(DosPath) + 1;
NtPath = Dll_Alloc((File_MupLen + len_dos) * sizeof(WCHAR));
wmemcpy(NtPath, File_Mup, File_MupLen);
wmemcpy(NtPath + File_MupLen, DosPath, len_dos);
NtPath = File_ConcatPath2(File_Mup, File_MupLen, DosPath, wcslen(DosPath));
} else if (DosPath[0] != L'\\') {
@ -815,10 +811,7 @@ _FX WCHAR *File_TranslateDosToNtPath2(const WCHAR *DosPath)
}
DosPath += path_pos;
len_dos = wcslen(DosPath) + 1;
NtPath = Dll_Alloc((drive->len + len_dos) * sizeof(WCHAR));
wmemcpy(NtPath, drive->path, drive->len);
wmemcpy(NtPath + drive->len, DosPath, len_dos);
NtPath = File_ConcatPath2(drive->path, drive->len, DosPath, wcslen(DosPath));
LeaveCriticalSection(File_DrivesAndLinks_CritSec);
}
@ -841,7 +834,7 @@ _FX BOOLEAN File_LoadPathTree()
EnterCriticalSection(File_PathRoot_CritSec);
File_LoadPathTree_internal(&File_PathRoot, FILE_PATH_FILE_NAME, File_TranslateDosToNtPath2);
File_LoadPathTree_internal(&File_PathRoot, FILE_PATH_FILE_NAME, File_TranslateDosToNtPathForDatFile);
LeaveCriticalSection(File_PathRoot_CritSec);
@ -1038,7 +1031,7 @@ _FX NTSTATUS File_MarkDeleted_v2(const WCHAR* TruePath)
HANDLE hPathsFile;
if (File_OpenDataFile(FILE_PATH_FILE_NAME, &hPathsFile, TRUE))
{
File_AppendPathEntry_internal(hPathsFile, Path, FILE_DELETED_FLAG, NULL, File_TranslateNtToDosPath2);
File_AppendPathEntry_internal(hPathsFile, Path, FILE_DELETED_FLAG, NULL, File_TranslateNtToDosPathForDatFile);
NtClose(hPathsFile);

181
Sandboxie/core/dll/file_dir.c
View File

@ -3162,6 +3162,59 @@ _FX NTSTATUS File_NtQueryVolumeInformationFile(
}
//---------------------------------------------------------------------------
// File_CanonizePath
//---------------------------------------------------------------------------
WCHAR* File_CanonizePath(const wchar_t* absolute_path, ULONG abs_path_len, const wchar_t* relative_path, ULONG rel_path_len)
{
ULONG i, j;
while(absolute_path[abs_path_len-1] == L'\\')
abs_path_len--;
WCHAR* result = Dll_Alloc((abs_path_len + rel_path_len + 1) * sizeof(wchar_t));
if (!result) return NULL;
wcsncpy(result, absolute_path, abs_path_len);
result[abs_path_len] = 0;
for (i = 0; i < rel_path_len; ) {
if (relative_path[i] == L'.' && relative_path[i + 1] == L'.' && (relative_path[i + 2] == L'\\' || relative_path[i + 2] == L'\0')) {
for (j = abs_path_len - 1; j >= 0 && result[j] != L'\\'; --j)
result[j] = L'\0';
if (j >= 0)
result[j] = L'\0';
abs_path_len = j;
i += 3;
} else if (relative_path[i] == L'.') {
i += 2;
} else {
for (j = i; j < rel_path_len && relative_path[j] != L'\\' && relative_path[j] != L'\0'; ++j)
;
result[abs_path_len] = L'\\';
wcsncpy(result + abs_path_len + 1, &relative_path[i], j - i);
result[abs_path_len + j - i + 1] = L'\0';
abs_path_len += j - i + 1;
i = j + 1;
}
}
return result;
}
//---------------------------------------------------------------------------
// File_SetReparsePoint
//---------------------------------------------------------------------------
@ -3170,23 +3223,27 @@ _FX NTSTATUS File_NtQueryVolumeInformationFile(
_FX NTSTATUS File_SetReparsePoint(
HANDLE FileHandle, PREPARSE_DATA_BUFFER Data, ULONG DataLen)
{
THREAD_DATA *TlsData;
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
NTSTATUS status;
UNICODE_STRING objname;
OBJECT_ATTRIBUTES objattrs;
WCHAR *TruePath, *CopyPath;
//WCHAR *SourcePath = NULL, *TargetPath = NULL;
WCHAR* AbsolutePath = NULL;
ULONG FileFlags, mp_flags;
PREPARSE_DATA_BUFFER NewData = NULL;
ULONG NewDataLen;
IO_STATUS_BLOCK MyIoStatusBlock;
BOOLEAN MigrateTarget = FALSE;
if (! Data)
return STATUS_BAD_INITIAL_PC;
//
// get paths to source and target directories
//
TlsData = Dll_GetTlsData(NULL);
Dll_PushTlsNameBuffer(TlsData);
__try {
@ -3194,39 +3251,13 @@ _FX NTSTATUS File_SetReparsePoint(
WCHAR* SubstituteNameBuffer;
USHORT PrintNameLength;
WCHAR* PrintNameBuffer;
//BOOLEAN RelativePath = FALSE;
if (! Data)
return STATUS_BAD_INITIAL_PC;
if (Data->ReparseTag == IO_REPARSE_TAG_SYMLINK)
{
SubstituteNameLength = Data->SymbolicLinkReparseBuffer.SubstituteNameLength;
SubstituteNameBuffer = &Data->SymbolicLinkReparseBuffer.PathBuffer[Data->SymbolicLinkReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
PrintNameLength = Data->SymbolicLinkReparseBuffer.PrintNameLength;
PrintNameBuffer = &Data->SymbolicLinkReparseBuffer.PathBuffer[Data->SymbolicLinkReparseBuffer.PrintNameOffset/sizeof(WCHAR)];
if (Data->SymbolicLinkReparseBuffer.Flags & SYMLINK_FLAG_RELATIVE)
return STATUS_BAD_INITIAL_PC; //RelativePath = TRUE; // let it be done normally
NewDataLen = (UFIELD_OFFSET(REPARSE_DATA_BUFFER, SymbolicLinkReparseBuffer.PathBuffer) - UFIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer));
}
else if (Data->ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
{
SubstituteNameLength = Data->MountPointReparseBuffer.SubstituteNameLength;
SubstituteNameBuffer = &Data->MountPointReparseBuffer.PathBuffer[Data->MountPointReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
PrintNameLength = Data->MountPointReparseBuffer.PrintNameLength;
PrintNameBuffer = &Data->MountPointReparseBuffer.PathBuffer[Data->MountPointReparseBuffer.PrintNameOffset/sizeof(WCHAR)];
NewDataLen = (UFIELD_OFFSET(REPARSE_DATA_BUFFER, MountPointReparseBuffer.PathBuffer) - UFIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer));
}
else
return STATUS_BAD_INITIAL_PC;
//
// get copy path of reparse source
//
RtlInitUnicodeString(&objname, L"");
InitializeObjectAttributes(
&objattrs, &objname, OBJ_CASE_INSENSITIVE, NULL, NULL);
@ -3251,6 +3282,38 @@ _FX NTSTATUS File_SetReparsePoint(
__leave;
}
//
// get the absolute reparse target path
//
if (Data->ReparseTag == IO_REPARSE_TAG_SYMLINK)
{
SubstituteNameLength = Data->SymbolicLinkReparseBuffer.SubstituteNameLength;
SubstituteNameBuffer = &Data->SymbolicLinkReparseBuffer.PathBuffer[Data->SymbolicLinkReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
PrintNameLength = Data->SymbolicLinkReparseBuffer.PrintNameLength;
PrintNameBuffer = &Data->SymbolicLinkReparseBuffer.PathBuffer[Data->SymbolicLinkReparseBuffer.PrintNameOffset/sizeof(WCHAR)];
if (Data->SymbolicLinkReparseBuffer.Flags & SYMLINK_FLAG_RELATIVE) {
WCHAR* LinkName = wcsrchr(TruePath, L'\\');
AbsolutePath = File_CanonizePath(TruePath, (ULONG)(LinkName - TruePath), SubstituteNameBuffer, SubstituteNameLength / sizeof(wchar_t));
}
NewDataLen = (UFIELD_OFFSET(REPARSE_DATA_BUFFER, SymbolicLinkReparseBuffer.PathBuffer) - UFIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer));
}
else if (Data->ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
{
SubstituteNameLength = Data->MountPointReparseBuffer.SubstituteNameLength;
SubstituteNameBuffer = &Data->MountPointReparseBuffer.PathBuffer[Data->MountPointReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
PrintNameLength = Data->MountPointReparseBuffer.PrintNameLength;
PrintNameBuffer = &Data->MountPointReparseBuffer.PathBuffer[Data->MountPointReparseBuffer.PrintNameOffset/sizeof(WCHAR)];
NewDataLen = (UFIELD_OFFSET(REPARSE_DATA_BUFFER, MountPointReparseBuffer.PathBuffer) - UFIELD_OFFSET(REPARSE_DATA_BUFFER, GenericReparseBuffer));
}
else {
status = STATUS_BAD_INITIAL_PC;
__leave;
}
//if (File_Snapshot != NULL){
// WCHAR* TmplName = File_FindSnapshotPath(CopyPath);
// if (TmplName) CopyPath = TmplName;
@ -3263,20 +3326,44 @@ _FX NTSTATUS File_SetReparsePoint(
// get copy path of reparse target
//
objname.Length = SubstituteNameLength;
if (AbsolutePath) {
objname.Length = wcslen(AbsolutePath) * sizeof(wchar_t);
objname.Buffer = AbsolutePath;
} else {
objname.Length = SubstituteNameLength;
objname.Buffer = SubstituteNameBuffer;
}
objname.MaximumLength = objname.Length;
objname.Buffer = SubstituteNameBuffer;
status = File_GetName(NULL, &objname, &TruePath, &CopyPath, NULL);
if (! NT_SUCCESS(status))
__leave;
if (AbsolutePath) {
//
// We can allow for a relative path in the box but must ensure the hatget gets migrated
//
MigrateTarget = TRUE;
status = STATUS_BAD_INITIAL_PC;
__leave;
}
//TargetPath = Dll_Alloc((wcslen(CopyPath) + 4) * sizeof(WCHAR));
//wcscpy(TargetPath, CopyPath);
WCHAR* NewSubstituteNameBuffer = CopyPath;
WCHAR* OldPrintNameBuffer = PrintNameBuffer; // we don't need to change the display name
if (Data->ReparseTag == IO_REPARSE_TAG_SYMLINK) {
SubstituteNameLength = wcslen(CopyPath) * sizeof(WCHAR);
SbieDll_TranslateNtToDosPath(NewSubstituteNameBuffer);
memmove(NewSubstituteNameBuffer + 4, NewSubstituteNameBuffer, (wcslen(NewSubstituteNameBuffer) + 1) * sizeof(wchar_t));
wcsncpy(NewSubstituteNameBuffer, L"\\??\\", 4);
}
SubstituteNameLength = wcslen(NewSubstituteNameBuffer) * sizeof(WCHAR);
NewDataLen += SubstituteNameLength + sizeof(WCHAR) + PrintNameLength + sizeof(WCHAR) + 8;
NewData = Dll_Alloc(NewDataLen);
@ -3306,7 +3393,7 @@ _FX NTSTATUS File_SetReparsePoint(
PrintNameBuffer = &NewData->MountPointReparseBuffer.PathBuffer[NewData->MountPointReparseBuffer.PrintNameOffset/sizeof(WCHAR)];
}
memcpy(SubstituteNameBuffer, CopyPath, SubstituteNameLength + sizeof(WCHAR));
memcpy(SubstituteNameBuffer, NewSubstituteNameBuffer, SubstituteNameLength + sizeof(WCHAR));
memcpy(PrintNameBuffer, OldPrintNameBuffer, PrintNameLength + sizeof(WCHAR));
} __except (EXCEPTION_EXECUTE_HANDLER) {
@ -3320,17 +3407,14 @@ _FX NTSTATUS File_SetReparsePoint(
if (NT_SUCCESS(status)) {
File_CreateBoxedPath(TruePath);
status = __sys_NtFsControlFile(
FileHandle, NULL, NULL, NULL,
&MyIoStatusBlock, FSCTL_SET_REPARSE_POINT,
NewData, NewDataLen,
NULL, 0);
}
if (NewData)
Dll_Free(NewData);
MigrateTarget = NT_SUCCESS(status);
}
/*
//
@ -3378,6 +3462,25 @@ _FX NTSTATUS File_SetReparsePoint(
if (TargetPath)
Dll_Free(TargetPath);*/
if (MigrateTarget) {
//
// We must migrate the file or directory into the sandbox as the path reparsing by NtCreateFile
// is done by the kernel and we do not "manually" reparse the path before invoking it,
// hence there must be the expected file at the path we are linking to.
//
HANDLE SourceHandle;
if (NT_SUCCESS(File_OpenForRenameFile(&SourceHandle, TruePath)))
NtClose(SourceHandle);
}
if (AbsolutePath)
Dll_Free(AbsolutePath);
if (NewData)
Dll_Free(NewData);
Dll_PopTlsNameBuffer(TlsData);
return status;

44
Sandboxie/core/dll/file_init.c
View File

@ -1665,14 +1665,29 @@ _FX WCHAR *File_AllocAndInitEnvironment_2(
//---------------------------------------------------------------------------
// File_TranslateDosToNtPath
// File_ConcatPath2
//---------------------------------------------------------------------------
_FX WCHAR *File_TranslateDosToNtPath(const WCHAR *DosPath)
_FX WCHAR *File_ConcatPath2(const WCHAR *Path1, ULONG Path1Len, const WCHAR *Path2, ULONG Path2Len)
{
ULONG Length = Path1Len + Path2Len;
WCHAR* Path = Dll_Alloc((Length + 1) * sizeof(WCHAR));
wmemcpy(Path, Path1, Path1Len);
wmemcpy(Path + Path1Len, Path2, Path2Len);
Path[Length] = L'\0';
return Path;
}
//---------------------------------------------------------------------------
// File_TranslateDosToNtPath2
//---------------------------------------------------------------------------
_FX WCHAR *File_TranslateDosToNtPath2(const WCHAR *DosPath, ULONG DosPathLen)
{
WCHAR *NtPath = NULL;
ULONG len_dos;
if (DosPath && DosPath[0] && DosPath[1]) {
@ -1682,11 +1697,7 @@ _FX WCHAR *File_TranslateDosToNtPath(const WCHAR *DosPath)
// network path
//
DosPath += 2;
len_dos = wcslen(DosPath) + 1;
NtPath = Dll_Alloc((File_MupLen + len_dos) * sizeof(WCHAR));
wmemcpy(NtPath, File_Mup, File_MupLen);
wmemcpy(NtPath + File_MupLen, DosPath, len_dos);
NtPath = File_ConcatPath2(File_Mup, File_MupLen, DosPath + 2, DosPathLen - 2);
} else if (DosPath[1] == L':' &&
(DosPath[2] == L'\\' || DosPath[2] == L'\0')) {
@ -1698,11 +1709,7 @@ _FX WCHAR *File_TranslateDosToNtPath(const WCHAR *DosPath)
FILE_DRIVE *drive = File_GetDriveForLetter(DosPath[0]);
if (drive) {
DosPath += 2;
len_dos = wcslen(DosPath) + 1;
NtPath = Dll_Alloc((drive->len + len_dos) * sizeof(WCHAR));
wmemcpy(NtPath, drive->path, drive->len);
wmemcpy(NtPath + drive->len, DosPath, len_dos);
NtPath = File_ConcatPath2(drive->path, drive->len, DosPath + 2, DosPathLen - 2);
LeaveCriticalSection(File_DrivesAndLinks_CritSec);
}
@ -1713,6 +1720,17 @@ _FX WCHAR *File_TranslateDosToNtPath(const WCHAR *DosPath)
}
//---------------------------------------------------------------------------
// File_TranslateDosToNtPath
//---------------------------------------------------------------------------
_FX WCHAR *File_TranslateDosToNtPath(const WCHAR *DosPath)
{
return File_TranslateDosToNtPath2(DosPath, DosPath ? wcslen(DosPath) : 0);
}
//---------------------------------------------------------------------------
// File_GetSetDeviceMap
//---------------------------------------------------------------------------

114
Sandboxie/core/dll/file_link.c
View File

@ -322,35 +322,45 @@ _FX FILE_GUID *File_GetLinkForGuid(const WCHAR* guid_str)
}
//---------------------------------------------------------------------------
// File_TranslateGuidToNtPath2
//---------------------------------------------------------------------------
_FX WCHAR* File_TranslateGuidToNtPath2(const WCHAR* GuidPath, ULONG GuidPathLen)
{
WCHAR* NtPath = NULL;
if (GuidPath && GuidPathLen >= 48 && _wcsnicmp(GuidPath, L"\\??\\Volume{", 11) == 0) {
//
// guid path
//
FILE_GUID* guid = File_GetLinkForGuid(&GuidPath[10]);
if (guid) {
File_ConcatPath2(guid->path, guid->len, GuidPath + 48, GuidPathLen - 48);
LeaveCriticalSection(File_DrivesAndLinks_CritSec);
}
}
return NtPath;
}
//---------------------------------------------------------------------------
// File_TranslateGuidToNtPath
//---------------------------------------------------------------------------
_FX WCHAR* File_TranslateGuidToNtPath(const WCHAR* input_str)
_FX WCHAR* File_TranslateGuidToNtPath(const WCHAR* GuidPath)
{
ULONG len;
WCHAR* NtPath;
if (_wcsnicmp(input_str, L"\\??\\Volume{", 11) != 0)
return NULL;
FILE_GUID* guid = File_GetLinkForGuid(&input_str[10]);
if (guid) {
input_str += 48;
len = wcslen(input_str) + 1;
NtPath = Dll_Alloc((guid->len + len) * sizeof(WCHAR));
wmemcpy(NtPath, guid->path, guid->len);
wmemcpy(NtPath + guid->len, input_str, len);
LeaveCriticalSection(File_DrivesAndLinks_CritSec);
return NtPath;
}
return NULL;
return File_TranslateGuidToNtPath2(GuidPath, GuidPath ? wcslen(GuidPath) : 0);
}
//---------------------------------------------------------------------------
// File_AddLink
//---------------------------------------------------------------------------
@ -962,7 +972,7 @@ _FX NTSTATUS File_OpenForAddTempLink(HANDLE* handle, WCHAR *path, BOOLEAN OpenRe
handle, (OpenReparsePoint ? FILE_GENERIC_READ : FILE_READ_ATTRIBUTES) | SYNCHRONIZE, &objattrs,
&IoStatusBlock, NULL, 0, FILE_SHARE_VALID_FLAGS,
FILE_OPEN,
FILE_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT | (OpenReparsePoint ? FILE_OPEN_REPARSE_POINT : 0),
/*FILE_DIRECTORY_FILE |*/ FILE_SYNCHRONOUS_IO_NONALERT | (OpenReparsePoint ? FILE_OPEN_REPARSE_POINT : 0),
NULL, 0);
Dll_PopTlsNameBuffer(TlsData);
@ -983,7 +993,7 @@ _FX NTSTATUS File_OpenForAddTempLink(HANDLE* handle, WCHAR *path, BOOLEAN OpenRe
handle, (OpenReparsePoint ? FILE_GENERIC_READ : FILE_READ_ATTRIBUTES) | SYNCHRONIZE, &objattrs,
&IoStatusBlock, NULL, 0, FILE_SHARE_VALID_FLAGS,
FILE_OPEN,
FILE_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT | (OpenReparsePoint ? FILE_OPEN_REPARSE_POINT : 0),
/*FILE_DIRECTORY_FILE |*/ FILE_SYNCHRONOUS_IO_NONALERT | (OpenReparsePoint ? FILE_OPEN_REPARSE_POINT : 0),
NULL, 0);
}
@ -1036,47 +1046,49 @@ _FX FILE_LINK *File_AddTempLink(WCHAR *path)
if (NT_SUCCESS(status)) {
WCHAR* SubstituteNameBuffer = NULL;
//WCHAR* PrintNameBuffer = NULL;
ULONG SubstituteNameLength = 0;
BOOL RelativePath = FALSE;
if (reparseDataBuffer->ReparseTag == IO_REPARSE_TAG_SYMLINK)
{
if (reparseDataBuffer->ReparseTag == IO_REPARSE_TAG_SYMLINK) {
SubstituteNameBuffer = &reparseDataBuffer->SymbolicLinkReparseBuffer.PathBuffer[reparseDataBuffer->SymbolicLinkReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
if (reparseDataBuffer->SymbolicLinkReparseBuffer.Flags & SYMLINK_FLAG_RELATIVE)
RelativePath = TRUE;
SubstituteNameBuffer[reparseDataBuffer->SymbolicLinkReparseBuffer.SubstituteNameLength / sizeof(WCHAR)] = 0;
}
else if (reparseDataBuffer->ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
{
SubstituteNameLength = reparseDataBuffer->SymbolicLinkReparseBuffer.SubstituteNameLength;
} else if (reparseDataBuffer->ReparseTag == IO_REPARSE_TAG_MOUNT_POINT) {
SubstituteNameBuffer = &reparseDataBuffer->MountPointReparseBuffer.PathBuffer[reparseDataBuffer->MountPointReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
SubstituteNameBuffer[reparseDataBuffer->MountPointReparseBuffer.SubstituteNameLength / sizeof(WCHAR)] = 0;
SubstituteNameLength = reparseDataBuffer->MountPointReparseBuffer.SubstituteNameLength;
}
if (SubstituteNameBuffer)
{
if (RelativePath)
{
// todo RelativePath - for now we fall back to the old method
}
else
{
WCHAR* input_str = SubstituteNameBuffer;
if (SubstituteNameBuffer) {
WCHAR* input_str = NULL;
if (RelativePath) {
WCHAR* LinkName = wcsrchr(path, L'\\');
input_str = File_CanonizePath(path, (ULONG)(LinkName - path), SubstituteNameBuffer, SubstituteNameLength / sizeof(WCHAR));
} else {
input_str = SubstituteNameBuffer;
if (_wcsnicmp(input_str, L"\\??\\Volume{", 11) == 0)
input_str = File_TranslateGuidToNtPath(SubstituteNameBuffer);
input_str = File_TranslateGuidToNtPath2(SubstituteNameBuffer, SubstituteNameLength / sizeof(WCHAR));
else if (_wcsnicmp(input_str, File_BQQB, 4) == 0)
input_str = File_TranslateDosToNtPath(SubstituteNameBuffer + 4);
input_str = File_TranslateDosToNtPath2(SubstituteNameBuffer + 4, (SubstituteNameLength / sizeof(WCHAR)) - 4);
}
if (input_str) {
if (input_str) {
ULONG input_len = wcslen(input_str);
while (input_len > 0 && input_str[input_len - 1] == L'\\')
input_len -= 1; // remove trailing backslash
ULONG input_len = wcslen(input_str);
while (input_len > 0 && input_str[input_len - 1] == L'\\')
input_len -= 1; // remove trailing backslash
newpath = File_TranslateTempLinks_2(input_str, input_len);
newpath = File_TranslateTempLinks_2(input_str, input_len);
if (input_str != SubstituteNameBuffer)
Dll_Free(input_str);
}
if (input_str != SubstituteNameBuffer)
Dll_Free(input_str);
}
}
}

20
Sandboxie/core/dll/gdi.c
View File

@ -312,7 +312,7 @@ _FX BOOL Gdi_DeleteDC(HDC hdc)
// HDC hdcSrc, int x1, int y1, DWORD rop
//) {
// int ret = __sys_BitBlt(hdc, x, y, cx, cy, hdcSrc, x1, y1, rop);
// /*if (SbieApi_QueryConfBool(NULL, L"IsBlockCapture", FALSE)) {
// /*if (Gui_UseBlockCapture) {
//
// typedef int (*P_GetDeviceCaps)(_In_opt_ HDC hdc, _In_ int index);
// P_GetDeviceCaps GetDeviceCaps = Ldr_GetProcAddrNew(DllName_gdi32, "GetDeviceCaps", "GetDeviceCaps"); if (!GetDeviceCaps) return ret;
@ -337,7 +337,7 @@ _FX BOOL Gdi_DeleteDC(HDC hdc)
//)
//{
// int ret = __sys_StretchBlt(hdcDest, xDest, yDest, wDest, hDest, hdcSrc, xSrc, ySrc, wSrc, hSrc, rop);
// /*if (SbieApi_QueryConfBool(NULL, L"IsBlockCapture", FALSE)) {
// /*if (Gui_UseBlockCapture) {
//
// typedef int (*P_GetDeviceCaps)(_In_opt_ HDC hdc, _In_ int index);
// P_GetDeviceCaps GetDeviceCaps = Ldr_GetProcAddrNew(DllName_gdi32, "GetDeviceCaps", "GetDeviceCaps"); if (!GetDeviceCaps) return ret;
@ -922,7 +922,7 @@ _FX BOOLEAN Gdi_Full_Init_impl(HMODULE module, BOOLEAN full)
InitializeCriticalSection(&Gdi_CritSec);
Gui_UseBlockCapture = SbieApi_QueryConfBool(NULL, L"IsBlockCapture", FALSE);
Gui_UseBlockCapture = SbieApi_QueryConfBool(NULL, L"BlockScreenCapture", FALSE);
if (Gui_UseBlockCapture)
Gdi_InitDCCache();
@ -1112,7 +1112,6 @@ static CRITICAL_SECTION Gui_DCCache_CritSec;
typedef struct _DUMMY_DC{
BOOLEAN bDelete;
HBITMAP hBmp;
} DUMMY_DC;
@ -1157,13 +1156,6 @@ _FX HDC Gdi_GetDummyDC(HDC dc, HWND hWnd)
if (!dummy)
dummy = map_insert(&Gui_DCCache, ret, NULL, sizeof(DUMMY_DC));
//
// Note: GetDC GetDCEx GetWindowDC must use ReleaseDC, while CreateDC must use DeleteDC
// We set bDelete = TRUE to make Gdi_OnFreeDC delete the DC and return NULL
// then Gui_ReleaseDC will not call __sys_ReleaseDC
//
dummy->bDelete = !!hWnd;
dummy->hBmp = bmp;
LeaveCriticalSection(&Gui_DCCache_CritSec);
@ -1190,10 +1182,8 @@ _FX HDC Gdi_OnFreeDC(HDC dc)
DeleteObject(dummy->hBmp);
if (dummy->bDelete) {
__sys_DeleteDC(dc);
ret = NULL;
}
__sys_DeleteDC(dc);
ret = NULL; // we return NULL to notify the caller that there is nothing left to do
map_remove(&Gui_DCCache, dc);
}

16
Sandboxie/core/dll/gui.c
View File

@ -372,9 +372,9 @@ _FX BOOLEAN Gui_Init(HMODULE module)
const UCHAR *ProcName;
Gui_UseProtectScreen = SbieApi_QueryConfBool(NULL, L"IsProtectScreen", FALSE);
Gui_UseProtectScreen = SbieApi_QueryConfBool(NULL, L"CoverBoxedWindows", FALSE);
Gui_UseBlockCapture = SbieApi_QueryConfBool(NULL, L"IsBlockCapture", FALSE);
Gui_UseBlockCapture = SbieApi_QueryConfBool(NULL, L"BlockScreenCapture", FALSE);
if (Gui_UseBlockCapture)
Gdi_InitDCCache();
@ -416,19 +416,9 @@ _FX BOOLEAN Gui_Init(HMODULE module)
GUI_IMPORT___(ClipCursor);
GUI_IMPORT___(GetClipCursor);
GUI_IMPORT___(GetCursorPos);
GUI_IMPORT___(SetCursorPos);
GUI_IMPORT___(SetCursorPos);
GUI_IMPORT___(SetTimer);
HMODULE temp = module;
module = Dll_Kernel32;
GUI_IMPORT___(Sleep);
GUI_IMPORT___(SleepEx);
GUI_IMPORT___(GetTickCount);
GUI_IMPORT___(GetTickCount64);
GUI_IMPORT___(QueryUnbiasedInterruptTime);
GUI_IMPORT___(QueryPerformanceCounter);
module = temp;
GUI_IMPORT___(MsgWaitForMultipleObjects);
GUI_IMPORT_AW(PeekMessage);
GUI_IMPORT___(MessageBoxW);

33
Sandboxie/core/dll/gui_p.h
View File

@ -57,7 +57,7 @@
#define WM_DDE_LAST (WM_DDE_FIRST+8)
#define GET_WIN_API(name, lib) \
P_##name name = Ldr_GetProcAddrNew(lib, #name, #name); \
P_##name name = Ldr_GetProcAddrNew(lib, L#name, #name); \
if(!name) return NULL;
//---------------------------------------------------------------------------
@ -100,26 +100,10 @@ typedef void (*P_SwitchToThisWindow)(HWND hWnd, BOOL fAlt);
typedef HWND(*P_SetActiveWindow)(HWND hWnd);
typedef DWORD(*P_GetTickCount)();
typedef ULONGLONG (*P_GetTickCount64)();
typedef BOOL(*P_QueryUnbiasedInterruptTime)(
PULONGLONG UnbiasedTime
);
typedef void(*P_Sleep)(DWORD dwMiSecond);
typedef DWORD(*P_SleepEx)(DWORD dwMiSecond, BOOL bAlert);
typedef BOOL (*P_QueryPerformanceCounter)(
LARGE_INTEGER* lpPerformanceCount
);
typedef UINT_PTR (*P_SetTimer)(
HWND hWnd,
UINT_PTR nIDEvent,
UINT uElapse,
HWND hWnd,
UINT_PTR nIDEvent,
UINT uElapse,
TIMERPROC lpTimerFunc
);
@ -476,8 +460,6 @@ typedef HBITMAP(*P_CreateCompatibleBitmap)(_In_ HDC hdc, _In_ int cx, _In_ int c
typedef BOOL (*P_ShutdownBlockReasonCreate)(HWND hWnd, LPCWSTR pwszReason);
typedef EXECUTION_STATE (*P_SetThreadExecutionState)(EXECUTION_STATE esFlags);
typedef BOOL (*P_SetThreadDesktop)(HDESK hDesktop);
typedef BOOL (*P_SwitchDesktop)(HDESK hDesktop);
@ -635,18 +617,11 @@ GUI_SYS_VAR_2(SendMessage)
GUI_SYS_VAR_2(SendMessageTimeout)
//GUI_SYS_VAR_2(SendMessageCallback)
GUI_SYS_VAR(ShutdownBlockReasonCreate)
GUI_SYS_VAR(SetThreadExecutionState)
GUI_SYS_VAR_2(SendNotifyMessage)
GUI_SYS_VAR_2(PostMessage)
GUI_SYS_VAR_2(PostThreadMessage)
GUI_SYS_VAR_2(DispatchMessage)
GUI_SYS_VAR(Sleep)
GUI_SYS_VAR(SleepEx)
GUI_SYS_VAR(GetTickCount)
GUI_SYS_VAR(QueryUnbiasedInterruptTime)
GUI_SYS_VAR(GetTickCount64)
GUI_SYS_VAR(QueryPerformanceCounter)
GUI_SYS_VAR(SetTimer)
GUI_SYS_VAR(MapWindowPoints)

2
Sandboxie/core/dll/guiclass.c
View File

@ -193,7 +193,7 @@ _FX BOOLEAN Gui_InitClass(HMODULE module)
}
}
Gui_UseProtectScreen = SbieApi_QueryConfBool(NULL, L"IsProtectScreen", FALSE);
Gui_UseProtectScreen = SbieApi_QueryConfBool(NULL, L"CoverBoxedWindows", FALSE);
//
// hook functions

131
Sandboxie/core/dll/guimisc.c
View File

@ -119,29 +119,7 @@ static int Gui_ReleaseDC(HWND hWnd, HDC hDc);
static BOOL Gui_ShutdownBlockReasonCreate(HWND hWnd, LPCWSTR pwszReason);
static EXECUTION_STATE Gui_SetThreadExecutionState(EXECUTION_STATE esFlags);
static DWORD Gui_GetTickCount();
static ULONGLONG Gui_GetTickCount64();
static BOOL Gui_QueryUnbiasedInterruptTime(
PULONGLONG UnbiasedTime
);
static void Gui_Sleep(DWORD dwMiSecond);
static DWORD Gui_SleepEx(DWORD dwMiSecond, BOOL bAlert);
static BOOL Gui_QueryPerformanceCounter(
LARGE_INTEGER* lpPerformanceCount
);
static UINT_PTR Gui_SetTimer(
HWND hWnd,
UINT_PTR nIDEvent,
UINT uElapse,
TIMERPROC lpTimerFunc
);
static UINT_PTR Gui_SetTimer(HWND hWnd, UINT_PTR nIDEvent, UINT uElapse, TIMERPROC lpTimerFunc);
//---------------------------------------------------------------------------
@ -307,33 +285,17 @@ _FX BOOLEAN Gui_InitMisc(HMODULE module)
__sys_GetThreadDpiAwarenessContext = (P_GetThreadDpiAwarenessContext)
Ldr_GetProcAddrNew(DllName_user32, L"GetThreadDpiAwarenessContext","GetThreadDpiAwarenessContext");
HMODULE current = module;
if (SbieApi_QueryConfBool(NULL, L"BlockInterferePower", FALSE)) {
SBIEDLL_HOOK_GUI(ShutdownBlockReasonCreate);
module = Dll_Kernel32;
SBIEDLL_HOOK(Gui_, SetThreadExecutionState);
}
if (SbieApi_QueryConfBool(NULL, L"UseChangeSpeed", FALSE))
{
module = current;
if (SbieApi_QueryConfBool(NULL, L"UseChangeSpeed", FALSE)) {
P_SetTimer SetTimer = Ldr_GetProcAddrNew(DllName_user32, "SetTimer", "SetTimer");
if (SetTimer)
SBIEDLL_HOOK(Gui_, SetTimer);
module = Dll_Kernel32;
SBIEDLL_HOOK(Gui_, GetTickCount);
P_GetTickCount64 GetTickCount64 = Ldr_GetProcAddrNew(Dll_Kernel32, "GetTickCount64", "GetTickCount64");
if (GetTickCount64)
SBIEDLL_HOOK(Gui_, GetTickCount64);
P_QueryUnbiasedInterruptTime QueryUnbiasedInterruptTime = Ldr_GetProcAddrNew(Dll_Kernel32, "QueryUnbiasedInterruptTime", "QueryUnbiasedInterruptTime");
if (QueryUnbiasedInterruptTime)
SBIEDLL_HOOK(Gui_, QueryUnbiasedInterruptTime);
SBIEDLL_HOOK(Gui_, QueryPerformanceCounter);
SBIEDLL_HOOK(Gui_, Sleep);
SBIEDLL_HOOK(Gui_, SleepEx);
if (SetTimer) {
SBIEDLL_HOOK(Gui_, SetTimer);
}
}
return TRUE;
@ -1677,15 +1639,17 @@ _FX BOOL Gui_ShutdownBlockReasonCreate(HWND hWnd, LPCWSTR pwszReason)
//---------------------------------------------------------------------------
// Gui_SetThreadExecutionState
// Gui_SetTimer
//---------------------------------------------------------------------------
_FX EXECUTION_STATE Gui_SetThreadExecutionState(EXECUTION_STATE esFlags)
_FX UINT_PTR Gui_SetTimer(HWND hWnd, UINT_PTR nIDEvent, UINT uElapse, TIMERPROC lpTimerFunc)
{
SetLastError(ERROR_ACCESS_DENIED);
return 0;
//return __sys_SetThreadExecutionState(esFlags);
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTimerSpeed", 1), low = SbieApi_QueryConfNumber(NULL, L"LowTimerSpeed", 1);
if (add != 0 && low != 0)
return __sys_SetTimer(hWnd, nIDEvent, uElapse * add / low, lpTimerFunc);
else
return 0;
}
@ -1739,70 +1703,3 @@ _FX void Gui_SwitchToThisWindow(HWND hWnd, BOOL fAlt)
return;
__sys_SwitchToThisWindow(hWnd, fAlt);
}
_FX DWORD Gui_GetTickCount() {
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTickSpeed", 1), low = SbieApi_QueryConfNumber(NULL, L"LowTickSpeed", 1);
if (low != 0)
return __sys_GetTickCount() * add / low;
else
return __sys_GetTickCount() * add;
}
_FX ULONGLONG Gui_GetTickCount64() {
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTickSpeed", 1), low = SbieApi_QueryConfNumber(NULL, L"LowTickSpeed", 1);
if (low != 0)
return __sys_GetTickCount64() * add / low;
else
return __sys_GetTickCount64() * add;
}
_FX BOOL Gui_QueryUnbiasedInterruptTime(
PULONGLONG UnbiasedTime
) {
BOOL rtn = __sys_QueryUnbiasedInterruptTime(UnbiasedTime);
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTickSpeed", 1), low = SbieApi_QueryConfNumber(NULL, L"LowTickSpeed", 1);
if (low != 0)
*UnbiasedTime *= add / low;
else
*UnbiasedTime *= add;
return rtn;
}
_FX void Gui_Sleep(DWORD dwMiSecond) {
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddSleepSpeed", 1), low = SbieApi_QueryConfNumber(NULL, L"LowSleepSpeed", 1);
if (add != 0 && low != 0)
__sys_Sleep(dwMiSecond * add / low);
}
_FX DWORD Gui_SleepEx(DWORD dwMiSecond, BOOL bAlert) {
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddSleepSpeed", 1), low = SbieApi_QueryConfNumber(NULL, L"LowSleepSpeed", 1);
if (add != 0 && low != 0)
return __sys_SleepEx(dwMiSecond * add / low, bAlert);
else
return 0;
}
_FX BOOL Gui_QueryPerformanceCounter(
LARGE_INTEGER* lpPerformanceCount
) {
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTickSpeed", 1),low= SbieApi_QueryConfNumber(NULL, L"LowTickSpeed", 1);
BOOL rtn = __sys_QueryPerformanceCounter(lpPerformanceCount);
if(add!=0&&low!=0)
lpPerformanceCount->QuadPart = lpPerformanceCount->QuadPart*add /low ;
return rtn;
}
_FX UINT_PTR Gui_SetTimer(
HWND hWnd,
UINT_PTR nIDEvent,
UINT uElapse,
TIMERPROC lpTimerFunc
)
{
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTimerSpeed", 1), low = SbieApi_QueryConfNumber(NULL, L"LowTimerSpeed", 1);
if (add != 0 && low != 0)
return __sys_SetTimer(hWnd, nIDEvent, uElapse * add / low, lpTimerFunc);
else
return 0;
}

206
Sandboxie/core/dll/kernel.c Normal file
View File

@ -0,0 +1,206 @@
/*
* Copyright 2021-2024 David Xanatos, xanasoft.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
//---------------------------------------------------------------------------
// Kernel
//---------------------------------------------------------------------------
//#define NOGDI
//#include <windows.h>
//#include "common/win32_ntddk.h"
#include "dll.h"
//---------------------------------------------------------------------------
// Functions Prototypes
//---------------------------------------------------------------------------
typedef EXECUTION_STATE (*P_SetThreadExecutionState)(EXECUTION_STATE esFlags);
typedef DWORD(*P_GetTickCount)();
typedef ULONGLONG (*P_GetTickCount64)();
typedef BOOL(*P_QueryUnbiasedInterruptTime)(PULONGLONG UnbiasedTime);
//typedef void(*P_Sleep)(DWORD dwMiSecond);
typedef DWORD(*P_SleepEx)(DWORD dwMiSecond, BOOL bAlert);
typedef BOOL (*P_QueryPerformanceCounter)(LARGE_INTEGER* lpPerformanceCount);
//---------------------------------------------------------------------------
// Variables
//---------------------------------------------------------------------------
P_SetThreadExecutionState __sys_SetThreadExecutionState = NULL;
//P_Sleep __sys_Sleep = NULL;
P_SleepEx __sys_SleepEx = NULL;
P_GetTickCount __sys_GetTickCount = NULL;
P_GetTickCount64 __sys_GetTickCount64 = NULL;
P_QueryUnbiasedInterruptTime __sys_QueryUnbiasedInterruptTime = NULL;
P_QueryPerformanceCounter __sys_QueryPerformanceCounter = NULL;
//---------------------------------------------------------------------------
// Functions
//---------------------------------------------------------------------------
static EXECUTION_STATE Kernel_SetThreadExecutionState(EXECUTION_STATE esFlags);
static DWORD Kernel_GetTickCount();
static ULONGLONG Kernel_GetTickCount64();
static BOOL Kernel_QueryUnbiasedInterruptTime(PULONGLONG UnbiasedTime);
//static void Kernel_Sleep(DWORD dwMiSecond); // no need hooking sleep as it internally just calls SleepEx
static DWORD Kernel_SleepEx(DWORD dwMiSecond, BOOL bAlert);
static BOOL Kernel_QueryPerformanceCounter(LARGE_INTEGER* lpPerformanceCount);
//---------------------------------------------------------------------------
// Kernel_Init
//---------------------------------------------------------------------------
_FX BOOLEAN Kernel_Init()
{
HMODULE module = Dll_Kernel32;
if (SbieApi_QueryConfBool(NULL, L"BlockInterferePower", FALSE)) {
SBIEDLL_HOOK(Kernel_, SetThreadExecutionState);
}
if (SbieApi_QueryConfBool(NULL, L"UseChangeSpeed", FALSE)) {
SBIEDLL_HOOK(Kernel_, GetTickCount);
P_GetTickCount64 GetTickCount64 = Ldr_GetProcAddrNew(Dll_Kernel32, L"GetTickCount64", "GetTickCount64");
if (GetTickCount64) {
SBIEDLL_HOOK(Kernel_, GetTickCount64);
}
P_QueryUnbiasedInterruptTime QueryUnbiasedInterruptTime = Ldr_GetProcAddrNew(Dll_Kernel32, L"QueryUnbiasedInterruptTime", "QueryUnbiasedInterruptTime");
if (QueryUnbiasedInterruptTime) {
SBIEDLL_HOOK(Kernel_, QueryUnbiasedInterruptTime);
}
SBIEDLL_HOOK(Kernel_, QueryPerformanceCounter);
//SBIEDLL_HOOK(Kernel_, Sleep);
SBIEDLL_HOOK(Kernel_, SleepEx);
}
return TRUE;
}
//---------------------------------------------------------------------------
// Kernel_SetThreadExecutionState
//---------------------------------------------------------------------------
_FX EXECUTION_STATE Kernel_SetThreadExecutionState(EXECUTION_STATE esFlags)
{
SetLastError(ERROR_ACCESS_DENIED);
return 0;
//return __sys_SetThreadExecutionState(esFlags);
}
//---------------------------------------------------------------------------
// Kernel_GetTickCount
//---------------------------------------------------------------------------
_FX DWORD Kernel_GetTickCount()
{
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTickSpeed", 1);
ULONG low = SbieApi_QueryConfNumber(NULL, L"LowTickSpeed", 1);
if (low != 0)
return __sys_GetTickCount() * add / low;
return __sys_GetTickCount() * add;
}
//---------------------------------------------------------------------------
// Kernel_GetTickCount64
//---------------------------------------------------------------------------
_FX ULONGLONG Kernel_GetTickCount64()
{
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTickSpeed", 1);
ULONG low = SbieApi_QueryConfNumber(NULL, L"LowTickSpeed", 1);
if (low != 0)
return __sys_GetTickCount64() * add / low;
return __sys_GetTickCount64() * add;
}
//---------------------------------------------------------------------------
// Kernel_QueryUnbiasedInterruptTime
//---------------------------------------------------------------------------
_FX BOOL Kernel_QueryUnbiasedInterruptTime(PULONGLONG UnbiasedTime)
{
BOOL rtn = __sys_QueryUnbiasedInterruptTime(UnbiasedTime);
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTickSpeed", 1);
ULONG low = SbieApi_QueryConfNumber(NULL, L"LowTickSpeed", 1);
if (low != 0)
*UnbiasedTime *= add / low;
else
*UnbiasedTime *= add;
return rtn;
}
//---------------------------------------------------------------------------
// Kernel_SleepEx
//---------------------------------------------------------------------------
_FX DWORD Kernel_SleepEx(DWORD dwMiSecond, BOOL bAlert)
{
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddSleepSpeed", 1);
ULONG low = SbieApi_QueryConfNumber(NULL, L"LowSleepSpeed", 1);
if (add != 0 && low != 0)
return __sys_SleepEx(dwMiSecond * add / low, bAlert);
return __sys_SleepEx(dwMiSecond, bAlert);
}
//---------------------------------------------------------------------------
// Kernel_QueryPerformanceCounter
//---------------------------------------------------------------------------
_FX BOOL Kernel_QueryPerformanceCounter(LARGE_INTEGER* lpPerformanceCount)
{
BOOL rtn = __sys_QueryPerformanceCounter(lpPerformanceCount);
ULONG add = SbieApi_QueryConfNumber(NULL, L"AddTickSpeed", 1);
ULONG low = SbieApi_QueryConfNumber(NULL, L"LowTickSpeed", 1);
if (add != 0 && low != 0)
lpPerformanceCount->QuadPart = lpPerformanceCount->QuadPart * add / low;
return rtn;
}

4
Sandboxie/core/dll/key_del.c
View File

@ -266,11 +266,13 @@ _FX NTSTATUS Key_MarkDeletedEx_v2(const WCHAR* TruePath, const WCHAR* ValueName)
NtClose(hPathsFile);
Key_PathsVersion++;
File_GetAttributes_internal(KEY_PATH_FILE_NAME, &Key_PathsFileSize, &Key_PathsFileDate, NULL);
}
}
else
Key_SavePathTree();
Key_SavePathTree();
}
File_ReleaseMutex(hMutex);

1025
Sandboxie/core/dll/net.c
View File

File diff suppressed because it is too large Load Diff

6
Sandboxie/core/dll/proc.c
View File

@ -1335,12 +1335,16 @@ _FX BOOL Proc_CreateProcessInternalW(
lpProcessAttributes = NULL;
}
TlsData->proc_create_process_fake_admin = (Secure_FakeAdmin == FALSE && SbieApi_QueryConfBool(NULL, L"FakeAdminRights", FALSE));
ok = __sys_CreateProcessInternalW(
hToken, lpApplicationName, lpCommandLine,
lpProcessAttributes, lpThreadAttributes, bInheritHandles,
dwCreationFlags, lpEnvironment, lpCurrentDirectory,
lpStartupInfo, lpProcessInformation, hNewToken);
TlsData->proc_create_process_fake_admin = FALSE;
err = GetLastError();
goto finish;
@ -1410,6 +1414,7 @@ _FX BOOL Proc_CreateProcessInternalW(
}
}
TlsData->proc_create_process_fake_admin = (Secure_FakeAdmin == FALSE && SbieApi_QueryConfBool(NULL, L"FakeAdminRights", FALSE));
ok = __sys_CreateProcessInternalW(
NULL, lpApplicationName, lpCommandLine,
@ -1419,6 +1424,7 @@ _FX BOOL Proc_CreateProcessInternalW(
err = GetLastError();
TlsData->proc_create_process_fake_admin = FALSE;
//
// restore the original owner pointers in the security descriptors

306
Sandboxie/core/dll/proxy.c Normal file
View File

@ -0,0 +1,306 @@
/*
* Copyright 2022 David Xanatos, xanasoft.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
//---------------------------------------------------------------------------
// Network Proxy
//---------------------------------------------------------------------------
#include "dll.h"
#include <windows.h>
#include <wchar.h>
#include <oleauto.h>
#include "common/my_wsa.h"
#include "common/netfw.h"
#include "common/map.h"
#include "wsa_defs.h"
#define SOCKS_VERSION 0x05
#define SOCKS_SUBVERSION 0x01
// authentication methods
#define SOCKS_NO_AUTHENTICATION 0x00
#define SOCKS_USERNAME_PASSWORD 0x02
#define SOCKS_METHOD_NONE 0xFF
// response codes
//#define SOCKS_SUCCESS 0x00
#define SOCKS_SERVER_FAILURE 0x01
#define SOCKS_DENIED 0x02
#define SOCKS_NETWORK_UNREACHABLE 0x03
#define SOCKS_HOST_UNREACHABLE 0x04
#define SOCKS_CONNECTION_REFUSED 0x05
#define SOCKS_TTL_EXPIRED 0x06
// address types
#define SOCKS_CONNECT 0x01
#define SOCKS_IPV4 0x01
#define SOCKS_DOMAINNAME 0x03
#define SOCKS_IPV6 0x04
#define SOCKS_RESPONSE_MAX_SIZE 512
#define SOCKS_REQUEST_MAX_SIZE 264
#define SOCKS_AUTH_MAX_SIZE 255
#define HOST_NAME_MAX 256
#define INET_ADDRSTRLEN 16
#define INET6_ADDRSTRLEN 46
extern P_recv __sys_recv;
extern P_send __sys_send;
extern P_inet_ntop __sys_inet_ntop;
#ifdef PROXY_RESOLVE_HOST_NAMES
extern HASH_MAP DNS_LookupMap;
#endif
//---------------------------------------------------------------------------
// socks5_handshake
//---------------------------------------------------------------------------
_FX BOOLEAN socks5_handshake(SOCKET s, BOOLEAN auth, WCHAR login[SOCKS_AUTH_MAX_SIZE], WCHAR pass[SOCKS_AUTH_MAX_SIZE])
{
char req[4] = { SOCKS_VERSION, 1 + auth, SOCKS_NO_AUTHENTICATION, 0 };
if (auth)
req[3] = SOCKS_USERNAME_PASSWORD;
if (__sys_send(s, req, (3 + auth), 0) != (3 + auth))
goto on_error;
char res[2];
if (__sys_recv(s, res, sizeof(res), MSG_WAITALL) != sizeof(res))
goto on_error;
if (res[0] != SOCKS_VERSION) {
SbieApi_Log(2360, L"SOCKS version mismatch: expected '%d', got '%d'", SOCKS_VERSION, res[0]);
goto on_error;
}
switch (res[1]) {
case SOCKS_NO_AUTHENTICATION:
return TRUE;
case SOCKS_USERNAME_PASSWORD:
if (!auth || !login || !pass) {
SbieApi_Log(2360, L"authentication required, but no credentials provided");
goto on_error;
}
char l[SOCKS_AUTH_MAX_SIZE];
char p[SOCKS_AUTH_MAX_SIZE];
size_t login_len = wcstombs(l, login, SOCKS_AUTH_MAX_SIZE);
size_t pass_len = wcstombs(p, pass, SOCKS_AUTH_MAX_SIZE);
size_t auth_buf_len = 1 + 1 + login_len + 1 + pass_len;
char* auth_buf = Dll_AllocTemp(auth_buf_len);
if (!auth_buf) {
SbieApi_Log(2305, NULL);
goto on_error;
}
size_t offset = 0;
auth_buf[offset++] = SOCKS_SUBVERSION;
auth_buf[offset++] = login_len;
memcpy(auth_buf + offset, l, login_len);
offset += login_len;
auth_buf[offset++] = (char)pass_len;
memcpy(auth_buf + offset, p, pass_len);
offset += pass_len;
if (__sys_send(s, auth_buf, auth_buf_len , 0) != auth_buf_len) {
Dll_Free(auth_buf);
goto on_error;
}
Dll_Free(auth_buf);
if (__sys_recv(s, res, sizeof(res), MSG_WAITALL) != sizeof(res))
goto on_error;
if (res[0] != SOCKS_SUBVERSION) {
SbieApi_Log(2360, L"subnegotiation version mismatch: expected '%d', got '%d'", SOCKS_SUBVERSION, res[0]);
goto on_error;
}
if (res[1] != SOCKS_SUCCESS) {
SbieApi_Log(2360, L"authentication failed");
goto on_error;
}
return TRUE;
default:
SbieApi_Log(2360, L"no acceptable authentication method");
break;
}
on_error:
return FALSE;
}
//---------------------------------------------------------------------------
// socks5_request_send
//---------------------------------------------------------------------------
static char socks5_request_send(SOCKET s, char* buf, size_t size)
{
if (__sys_send(s, buf, size, 0) != size)
return SOCKS_GENERAL_FAILURE;
char res[SOCKS_RESPONSE_MAX_SIZE] = { 0 };
if (__sys_recv(s, res, 4, 0) == SOCKET_ERROR)
return SOCKS_GENERAL_FAILURE;
if (res[1] != SOCKS_SUCCESS)
return res[1];
if (res[3] == SOCKS_IPV4) {
if (__sys_recv(s, res + 4, 6, MSG_WAITALL) == SOCKET_ERROR)
return SOCKS_GENERAL_FAILURE;
}
else if (res[3] == SOCKS_IPV6) {
if (__sys_recv(s, res + 4, 18, MSG_WAITALL) == SOCKET_ERROR)
return SOCKS_GENERAL_FAILURE;
}
else {
return SOCKS_GENERAL_FAILURE;
}
return SOCKS_SUCCESS;
}
//---------------------------------------------------------------------------
// socks5_report_error
//---------------------------------------------------------------------------
_FX void socks5_report_error(int code, const char* buf)
{
char* host = NULL;
USHORT port = 0;
if (buf[3] == SOCKS_IPV4) {
host = Dll_AllocTemp(INET_ADDRSTRLEN);
if (!host) return;
const IN_ADDR* v4 = (const IN_ADDR*)(buf + 4);
__sys_inet_ntop(AF_INET, v4, host, INET_ADDRSTRLEN);
port = _ntohs(*((USHORT*)(buf + 8)));
}
else if (buf[3] == SOCKS_IPV6) {
host = Dll_AllocTemp(INET6_ADDRSTRLEN);
if (!host) return;
const IN6_ADDR* v6 = (const IN6_ADDR*)(buf + 4);
__sys_inet_ntop(AF_INET6, v6, host, INET6_ADDRSTRLEN);
port = _ntohs(*((USHORT*)(buf + 20)));
}
else if (buf[3] == SOCKS_DOMAINNAME) {
size_t domain_len = buf[4];
host = Dll_AllocTemp(domain_len + 1);
if (!host) return;
memcpy(host, buf + 5, domain_len);
host[domain_len] = '\0';
port = _ntohs(*((USHORT*)(buf + 5 + domain_len)));
}
if (!host) return;
switch (code) {
case SOCKS_SERVER_FAILURE:
SbieApi_Log(2360, L"general server failure (%s:%hu)", host, port);
break;
case SOCKS_DENIED:
SbieApi_Log(2360, L"connection denied by server ruleset (%s:%hu)", host, port);
break;
case SOCKS_NETWORK_UNREACHABLE:
SbieApi_Log(2360, L"network unreachable (%s:%hu)", host, port);
break;
case SOCKS_HOST_UNREACHABLE:
SbieApi_Log(2360, L"host unreachable (%s:%hu)", host, port);
break;
case SOCKS_CONNECTION_REFUSED:
SbieApi_Log(2360, L"connection refused (%s:%hu)", host, port);
break;
case SOCKS_TTL_EXPIRED:
SbieApi_Log(2360, L"TTL expired (%s:%hu)", host, port);
break;
default:
SbieApi_Log(2360, L"request failed with status %d (%s:%hu)", code, host, port);
break;
}
Dll_Free(host);
}
//---------------------------------------------------------------------------
// socks5_request
//---------------------------------------------------------------------------
_FX char socks5_request(SOCKET s, const SOCKADDR* addr)
{
char req[SOCKS_REQUEST_MAX_SIZE] = { SOCKS_VERSION, SOCKS_CONNECT, 0 };
char* ptr = req + 3;
if (addr->sa_family == AF_INET) {
const SOCKADDR_IN* v4 = (const SOCKADDR_IN*)addr;
#ifdef PROXY_RESOLVE_HOST_NAMES
char* domain = (char*)map_get(&DNS_LookupMap, (void*)v4->sin_addr.s_addr);
if (domain) {
*ptr++ = SOCKS_DOMAINNAME;
*ptr++ = strlen(domain);
memcpy(ptr, domain, strlen(domain));
ptr += strlen(domain);
*((USHORT*)ptr) = v4->sin_port;
ptr += sizeof(USHORT);
}
else
#endif
{
*ptr++ = SOCKS_IPV4;
*((ULONG*)ptr) = v4->sin_addr.s_addr;
ptr += sizeof(ULONG);
*((USHORT*)ptr) = v4->sin_port;
ptr += sizeof(USHORT);
}
}
else if (addr->sa_family == AF_INET6) {
const SOCKADDR_IN6_LH* v6 = (const SOCKADDR_IN6_LH*)addr;
#ifdef PROXY_RESOLVE_HOST_NAMES
char* domain = (char*)map_get(&DNS_LookupMap, (void*)&v6->sin6_addr.s6_addr);
if (domain) {
*ptr++ = SOCKS_DOMAINNAME;
*ptr++ = strlen(domain);
memcpy(ptr, domain, strlen(domain));
ptr += strlen(domain);
*((USHORT*)ptr) = v6->sin6_port;
ptr += sizeof(USHORT);
}
else
#endif
{
*ptr++ = SOCKS_IPV6;
memcpy(ptr, &v6->sin6_addr, sizeof(v6->sin6_addr));
ptr += sizeof(v6->sin6_addr);
*((USHORT*)ptr) = v6->sin6_port;
ptr += sizeof(USHORT);
}
}
else {
return SOCKS_GENERAL_FAILURE;
}
int ret = socks5_request_send(s, req, ptr - req);
if (ret != SOCKS_SUCCESS)
socks5_report_error(ret, req);
return ret;
}

33
Sandboxie/core/dll/sbiedll.h
View File

@ -42,6 +42,7 @@ extern "C" {
// Defines
//---------------------------------------------------------------------------
#define USE_MATCH_PATH_EX
#define TokenElevationTypeNone 99
@ -244,6 +245,38 @@ SBIEDLL_EXPORT PSECURITY_DESCRIPTOR SbieDll_GetPublicSD();
SBIEDLL_EXPORT const WCHAR* SbieDll_FindArgumentEnd(const WCHAR* arguments);
#ifdef USE_MATCH_PATH_EX
//SBIEDLL_EXPORT ULONG SbieDll_MatchPathImpl(BOOLEAN use_rule_specificity, BOOLEAN use_privacy_mode, const WCHAR* path, void* normal_list, void* open_list, void* closed_list, void* write_list, void* read_list);
SBIEDLL_EXPORT ULONG SbieDll_MatchPathImpl(BOOLEAN use_rule_specificity, const WCHAR* path, void* normal_list, void* open_list, void* closed_list, void* write_list, void* read_list);
#else
SBIEDLL_EXPORT ULONG SbieDll_MatchPathImpl(const WCHAR* path, void* open_list, void* closed_list, void* write_list);
#endif
#define PATH_OPEN_FLAG 0x10
#define PATH_CLOSED_FLAG 0x20
#define PATH_WRITE_FLAG 0x40
#define PATH_READ_FLAG 0x80
#ifdef USE_MATCH_PATH_EX
// for read only paths, handle like open and let the driver deny the write access
#define PATH_IS_OPEN(f) ((((f) & PATH_OPEN_FLAG) != 0) || PATH_IS_READ(f))
#define PATH_NOT_OPEN(f) ((((f) & PATH_OPEN_FLAG) == 0) && PATH_NOT_READ(f))
#else
#define PATH_IS_OPEN(f) (((f) & PATH_OPEN_FLAG) != 0)
#define PATH_NOT_OPEN(f) (((f) & PATH_OPEN_FLAG) == 0)
#endif
#define PATH_IS_CLOSED(f) (((f) & PATH_CLOSED_FLAG) != 0)
#define PATH_NOT_CLOSED(f) (((f) & PATH_CLOSED_FLAG) == 0)
#define PATH_IS_WRITE(f) (((f) & PATH_WRITE_FLAG) != 0)
#define PATH_NOT_WRITE(f) (((f) & PATH_WRITE_FLAG) == 0)
#define PATH_IS_READ(f) (((f) & PATH_READ_FLAG) != 0)
#define PATH_NOT_READ(f) (((f) & PATH_READ_FLAG) == 0)
SBIEDLL_EXPORT void DbgPrint(const char* format, ...);
SBIEDLL_EXPORT void DbgTrace(const char* format, ...);

17
Sandboxie/core/dll/secure.c
View File

@ -1003,8 +1003,9 @@ _FX NTSTATUS Ldr_NtQueryInformationToken(
ULONG TokenInformationLength,
ULONG *ReturnLength)
{
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
NTSTATUS status = 0;
THREAD_DATA *TlsData = NULL;
HANDLE hTokenReal = NULL;
BOOLEAN FakeAdmin = FALSE;
@ -1019,7 +1020,7 @@ _FX NTSTATUS Ldr_NtQueryInformationToken(
// we also ensure that the token belongs to the current process
//
if (Secure_FakeAdmin && (SbieApi_QueryProcessInfoEx(0, 'ippt', (LONG_PTR)(hTokenReal ? hTokenReal : TokenHandle))))
if ((Secure_FakeAdmin || TlsData->proc_create_process_fake_admin) && (SbieApi_QueryProcessInfoEx(0, 'ippt', (LONG_PTR)(hTokenReal ? hTokenReal : TokenHandle))))
{
FakeAdmin = TRUE;
}
@ -1039,8 +1040,6 @@ _FX NTSTATUS Ldr_NtQueryInformationToken(
// we are running as Administrator
//
TlsData = Dll_GetTlsData(NULL);
if (Secure_Is_IE_NtQueryInformationToken && !TlsData->proc_create_process)
{
FakeAdmin = TRUE;
@ -1150,10 +1149,12 @@ NTSTATUS Ldr_NtAccessCheckByType(PSECURITY_DESCRIPTOR SecurityDescriptor, PSID P
_FX NTSTATUS Ldr_NtAccessCheck(PSECURITY_DESCRIPTOR SecurityDescriptor, HANDLE ClientToken, ACCESS_MASK DesiredAccess, PGENERIC_MAPPING GenericMapping, PPRIVILEGE_SET RequiredPrivilegesBuffer, PULONG BufferLength, PACCESS_MASK GrantedAccess, PNTSTATUS AccessStatus)
{
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
NTSTATUS status = 0;
HANDLE hTokenReal = NULL;
if (Secure_FakeAdmin && SecurityDescriptor) {
if ((Secure_FakeAdmin || TlsData->proc_create_process_fake_admin) && SecurityDescriptor) {
BOOLEAN Fake = FALSE;
PSID Group, Owner;
@ -1352,7 +1353,7 @@ _FX NTSTATUS Secure_RtlQueryElevationFlags(ULONG *Flags)
BOOLEAN fake = FALSE;
if (Secure_FakeAdmin)
if (Secure_FakeAdmin || TlsData->proc_create_process_fake_admin)
{
fake = TRUE;
}
@ -1446,7 +1447,9 @@ NTSTATUS Secure_RtlCheckTokenMembershipEx(
DWORD flags,
PUCHAR isMember)
{
if (Secure_FakeAdmin && RtlEqualSid(sidToCheck, AdministratorsSid)) {
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
if ((Secure_FakeAdmin || TlsData->proc_create_process_fake_admin) && RtlEqualSid(sidToCheck, AdministratorsSid)) {
if (isMember) *isMember = TRUE;
return STATUS_SUCCESS;
}

284
Sandboxie/core/dll/wsa_defs.h Normal file
View File

@ -0,0 +1,284 @@
/*
* Copyright 2022 DavidXanatos, xanasoft.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
#ifndef _WSA_DEFS_H
#define _WSA_DEFS_H
//---------------------------------------------------------------------------
// Prototypes
//---------------------------------------------------------------------------
typedef int (*P_WSAIoctl)(
SOCKET s,
DWORD dwIoControlCode,
LPVOID lpvInBuffer,
DWORD cbInBuffer,
LPVOID lpvOutBuffer,
DWORD cbOutBuffer,
LPDWORD lpcbBytesReturned,
LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine);
typedef int (*P_ioctlsocket)(
SOCKET s,
long cmd,
ULONG* argp);
typedef int (*P_WSAAsyncSelect)(
SOCKET s,
HWND hWnd,
UINT wMsg,
long lEvent);
typedef int (*P_WSAEventSelect)(
SOCKET s,
void* hEventObject,
long lNetworkEvents);
typedef int (*P_WSAEnumNetworkEvents)(
SOCKET s,
void* hEventObject,
void* lpNetworkEvents
);
typedef int (*P_WSANSPIoctl)(
HANDLE hLookup,
DWORD dwControlCode,
LPVOID lpvInBuffer,
DWORD cbInBuffer,
LPVOID lpvOutBuffer,
DWORD cbOutBuffer,
LPDWORD lpcbBytesReturned,
LPWSACOMPLETION lpCompletion);
typedef int (*P_WSASocketW)(
int af,
int type,
int protocol,
LPWSAPROTOCOL_INFOW lpProtocolInfo,
unsigned int g,
DWORD dwFlags);
typedef int (*P_WSAGetLastError)();
typedef int (*P_WSASetLastError)(int err);
typedef int (*P_bind)(
SOCKET s,
const void *name,
int namelen);
typedef int (*P_connect)(
SOCKET s,
const void *name,
int namelen);
typedef int (*P_WSAConnect)(
SOCKET s,
const void *name,
int namelen,
LPWSABUF lpCallerData,
LPWSABUF lpCalleeData,
LPQOS lpSQOS,
LPQOS lpGQOS);
typedef int (*P_ConnectEx) (
SOCKET s,
const void *name,
int namelen,
PVOID lpSendBuffer,
DWORD dwSendDataLength,
LPDWORD lpdwBytesSent,
LPOVERLAPPED lpOverlapped);
typedef SOCKET (*P_accept)(
SOCKET s,
void *addr,
int *addrlen);
typedef SOCKET (*P_WSAAccept)(
SOCKET s,
void *addr,
LPINT addrlen,
LPCONDITIONPROC lpfnCondition,
DWORD_PTR dwCallbackData);
typedef int (*P_AcceptEx)(
SOCKET sListenSocket,
SOCKET sAcceptSocket,
PVOID lpOutputBuffer,
DWORD dwReceiveDataLength,
DWORD dwLocalAddressLength,
DWORD dwRemoteAddressLength,
LPDWORD lpdwBytesReceived,
LPOVERLAPPED lpOverlapped);
typedef int (*P_recv)(
SOCKET s,
char* buf,
int len,
int flags);
typedef int (*P_send)(
SOCKET s,
const char* buf,
int len,
int flags);
typedef int (*P_sendto)(
SOCKET s,
const char *buf,
int len,
int flags,
const void *to,
int tolen);
typedef int (*P_WSASendTo)(
SOCKET s,
LPWSABUF lpBuffers,
DWORD dwBufferCount,
LPDWORD lpNumberOfBytesSent,
DWORD dwFlags,
const void *lpTo,
int iTolen,
LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine);
typedef int (*P_recvfrom)(
SOCKET s,
char *buf,
int len,
int flags,
void *from,
int *fromlen);
typedef int (*P_WSARecvFrom)(
SOCKET s,
LPWSABUF lpBuffers,
DWORD dwBufferCount,
LPDWORD lpNumberOfBytesRecvd,
LPDWORD lpFlags,
void *lpFrom,
LPINT lpFromlen,
LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine);
typedef int (*P_shutdown)(SOCKET s, int how);
typedef int (*P_closesocket)(SOCKET s);
typedef enum _WSAEcomparator
{
COMP_EQUAL = 0,
COMP_NOTLESS
} WSAECOMPARATOR, *PWSAECOMPARATOR, *LPWSAECOMPARATOR;
typedef struct _WSAVersion
{
DWORD dwVersion;
WSAECOMPARATOR ecHow;
}WSAVERSION, *PWSAVERSION, *LPWSAVERSION;
typedef struct _AFPROTOCOLS {
INT iAddressFamily;
INT iProtocol;
} AFPROTOCOLS, *PAFPROTOCOLS, *LPAFPROTOCOLS;
typedef struct _SOCKET_ADDRESS {
LPSOCKADDR lpSockaddr;
INT iSockaddrLength;
} SOCKET_ADDRESS, *PSOCKET_ADDRESS, *LPSOCKET_ADDRESS;
typedef struct _CSADDR_INFO {
SOCKET_ADDRESS LocalAddr ;
SOCKET_ADDRESS RemoteAddr ;
INT iSocketType ;
INT iProtocol ;
} CSADDR_INFO, *PCSADDR_INFO, FAR * LPCSADDR_INFO ;
typedef struct _WSAQuerySetW
{
DWORD dwSize;
LPWSTR lpszServiceInstanceName;
LPGUID lpServiceClassId;
LPWSAVERSION lpVersion;
LPWSTR lpszComment;
DWORD dwNameSpace;
LPGUID lpNSProviderId;
LPWSTR lpszContext;
DWORD dwNumberOfProtocols;
LPAFPROTOCOLS lpafpProtocols;
LPWSTR lpszQueryString;
DWORD dwNumberOfCsAddrs;
LPCSADDR_INFO lpcsaBuffer;
DWORD dwOutputFlags;
LPBLOB lpBlob;
} WSAQUERYSETW, *PWSAQUERYSETW, *LPWSAQUERYSETW;
struct hostent {
char FAR * h_name; /* official name of host */
char FAR * FAR * h_aliases; /* alias list */
short h_addrtype; /* host address type */
short h_length; /* length of address */
char FAR * FAR * h_addr_list; /* list of addresses */
#define h_addr h_addr_list[0] /* address, for backward compat */
};
typedef struct hostent HOSTENT;
typedef int (*P_WSALookupServiceBeginW)(
LPWSAQUERYSETW lpqsRestrictions,
DWORD dwControlFlags,
LPHANDLE lphLookup);
typedef int (*P_WSALookupServiceNextW)(
HANDLE hLookup,
DWORD dwControlFlags,
LPDWORD lpdwBufferLength,
LPWSAQUERYSETW lpqsResults);
typedef int (*P_WSALookupServiceEnd)(HANDLE hLookup);
typedef struct addrinfoW {
int ai_flags;
int ai_family;
int ai_socktype;
int ai_protocol;
size_t ai_addrlen;
PWSTR ai_canonname;
struct sockaddr *ai_addr;
struct addrinfoW *ai_next;
} ADDRINFOW, *PADDRINFOW;
typedef int (*P_GetAddrInfoW)(
PCWSTR pNodeName,
PCWSTR pServiceName,
const ADDRINFOW *pHints,
PADDRINFOW *ppResult);
typedef PCSTR (*P_inet_ntop)(
int family,
const void *pAddr,
PSTR pStringBuf,
size_t StringBufSize);
#endif _WSA_DEFS_H

6
Sandboxie/core/drv/api.c
View File

@ -1301,11 +1301,6 @@ _FX NTSTATUS Api_QueryDriverInfo(PROCESS* proc, ULONG64* parms)
{
NTSTATUS status = STATUS_SUCCESS;
API_QUERY_DRIVER_INFO_ARGS *args = (API_QUERY_DRIVER_INFO_ARGS *)parms;
if (proc) {
status = STATUS_NOT_IMPLEMENTED;
goto finish;
}
__try {
@ -1385,7 +1380,6 @@ _FX NTSTATUS Api_QueryDriverInfo(PROCESS* proc, ULONG64* parms)
status = GetExceptionCode();
}
finish:
return status;
}

1
Sandboxie/core/drv/api_defs.h
View File

@ -162,6 +162,7 @@ enum {
API_PROTECT_ROOT,
API_UNPROTECT_ROOT,
API_KILL_PROCESS,
API_FORCE_CHILDREN,
API_LAST
};

1
Sandboxie/core/drv/api_flags.h
View File

@ -59,6 +59,7 @@
#define MONITOR_SCM 0x0000000E // Service Control Manager
#define MONITOR_APICALL 0x0000000F
#define MONITOR_RPC 0x00000010
#define MONITOR_DNS 0x00000011
#define MONITOR_TYPE_MASK 0x000000FF
#define MONITOR_RESERVED 0x0000FF00

2
Sandboxie/core/drv/dyn_data.c
View File

@ -34,7 +34,7 @@ const wchar_t Parameters[] = L"\\Parameters";
#define IMAGE_FILE_MACHINE_ARM64 0xAA64 // ARM64 Little-Endian
#endif
#define WIN11_LATEST 26200 // <-----
#define WIN11_LATEST 26217 // <-----
#define SVR2025 26040
#define WIN11_FIRST 22000
#define SVR2022 20348

8
Sandboxie/core/drv/process.c
View File

@ -101,9 +101,11 @@ static NTSTATUS Process_CreateUserProcess(
#ifdef USE_PROCESS_MAP
HASH_MAP Process_Map;
HASH_MAP Process_MapDfp;
HASH_MAP Process_MapFcp;
#else
LIST Process_List;
LIST Process_ListDfp;
LIST Process_ListFcp;
#endif
PERESOURCE Process_ListLock = NULL;
@ -136,9 +138,13 @@ _FX BOOLEAN Process_Init(void)
map_init(&Process_MapDfp, Driver_Pool);
map_resize(&Process_MapDfp, 128); // prepare some buckets for better performance
map_init(&Process_MapFcp, Driver_Pool);
map_resize(&Process_MapFcp, 128); // prepare some buckets for better performance
#else
List_Init(&Process_List);
List_Init(&Process_ListDfp);
List_Init(&Process_ListFcp);
#endif
if (! Mem_GetLockResource(&Process_ListLock, TRUE))
@ -1537,6 +1543,8 @@ _FX void Process_Delete(HANDLE ProcessId)
Process_DfpDelete(ProcessId);
Process_FcpDelete(ProcessId);
ExReleaseResourceLite(Process_ListLock);
KeLowerIrql(irql);

7
Sandboxie/core/drv/process.h
View File

@ -447,6 +447,11 @@ void Process_DfpDelete(HANDLE ProcessId);
BOOLEAN Process_DfpCheck(HANDLE ProcessId, BOOLEAN *silent);
// Force Child Processes
VOID Process_FcpInsert(HANDLE ProcessId, const WCHAR* boxname);
void Process_FcpDelete(HANDLE ProcessId);
BOOLEAN Process_FcpCheck(HANDLE ProcessId, WCHAR* boxname);
// Enumerate or count processes in a sandbox
@ -533,9 +538,11 @@ NTSTATUS Process_Api_Kill(PROCESS *proc, ULONG64 *parms);
#ifdef USE_PROCESS_MAP
extern HASH_MAP Process_Map;
extern HASH_MAP Process_MapDfp;
extern HASH_MAP Process_MapFcp;
#else
extern LIST Process_List;
extern LIST Process_ListDfp;
extern LIST Process_ListFcp;
#endif
extern PERESOURCE Process_ListLock;

213
Sandboxie/core/drv/process_force.c
View File

@ -79,6 +79,16 @@ typedef struct _FORCE_PROCESS_2 {
} FORCE_PROCESS_2;
typedef struct _FORCE_PROCESS_3 {
#ifndef USE_PROCESS_MAP
LIST_ELEM list_elem;
#endif
HANDLE pid;
WCHAR boxname[BOXNAME_COUNT];
} FORCE_PROCESS_3;
//---------------------------------------------------------------------------
// Functions
//---------------------------------------------------------------------------
@ -103,6 +113,8 @@ static BOOLEAN Process_IsWindowsExplorerParent(HANDLE ParentId);
static BOOLEAN Process_IsImmersiveProcess(
PEPROCESS ProcessObject, HANDLE ParentId, ULONG SessionId);
static BOOLEAN Process_IsProcessParent(HANDLE ParentId, WCHAR* Name);
void Process_CreateForceData(
LIST *boxes, const WCHAR *SidString, ULONG SessionId);
@ -114,7 +126,7 @@ static BOX *Process_CheckForceFolder(
LIST *boxes, const WCHAR *path, BOOLEAN alert, ULONG *IsAlert);
static BOX *Process_CheckForceProcess(
LIST *boxes, const WCHAR *name, BOOLEAN alert, ULONG *IsAlert);
LIST *boxes, const WCHAR *name, BOOLEAN alert, ULONG *IsAlert, HANDLE parent);
static void Process_CheckAlertFolder(
LIST *boxes, const WCHAR *path, ULONG *IsAlert);
@ -149,6 +161,7 @@ _FX BOX *Process_GetForcedStartBox(
ULONG alert;
BOOLEAN check_force;
BOOLEAN is_start_exe;
BOOLEAN image_sbie;
BOOLEAN force_alert;
BOOLEAN dfp_already_added;
BOOLEAN same_image_name;
@ -236,7 +249,7 @@ _FX BOX *Process_GetForcedStartBox(
// when the process is start.exe we ignore the CurDir and DocArg
//
Process_IsSbieImage(ImagePath, NULL, &is_start_exe);
Process_IsSbieImage(ImagePath, &image_sbie, &is_start_exe);
if ((! box) && CurDir && !is_start_exe)
box = Process_CheckBoxPath(&boxes, CurDir);
@ -248,7 +261,7 @@ _FX BOX *Process_GetForcedStartBox(
if ((! box) && (! alert)) {
box = Process_CheckForceProcess(
&boxes, ImageName, force_alert, &alert);
&boxes, ImageName, force_alert, &alert, ParentId);
}
if ((! box) && CurDir && !is_start_exe && (! alert)) {
@ -272,6 +285,31 @@ _FX BOX *Process_GetForcedStartBox(
Process_DfpInsert(PROCESS_TERMINATED, ProcessId);
}
//
// Check if the parent process has its children forced to be sandboxes
// exempt sandboxie components from this as start.exe can be used to
// open selected processes in other boxes or set Dfp when desired.
//
// we also must excempt conhost.exe for console applications
//
if (!box && !image_sbie && _wcsicmp(ImageName, L"conhost.exe") != 0) {
WCHAR boxname[BOXNAME_COUNT];
if (Process_FcpCheck(ParentId, boxname)) {
ULONG boxname_len = (wcslen(boxname) + 1) * sizeof(WCHAR);
for (FORCE_BOX* cur_box = List_Head(&boxes); cur_box; cur_box = List_Next(cur_box)) {
if (cur_box->box->name_len == boxname_len
&& _wcsicmp(cur_box->box->name, boxname) == 0) {
box = cur_box->box;
break;
}
}
}
}
if (alert != 1)
force_alert = FALSE;
@ -756,34 +794,43 @@ _FX BOOLEAN Process_IsDcomLaunchParent(HANDLE ParentId)
//---------------------------------------------------------------------------
// Process_IsWindowsExplorerParent
// Process_IsProcessParent
//
// Note: Not used at the moment but leaving in place
// as it may prove to be useful later.
//---------------------------------------------------------------------------
_FX BOOLEAN Process_IsProcessParent(HANDLE ParentId, WCHAR* Name)
{
BOOLEAN retval = FALSE;
void* nbuf;
ULONG nlen;
WCHAR* nptr;
Process_GetProcessName(
Driver_Pool, (ULONG_PTR)ParentId, &nbuf, &nlen, &nptr);
if (nbuf) {
if (_wcsicmp(nptr, Name) == 0) {
retval = TRUE;
}
Mem_Free(nbuf, nlen);
}
return retval;
}
//---------------------------------------------------------------------------
// Process_IsWindowsExplorerParent
//---------------------------------------------------------------------------
_FX BOOLEAN Process_IsWindowsExplorerParent(HANDLE ParentId)
{
BOOLEAN retval = FALSE;
void *nbuf;
ULONG nlen;
WCHAR *nptr;
Process_GetProcessName(
Driver_Pool, (ULONG_PTR)ParentId, &nbuf, &nlen, &nptr);
if (nbuf) {
if (_wcsicmp(nptr, L"explorer.exe") == 0) {
retval = TRUE;
}
Mem_Free(nbuf, nlen);
}
return retval;
return Process_IsProcessParent(ParentId,L"explorer.exe");
}
@ -1368,7 +1415,7 @@ _FX BOOLEAN Process_CheckForceProcessList(
_FX BOX *Process_CheckForceProcess(
LIST *boxes, const WCHAR *name, BOOLEAN alert, ULONG *IsAlert)
LIST *boxes, const WCHAR *name, BOOLEAN alert, ULONG *IsAlert, HANDLE ParentId)
{
FORCE_BOX *box;
@ -1388,6 +1435,11 @@ _FX BOX *Process_CheckForceProcess(
return box->box;
}
//if (Process_IsWindowsExplorerParent(ParentId) && Conf_Get_Boolean(box->box->name, L"ForceExplorerChild", 0, FALSE)) {
// if(_wcsicmp(name,L"Sandman.exe")!=0)
// return box->box;
//}
box = List_Next(box);
}
@ -1743,3 +1795,112 @@ _FX BOOLEAN Process_DfpCheck(HANDLE ProcessId, BOOLEAN *silent)
return found;
}
//---------------------------------------------------------------------------
// Process_FcpInsert
//---------------------------------------------------------------------------
_FX VOID Process_FcpInsert(HANDLE ProcessId, const WCHAR* boxname)
{
FORCE_PROCESS_3 *proc;
KIRQL irql;
//
// called by Session_Api_ForceChildren, process list not locked
//
KeRaiseIrql(APC_LEVEL, &irql);
ExAcquireResourceExclusiveLite(Process_ListLock, TRUE);
Process_FcpDelete(ProcessId);
proc = Mem_Alloc(Driver_Pool, sizeof(FORCE_PROCESS_3));
proc->pid = ProcessId;
wmemcpy(proc->boxname, boxname, BOXNAME_COUNT);
#ifdef USE_PROCESS_MAP
map_insert(&Process_MapFcp, ProcessId, proc, 0);
#else
List_Insert_After(&Process_ListFcp, NULL, proc);
#endif
ExReleaseResourceLite(Process_ListLock);
KeLowerIrql(irql);
}
//---------------------------------------------------------------------------
// Process_FcpDelete
//---------------------------------------------------------------------------
_FX void Process_FcpDelete(HANDLE ProcessId)
{
FORCE_PROCESS_3 *proc;
#ifdef USE_PROCESS_MAP
if(map_take(&Process_MapFcp, ProcessId, &proc, 0))
Mem_Free(proc, sizeof(FORCE_PROCESS_3));
#else
proc = List_Head(&Process_ListFcp);
while (proc) {
if (proc->pid == ProcessId) {
List_Remove(&Process_ListFcp, proc);
Mem_Free(proc, sizeof(FORCE_PROCESS_3));
return;
}
proc = List_Next(proc);
}
#endif
}
//---------------------------------------------------------------------------
// Process_FcpCheck
//---------------------------------------------------------------------------
_FX BOOLEAN Process_FcpCheck(HANDLE ProcessId, WCHAR* boxname)
{
FORCE_PROCESS_3 *proc;
KIRQL irql;
BOOLEAN found = FALSE;
KeRaiseIrql(APC_LEVEL, &irql);
ExAcquireResourceExclusiveLite(Process_ListLock, TRUE);
#ifdef USE_PROCESS_MAP
proc = map_get(&Process_MapFcp, ProcessId);
if (proc) {
#else
proc = List_Head(&Process_ListFcp);
while (proc) {
if (proc->pid == ProcessId) {
#endif
if(boxname)
wmemcpy(boxname, proc->boxname, BOXNAME_COUNT);
found = TRUE;
#ifndef USE_PROCESS_MAP
break;
}
proc = List_Next(proc);
#endif
}
ExReleaseResourceLite(Process_ListLock);
KeLowerIrql(irql);
return found;
}

35
Sandboxie/core/drv/session.c
View File

@ -104,6 +104,8 @@ static NTSTATUS Session_Api_Leader(PROCESS *proc, ULONG64 *parms);
static NTSTATUS Session_Api_DisableForce(PROCESS *proc, ULONG64 *parms);
static NTSTATUS Session_Api_ForceChildren(PROCESS *proc, ULONG64 *parms);
static NTSTATUS Session_Api_MonitorControl(PROCESS *proc, ULONG64 *parms);
//static NTSTATUS Session_Api_MonitorPut(PROCESS *proc, ULONG64 *parms);
@ -141,6 +143,7 @@ _FX BOOLEAN Session_Init(void)
Api_SetFunction(API_SESSION_LEADER, Session_Api_Leader);
Api_SetFunction(API_DISABLE_FORCE_PROCESS, Session_Api_DisableForce);
Api_SetFunction(API_FORCE_CHILDREN, Session_Api_ForceChildren);
Api_SetFunction(API_MONITOR_CONTROL, Session_Api_MonitorControl);
//Api_SetFunction(API_MONITOR_PUT, Session_Api_MonitorPut);
Api_SetFunction(API_MONITOR_PUT2, Session_Api_MonitorPut2);
@ -496,6 +499,38 @@ _FX BOOLEAN Session_IsForceDisabled(ULONG SessionId)
}
//---------------------------------------------------------------------------
// Session_Api_ForceChildren
//---------------------------------------------------------------------------
_FX NTSTATUS Session_Api_ForceChildren(PROCESS *proc, ULONG64 *parms)
{
HANDLE process_id;
WCHAR *user_boxname;
WCHAR boxname[BOXNAME_COUNT];
if (proc)
return STATUS_NOT_IMPLEMENTED;
process_id = (HANDLE)parms[1];
memzero(boxname, sizeof(boxname));
user_boxname = (WCHAR *)parms[2];
if (user_boxname) {
ProbeForRead(user_boxname, sizeof(WCHAR) * (BOXNAME_COUNT - 2), sizeof(UCHAR));
if (user_boxname[0])
wcsncpy(boxname, user_boxname, (BOXNAME_COUNT - 2));
}
if(!process_id || process_id == (HANDLE)-1 || !boxname[0])
return STATUS_INVALID_PARAMETER;
Process_FcpInsert(process_id, boxname);
return STATUS_SUCCESS;
}
//---------------------------------------------------------------------------
// Session_IsLeader
//---------------------------------------------------------------------------

26
Sandboxie/core/drv/verify.c
View File

@ -842,8 +842,13 @@ _FX NTSTATUS KphValidateCertificate()
}
else if (!level || _wcsicmp(level, L"STANDARD") == 0) // not used, default does not have explicit level
Verify_CertInfo.level = eCertStandard;
else if (_wcsicmp(level, L"ADVANCED") == 0)
Verify_CertInfo.level = eCertAdvanced;
else if (_wcsicmp(level, L"ADVANCED") == 0)
{
if(Verify_CertInfo.type == eCertPatreon || Verify_CertInfo.type == eCertEntryPatreon)
Verify_CertInfo.level = eCertAdvanced1;
else
Verify_CertInfo.level = eCertAdvanced;
}
// scheme 1.1 >>>
else if (CERT_IS_TYPE(Verify_CertInfo, eCertPersonal) || CERT_IS_TYPE(Verify_CertInfo, eCertPatreon))
{
@ -851,6 +856,11 @@ _FX NTSTATUS KphValidateCertificate()
Verify_CertInfo.type = eCertEternal;
Verify_CertInfo.level = eCertMaxLevel;
}
else if (_wcsicmp(level, L"LARGE") == 0 && cert_date.QuadPart < KphGetDate(1, 04, 2022)) {
Verify_CertInfo.level = eCertAdvanced1;
expiration_date.QuadPart = -2;
}
// todo: 01.09.2025: remove code for expired case LARGE
else if (_wcsicmp(level, L"LARGE") == 0) { // 2 years - personal
if(CERT_IS_TYPE(Verify_CertInfo, eCertPatreon))
Verify_CertInfo.level = eCertStandard2;
@ -858,15 +868,11 @@ _FX NTSTATUS KphValidateCertificate()
Verify_CertInfo.level = eCertAdvanced;
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 0, 2); // 2 years
}
// todo: 01.09.2024: remove code for expired case MEDIUM
else if (_wcsicmp(level, L"MEDIUM") == 0) { // 1 year - personal
Verify_CertInfo.level = eCertStandard2;
}
else if (_wcsicmp(level, L"ENTRY") == 0) { // PATREON-ENTRY new patreons get only 3 montgs for start
Verify_CertInfo.level = eCertStandard2;
if(CERT_IS_TYPE(Verify_CertInfo, eCertPatreon))
Verify_CertInfo.type = eCertEntryPatreon;
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 3, 0);
}
// todo: 01.09.2024: remove code for expired case SMALL
else if (_wcsicmp(level, L"SMALL") == 0) { // 1 year - subscription
Verify_CertInfo.level = eCertStandard2;
Verify_CertInfo.type = eCertHome;
@ -886,7 +892,9 @@ _FX NTSTATUS KphValidateCertificate()
// check if this is a subscription type certificate
BOOLEAN isSubscription = CERT_IS_SUBSCRIPTION(Verify_CertInfo);
if (expiration_date.QuadPart != -1)
if (expiration_date.QuadPart == -2)
Verify_CertInfo.expired = 1; // but not outdated
else if (expiration_date.QuadPart != -1)
{
// check if this certificate is expired
if (expiration_date.QuadPart < LocalTime.QuadPart)

1
Sandboxie/core/drv/verify.h
View File

@ -79,6 +79,7 @@ enum ECertLevel {
eCertNoLevel = 0b000,
eCertStandard = 0b010,
eCertStandard2 = 0b011,
eCertAdvanced1 = 0b100,
eCertAdvanced = 0b101,
eCertMaxLevel = 0b111,
};

19
Sandboxie/core/svc/GuiServer.cpp
View File

@ -1092,11 +1092,26 @@ HANDLE GuiServer::GetJobObjectForAssign(const WCHAR *boxname)
//
if (ok) {
JOBOBJECT_EXTENDED_LIMIT_INFORMATION jobELInfo = {0};
jobELInfo.BasicLimitInformation.LimitFlags = JOB_OBJECT_LIMIT_BREAKAWAY_OK
| JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK;
ok = SetInformationJobObject(hJobObject, JobObjectExtendedLimitInformation, &jobELInfo, sizeof(jobELInfo));
ULONG TotalMemoryLimit = SbieApi_QueryConfNumber(boxname, L"TotalMemoryLimit", 0);
ULONG ProcessNumberLimit = SbieApi_QueryConfNumber(boxname, L"ProcessNumberLimit", 0);
ULONG ProcessMemoryLimit = SbieApi_QueryConfNumber(boxname, L"ProcessMemoryLimit", 0);
if (TotalMemoryLimit != 0) {
jobELInfo.JobMemoryLimit = TotalMemoryLimit;
jobELInfo.BasicLimitInformation.LimitFlags |= JOB_OBJECT_LIMIT_JOB_MEMORY;
}
if (ProcessNumberLimit != 0) {
jobELInfo.BasicLimitInformation.ActiveProcessLimit = ProcessNumberLimit;
jobELInfo.BasicLimitInformation.LimitFlags |= JOB_OBJECT_LIMIT_ACTIVE_PROCESS;
}
if (ProcessMemoryLimit != 0) {
jobELInfo.ProcessMemoryLimit = ProcessMemoryLimit;
jobELInfo.BasicLimitInformation.LimitFlags |= JOB_OBJECT_LIMIT_PROCESS_MEMORY;
}
ok = SetInformationJobObject(hJobObject, JobObjectExtendedLimitInformation, &jobELInfo, sizeof(jobELInfo));
}
}
if (! ok) {

2
Sandboxie/core/svc/MountManager.cpp
View File

@ -997,7 +997,7 @@ bool MountManager::AcquireBoxRoot(const WCHAR* boxname, const WCHAR* reg_root, c
std::wstring TargetNtPath;
SCertInfo CertInfo = { 0 };
if ((UseFileImage || UseRamDisk) && (!NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, -1, (ULONG_PTR)&CertInfo, sizeof(CertInfo))) || !CERT_IS_LEVEL(CertInfo, (UseFileImage ? eCertAdvanced : eCertStandard)))) {
if ((UseFileImage || UseRamDisk) && (!NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, -1, (ULONG_PTR)&CertInfo, sizeof(CertInfo))) || !CERT_IS_LEVEL(CertInfo, (UseFileImage ? eCertAdvanced1 : eCertStandard)))) {
const WCHAR* strings[] = { boxname, UseFileImage ? L"UseFileImage" : L"UseRamDisk" , NULL };
SbieApi_LogMsgExt(session_id, UseFileImage ? 6009 : 6008, strings);
errlvl = 0x66;

10
Sandboxie/core/svc/SboxSvc.vcxproj
View File

@ -373,6 +373,16 @@
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|ARM64EC'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|ARM64'">true</ExcludedFromBuild>
</ClCompile>
<ClCompile Include="..\..\common\rc4.c">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|ARM64EC'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|ARM64EC'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|ARM64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|ARM64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">true</ExcludedFromBuild>
</ClCompile>
<ClCompile Include="..\..\common\stream.c">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">true</ExcludedFromBuild>

3
Sandboxie/core/svc/SboxSvc.vcxproj.filters
View File

@ -84,6 +84,9 @@
<ClCompile Include="MountManagerHelpers.cpp">
<Filter>MountManager</Filter>
</ClCompile>
<ClCompile Include="..\..\common\rc4.c">
<Filter>common</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="misc.h" />

2
Sandboxie/core/svc/includes.cpp
View File

@ -39,6 +39,8 @@ extern "C" {
#define CRC_WITH_ADLER32
#include "common/crc.c"
#include "common/rc4.c"
#define PATTERN XPATTERN
#include "common/pattern.c"

3
Sandboxie/core/svc/msgids.h
View File

@ -100,6 +100,9 @@
#define MSGID_SBIE_INI_GET_VERSION 0x18AA
#define MSGID_SBIE_INI_GET_WAIT_HANDLE 0x18AB
#define MSGID_SBIE_INI_RUN_SBIE_CTRL 0x180A
#define MSGID_SBIE_INI_RC4_CRYPT 0x180F
//#define MSGID_SBIE_MGR 0x1900
#define MSGID_NETAPI 0x1A00
#define MSGID_NETAPI_USE_ADD 0x1A01

53
Sandboxie/core/svc/sbieiniserver.cpp
View File

@ -33,6 +33,9 @@
#include "common/my_version.h"
#define CRC_HEADER_ONLY
#include "common/crc.c"
#define RC4_HEADER_ONLY
#include "common/rc4.c"
#include "core/drv/api_defs.h"
#ifdef NEW_INI_MODE
extern "C" {
@ -147,6 +150,11 @@ MSG_HEADER *SbieIniServer::Handler2(MSG_HEADER *msg)
return RunSbieCtrl(msg, idProcess, NT_SUCCESS(status));
}
if (msg->msgid == MSGID_SBIE_INI_RC4_CRYPT) {
return RC4Crypt(msg, idProcess, NT_SUCCESS(status));
}
if (NT_SUCCESS(status)) // if sandboxed
return SHORT_REPLY(STATUS_NOT_SUPPORTED);
@ -2392,3 +2400,48 @@ MSG_HEADER *SbieIniServer::RunSbieCtrl(MSG_HEADER *msg, HANDLE idProcess, bool i
return SHORT_REPLY(status);
}
//---------------------------------------------------------------------------
// RC4Crypt
//---------------------------------------------------------------------------
MSG_HEADER *SbieIniServer::RC4Crypt(MSG_HEADER *msg, HANDLE idProcess, bool isSandboxed)
{
//
// The purpose of this function is to provide a simple machien bound obfuscation
// for example to store passwords which are required in plain text.
// To this end we use a Random 64 bit key which is generated once and stored in the registry
// as well as the rc4 algorythm for the encryption, applying the same transformation twice
// yealds the original plaintext, hence only one function is sufficient.
//
// Please note that neider the mechanism nor the use rc4 algorythm can be considdered
// cryptographically secure by any means.
// This mechanism is only good for simple obfuscation of non critical data.
//
SBIE_INI_RC4_CRYPT_REQ *req = (SBIE_INI_RC4_CRYPT_REQ *)msg;
if (req->h.length < sizeof(SBIE_INI_RC4_CRYPT_REQ))
return SHORT_REPLY(STATUS_INVALID_PARAMETER);
ULONG rpl_len = sizeof(SBIE_INI_RC4_CRYPT_RPL) + req->value_len;
SBIE_INI_RC4_CRYPT_RPL *rpl = (SBIE_INI_RC4_CRYPT_RPL *)LONG_REPLY(rpl_len);
if (!rpl)
return SHORT_REPLY(STATUS_INSUFFICIENT_RESOURCES);
rpl->value_len = req->value_len;
memcpy(rpl->value, req->value, req->value_len);
ULONG64 RandID = 0;
SbieApi_Call(API_GET_SECURE_PARAM, 3, L"RandID", (ULONG_PTR)&RandID, sizeof(RandID));
if (RandID == 0) {
srand(GetTickCount());
RandID = ULONG64(rand() & 0xFFFF) | (ULONG64(rand() & 0xFFFF) << 16) | (ULONG64(rand() & 0xFFFF) << 32) | (ULONG64(rand() & 0xFFFF) << 48);
SbieApi_Call(API_SET_SECURE_PARAM, 3, L"RandID", (ULONG_PTR)&RandID, sizeof(RandID));
}
rc4_crypt((BYTE*)&RandID, sizeof(RandID), 0x1000, rpl->value, rpl->value_len);
return (MSG_HEADER*)rpl;
}

2
Sandboxie/core/svc/sbieiniserver.h
View File

@ -105,6 +105,8 @@ protected:
MSG_HEADER *RunSbieCtrl(MSG_HEADER *msg, HANDLE idProcess, bool isSandboxed);
MSG_HEADER *RC4Crypt(MSG_HEADER *msg, HANDLE idProcess, bool isSandboxed);
protected:

23
Sandboxie/core/svc/sbieiniwire.h
View File

@ -174,6 +174,29 @@ struct tagSBIE_INI_PASSWORD_REQ
typedef struct tagSBIE_INI_PASSWORD_REQ SBIE_INI_PASSWORD_REQ;
//---------------------------------------------------------------------------
// rc4 Crypt
//---------------------------------------------------------------------------
struct tagSBIE_INI_RC4_CRYPT_REQ
{
MSG_HEADER h;
ULONG value_len;
UCHAR value[1];
};
struct tagSBIE_INI_RC4_CRYPT_RPL
{
MSG_HEADER h;
ULONG value_len;
UCHAR value[1];
};
typedef struct tagSBIE_INI_RC4_CRYPT_REQ SBIE_INI_RC4_CRYPT_REQ;
typedef struct tagSBIE_INI_RC4_CRYPT_RPL SBIE_INI_RC4_CRYPT_RPL;
//---------------------------------------------------------------------------

8
Sandboxie/install/Templates.ini
View File

@ -1034,6 +1034,7 @@ Tmpl.ScanService=edgeupdate
# SBIE fix for MS Edge WebView2
#ExternalManifestHack=msedgewebview2.exe,y
NormalFilePath=msedge.exe,%LocalAppData%\Microsoft\Edge\User Data\Default\Secure Preferences
FakeAdminRights=msedge.exe,n
#
# Vivaldi
@ -3692,6 +3693,13 @@ ClosedKeyPath=<Template_Chromes>,HKEY_CURRENT_USER\Software\Microsoft\Windows\Sh
ClosedKeyPath=<Template_Chromes>,HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice
ProcessGroup=<Template_Chromes>,chrome.exe
[Template_NotepadPlusPlus_fix]
Tmpl.Title=#4342,Notepad++
Tmpl.Class=Misc
Tmpl.Url=https://github.com/search?q=repo%3Asandboxie-plus%2FSandboxie+NppShell.dll&type=issues
Tmpl.ScanScript=if(system.version().major != 11) return false; return system.checkRegKey("\\REGISTRY\\MACHINE\\SOFTWARE\\CLASSES\\CLSID\\{B298D29A-A6ED-11DE-BA8C-A68E55D89593}")
ClosedFilePath=explorer.exe,*\contextMenu\NppShell.dll

4
Sandboxie/msgs/Sbie-English-1033.txt
View File

@ -751,6 +751,10 @@ SBIE2332 Cannot access file SbiePst.dat
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/Text-German-1031.txt
View File

@ -702,6 +702,10 @@ SBIE2337 Konnte Programm nicht starten: %2
SBIE2338 Nicht unterstützte Architektur in Prozess %2 vorgefunden
.
2360;pop;err;01
SBIE2360 Fehler beim Injizieren des SOCKS5-Proxy: %2
.
#----------------------------------------------------------------------------
# SbieSvc
#----------------------------------------------------------------------------

4
Sandboxie/msgs/Text-Korean-1042.txt
View File

@ -751,6 +751,10 @@ SBIE2332 SbiePst.dat 파일에 액세스할 수 없습니다
SBIE2335 %2 프로세스에 대해 초기화하지 못했습니다
.
2360;pop;err;01
SBIE2360 SOCKS5 프록시를 삽입하지 못했습니다: %2
.
2336;pop;err;01
SBIE2336 GUI 서버의 오류: %2
.

4
Sandboxie/msgs/Text-SimpChinese-2052.txt
View File

@ -733,6 +733,10 @@ SBIE2332 无法访问文件 SbiePst.dat
SBIE2335 进程 %2 初始化失败
.
2360;pop;err;01
SBIE2360 注入 SOCKS5 代理失败: %2
.
2336;pop;err;01
SBIE2336 GUI 服务器出错: %2
.

4
Sandboxie/msgs/report/Report-Albanian.txt
View File

@ -190,6 +190,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Arabic.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Bulgarian.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Croatian.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Czech.txt
View File

@ -174,6 +174,10 @@ SBIE2302 Process image configuration conflict: %2
SBIE2325 Debug: %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2338;pop;err;01
SBIE2338 Encountered unsupported architecture in process: %2
.

4
Sandboxie/msgs/report/Report-Danish.txt
View File

@ -222,6 +222,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Dutch.txt
View File

@ -142,6 +142,10 @@ SBIE2246 Failed to mount box image, ImBox error %2
SBIE2325 Debug: %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2338;pop;err;01
SBIE2338 Encountered unsupported architecture in process: %2
.

4
Sandboxie/msgs/report/Report-Estonian.txt
View File

@ -222,6 +222,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Farsi.txt
View File

@ -174,6 +174,10 @@ SBIE2302 Process image configuration conflict: %2
SBIE2325 Debug: %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2338;pop;err;01
SBIE2338 Encountered unsupported architecture in process: %2
.

4
Sandboxie/msgs/report/Report-Finnish.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-French.txt
View File

@ -14,6 +14,10 @@ SBIE1206 Your Windows build (%2) is not yet supported by sandboxie, error: %3
SBIE1207 Your Windows build (%2) is not yet supported by Sandboxie, which means applications will run without security isolation!
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
3001;txt;01
&OK
.

4
Sandboxie/msgs/report/Report-Greek.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Hebrew.txt
View File

@ -174,6 +174,10 @@ SBIE2302 Process image configuration conflict: %2
SBIE2325 Debug: %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2338;pop;err;01
SBIE2338 Encountered unsupported architecture in process: %2
.

4
Sandboxie/msgs/report/Report-Hungarian.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Indonesian.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Italian.txt
View File

@ -78,6 +78,10 @@ SBIE2244 Failed to mount box image, Password required
SBIE2246 Failed to mount box image, ImBox error %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
6008;pop;err;01
The configuration %3 of box %2 requires a supporter certificate and can not be used without it.
.

4
Sandboxie/msgs/report/Report-Japanese.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Macedonian.txt
View File

@ -222,6 +222,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Polish.txt
View File

@ -18,6 +18,10 @@ SBIE1207 Your Windows build (%2) is not yet supported by Sandboxie, which means
SBIE1222 Error with security token: %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
*==========
* Extraneous Messages in Text-Polish-1045.txt
*==========

4
Sandboxie/msgs/report/Report-Portuguese.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-PortugueseBr.txt
View File

@ -114,6 +114,10 @@ SBIE2246 Failed to mount box image, ImBox error %2
SBIE2325 Debug: %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
3469;txt;01
What's new in Sandboxie-Plus
.

4
Sandboxie/msgs/report/Report-Russian.txt
View File

@ -14,3 +14,7 @@ SBIE1206 Your Windows build (%2) is not yet supported by sandboxie, error: %3
SBIE1207 Your Windows build (%2) is not yet supported by Sandboxie, which means applications will run without security isolation!
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.

4
Sandboxie/msgs/report/Report-Slovak.txt
View File

@ -186,6 +186,10 @@ SBIE2325 Debug: %2
SBIE2335 Initialization failed for process %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2336;pop;err;01
SBIE2336 Error in GUI server: %2
.

4
Sandboxie/msgs/report/Report-Spanish.txt
View File

@ -158,6 +158,10 @@ SBIE2302 Process image configuration conflict: %2
SBIE2325 Debug: %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2338;pop;err;01
SBIE2338 Encountered unsupported architecture in process: %2
.

4
Sandboxie/msgs/report/Report-Swedish.txt
View File

@ -130,6 +130,10 @@ SBIE2246 Failed to mount box image, ImBox error %2
SBIE2325 Debug: %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2338;pop;err;01
SBIE2338 Encountered unsupported architecture in process: %2
.

4
Sandboxie/msgs/report/Report-TradChinese.txt
View File

@ -122,6 +122,10 @@ SBIE2244 Failed to mount box image, Password required
SBIE2246 Failed to mount box image, ImBox error %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2338;pop;err;01
SBIE2338 Encountered unsupported architecture in process: %2
.

4
Sandboxie/msgs/report/Report-Turkish.txt
View File

@ -2,5 +2,7 @@
* Missing Messages in Text-Turkish-1055.txt
*==========
There are no missing messages.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.

4
Sandboxie/msgs/report/Report-Ukrainian.txt
View File

@ -122,6 +122,10 @@ SBIE2244 Failed to mount box image, Password required
SBIE2246 Failed to mount box image, ImBox error %2
.
2360;pop;err;01
SBIE2360 Failed to inject SOCKS5 proxy: %2
.
2338;pop;err;01
SBIE2338 Encountered unsupported architecture in process: %2
.

24
SandboxiePlus/MiscHelpers/Common/Common.cpp
View File

@ -617,16 +617,16 @@ bool InitConsole(bool bCreateIfNeeded)
// avoid flashing a bright white window when in dark mode
//
void SafeShow(QWidget* pWidget) {
static bool Lock = false;
pWidget->setProperty("windowOpacity", 0.0);
if (Lock == false) {
Lock = true;
pWidget->show();
QApplication::processEvents(QEventLoop::ExcludeSocketNotifiers);
Lock = false;
} else
pWidget->show();
pWidget->setProperty("windowOpacity", 1.0);
}
//void SafeShow(QWidget* pWidget) {
// static bool Lock = false;
// pWidget->setProperty("windowOpacity", 0.0);
// if (Lock == false) {
// Lock = true;
// pWidget->show();
// QApplication::processEvents(QEventLoop::ExcludeSocketNotifiers);
// Lock = false;
// } else
// pWidget->show();
// pWidget->setProperty("windowOpacity", 1.0);
//}

2
SandboxiePlus/MiscHelpers/Common/Common.h
View File

@ -115,7 +115,7 @@ MISCHELPERS_EXPORT void SetPaleteTexture(QPalette& palette, QPalette::ColorRole
MISCHELPERS_EXPORT bool InitConsole(bool bCreateIfNeeded = true);
#endif
MISCHELPERS_EXPORT void SafeShow(QWidget* pWidget);
//MISCHELPERS_EXPORT void SafeShow(QWidget* pWidget);
template <typename T>
QSet<T> ListToSet(const QList<T>& qList) { return QSet<T>(qList.begin(), qList.end()); }

15
SandboxiePlus/SandMan/Dialogs/MultiErrorDialog.cpp → SandboxiePlus/MiscHelpers/Common/MultiErrorDialog.cpp
View File

@ -1,22 +1,21 @@
#include "stdafx.h"
#include "../../MiscHelpers/Common/Settings.h"
#include "Settings.h"
#include "MultiErrorDialog.h"
#include "..\SandMan.h"
CMultiErrorDialog::CMultiErrorDialog(const QString& Message, const QStringList& Errors, QWidget* parent)
CMultiErrorDialog::CMultiErrorDialog(const QString& Title, const QString& Message, const QStringList& Errors, QWidget* parent)
: QDialog(parent)
{
this->setWindowTitle(tr("Sandboxie-Plus - Error"));
this->setWindowTitle(Title);
m_pMainLayout = new QGridLayout(this);
int Row = 0;
m_pMainLayout->addWidget(new QLabel(Message), Row++, 0, 1, 4);
m_pErrors = new CPanelWidgetEx();
m_pErrors->GetTree()->setItemDelegate(new CTreeItemDelegate());
//m_pErrors->GetTree()->setItemDelegate(new CTreeItemDelegate());
m_pErrors->GetTree()->setHeaderLabels(tr("Message").split("|"));
//m_pErrors->GetTree()->setHeaderLabels(tr("Message").split("|"));
m_pErrors->GetView()->setSelectionMode(QAbstractItemView::ExtendedSelection);
m_pErrors->GetView()->setSortingEnabled(false);
@ -31,7 +30,7 @@ CMultiErrorDialog::CMultiErrorDialog(const QString& Message, const QStringList&
connect(m_pButtonBox,SIGNAL(accepted()),this,SLOT(accept()));
connect(m_pButtonBox,SIGNAL(rejected()),this,SLOT(reject()));
restoreGeometry(theConf->GetBlob("ErrorWindow/Window_Geometry"));
//restoreGeometry(theConf->GetBlob("ErrorWindow/Window_Geometry"));
foreach(const QString& Error, Errors)
@ -47,5 +46,5 @@ CMultiErrorDialog::CMultiErrorDialog(const QString& Message, const QStringList&
CMultiErrorDialog::~CMultiErrorDialog()
{
theConf->SetBlob("ErrorWindow/Window_Geometry", saveGeometry());
//theConf->SetBlob("ErrorWindow/Window_Geometry", saveGeometry());
}

7
SandboxiePlus/SandMan/Dialogs/MultiErrorDialog.h → SandboxiePlus/MiscHelpers/Common/MultiErrorDialog.h
View File

@ -1,13 +1,12 @@
#pragma once
#include "../../MiscHelpers/Common/PanelView.h"
#include "../../QSbieAPI/SbieStatus.h"
#include "PanelView.h"
class CMultiErrorDialog : public QDialog
class MISCHELPERS_EXPORT CMultiErrorDialog : public QDialog
{
Q_OBJECT
public:
CMultiErrorDialog(const QString& Message, const QStringList& Errors, QWidget* parent = 0);
CMultiErrorDialog(const QString& Title, const QString& Message, const QStringList& Errors, QWidget* parent = 0);
virtual ~CMultiErrorDialog();
private:

2
SandboxiePlus/MiscHelpers/MiscHelpers.pri
View File

@ -35,6 +35,7 @@ HEADERS += ./MiscHelpers.h \
./Common/NeonEffect.h \
./Common/NetworkAccessManager.h \
./Common/MT/ThreadLock.h \
./Common/MultiErrorDialog.h \
./Archive/Archive.h \
./Archive/ArchiveFS.h \
./Archive/ArchiveExtractor.h \
@ -70,6 +71,7 @@ SOURCES += ./MiscHelpers.cpp \
./Common/TreeItemModel.cpp \
./Common/Xml.cpp \
./Common/MT/ThreadLock.cpp \
./Common/MultiErrorDialog.cpp \
./Archive/Archive.cpp \
./Archive/ArchiveFS.cpp \
./Archive/ArchiveExtractor.cpp \

2
SandboxiePlus/MiscHelpers/MiscHelpers.vcxproj
View File

@ -234,6 +234,7 @@
<ClCompile Include="Common\KeyValueInputDialog.cpp" />
<ClCompile Include="Common\ListItemModel.cpp" />
<ClCompile Include="Common\MT\ThreadLock.cpp" />
<ClCompile Include="Common\MultiErrorDialog.cpp" />
<ClCompile Include="Common\MultiLineInputDialog.cpp" />
<ClCompile Include="Common\OtherFunctions.cpp" />
<ClCompile Include="Common\PanelView.cpp" />
@ -278,6 +279,7 @@
<QtMoc Include="Common\ItemChooser.h" />
<QtMoc Include="Common\KeyValueInputDialog.h" />
<QtMoc Include="Common\ListItemModel.h" />
<QtMoc Include="Common\MultiErrorDialog.h" />
<QtMoc Include="Common\MultiLineInputDialog.h" />
<QtMoc Include="Common\PanelView.h" />
<QtMoc Include="Common\ProgressDialog.h" />

6
SandboxiePlus/MiscHelpers/MiscHelpers.vcxproj.filters
View File

@ -62,6 +62,9 @@
</ClCompile>
<ClCompile Include="Common\ListItemModel.cpp">
<Filter>Common</Filter>
</ClCompile>
<ClCompile Include="Common\MultiErrorDialog.cpp">
<Filter>Common</Filter>
</ClCompile>
<ClCompile Include="Common\MultiLineInputDialog.cpp">
<Filter>Common</Filter>
@ -218,6 +221,9 @@
</QtMoc>
<QtMoc Include="Common\ListItemModel.h">
<Filter>Common</Filter>
</QtMoc>
<QtMoc Include="Common\MultiErrorDialog.h">
<Filter>Common</Filter>
</QtMoc>
<QtMoc Include="Common\MultiLineInputDialog.h">
<Filter>Common</Filter>

21
SandboxiePlus/QSbieAPI/SbieAPI.cpp
View File

@ -2150,6 +2150,27 @@ void CSbieAPI::ClearPassword()
m->Password.clear();
}
SB_RESULT(QByteArray) CSbieAPI::RC4Crypt(const QByteArray& Data)
{
ULONG req_len = sizeof(SBIE_INI_RC4_CRYPT_REQ) + Data.size();
SScoped<SBIE_INI_RC4_CRYPT_REQ> req(malloc(req_len));
req->h.length = req_len;
req->h.msgid = MSGID_SBIE_INI_RC4_CRYPT;
req->value_len = Data.size();
memcpy(req->value, Data.constData(), req->value_len);
SScoped<SBIE_INI_RC4_CRYPT_RPL> rpl;
SB_STATUS Status = CallServer(&req->h, &rpl);
if (!Status)
return Status;
if (!rpl)
return SB_ERR(ERROR_SERVER_DISABLED);
if (rpl->h.status != 0)
return SB_ERR(rpl->h.status);
return CSbieResult<QByteArray>(QByteArray((char*)rpl->value, rpl->value_len));
}
bool CSbieAPI::GetDriverInfo(quint32 InfoClass, void* pBuffer, size_t Size)
{
__declspec(align(8)) ULONG64 parms[API_NUM_ARGS];

2
SandboxiePlus/QSbieAPI/SbieAPI.h
View File

@ -108,6 +108,8 @@ public:
virtual SB_STATUS LockConfig(const QString& NewPassword);
virtual void ClearPassword();
virtual SB_RESULT(QByteArray) RC4Crypt(const QByteArray& Data);
virtual bool GetDriverInfo(quint32 InfoClass, void* pBuffer, size_t Size);
enum EFeatureFlags

3
SandboxiePlus/QSbieAPI/SbieTrace.cpp
View File

@ -113,7 +113,7 @@ QList<quint32> CTraceEntry::AllTypes()
<< MONITOR_KEY << MONITOR_FILE << MONITOR_PIPE
<< MONITOR_IPC << MONITOR_RPC << MONITOR_COMCLASS << MONITOR_RTCLASS
<< MONITOR_WINCLASS << MONITOR_DRIVE << MONITOR_IGNORE << MONITOR_IMAGE
<< MONITOR_NETFW << MONITOR_SCM << MONITOR_OTHER;
<< MONITOR_NETFW << MONITOR_DNS << MONITOR_SCM << MONITOR_OTHER;
}
QString CTraceEntry::GetTypeStr(quint32 Type)
@ -134,6 +134,7 @@ QString CTraceEntry::GetTypeStr(quint32 Type)
case MONITOR_FILE: return "File"; break;
case MONITOR_KEY: return "Key"; break;
case MONITOR_NETFW: return "Socket"; break;
case MONITOR_DNS: return "Dns"; break;
case MONITOR_SCM: return "SCM"; break; // Service Control Manager
case MONITOR_OTHER: return "Debug"; break;
default: return QString();

523
SandboxiePlus/SandMan/Forms/OptionsWindow.ui
View File

@ -7,7 +7,7 @@
<x>0</x>
<y>0</y>
<width>785</width>
<height>539</height>
<height>557</height>
</rect>
</property>
<property name="sizePolicy">
@ -45,7 +45,7 @@
<enum>QTabWidget::North</enum>
</property>
<property name="currentIndex">
<number>1</number>
<number>7</number>
</property>
<widget class="QWidget" name="tabGeneral">
<attribute name="title">
@ -696,7 +696,7 @@
<item row="10" column="1" colspan="2">
<widget class="QCheckBox" name="chkProtectPower">
<property name="text">
<string>Prevent sandboxed processes from interfering with power operations</string>
<string>Prevent sandboxed processes from interfering with power operations (Experimental)</string>
</property>
</widget>
</item>
@ -819,21 +819,21 @@
</item>
<item row="12" column="1" colspan="2">
<widget class="QCheckBox" name="chkUserOperation">
<property name="statusTip">
<string>Prevent move mouse, bring in front, and simmilar operations.</string>
<property name="toolTip">
<string>Prevent move mouse, bring in front, and similar operations, this is likely to cause issues with games.</string>
</property>
<property name="text">
<string>Prevent interference with the unser interface (Experimental, see tooltop)</string>
<string>Prevent interference with the user interface (Experimental)</string>
</property>
</widget>
</item>
<item row="13" column="1" colspan="2">
<widget class="QCheckBox" name="chkBlockCapture">
<property name="statusTip">
<string>This feature does not block all means of optaining a screen capture only some common once, also it may cause UI glitches</string>
<property name="toolTip">
<string>This feature does not block all means of obtaining a screen capture, only some common ones.</string>
</property>
<property name="text">
<string>Prevent sandboxed processes from capturing window images (Experimental unstable, see tooltip)</string>
<string>Prevent sandboxed processes from capturing window images (Experimental, may cause UI glitches)</string>
</property>
</widget>
</item>
@ -3090,7 +3090,7 @@ The process match level has a higher priority than the specificity and describes
<item row="1" column="0">
<widget class="QTabWidget" name="tabsInternet">
<property name="currentIndex">
<number>2</number>
<number>3</number>
</property>
<widget class="QWidget" name="tabINet">
<attribute name="title">
@ -3348,20 +3348,276 @@ The process match level has a higher priority than the specificity and describes
</item>
</layout>
</widget>
<widget class="QWidget" name="tabDNS">
<attribute name="title">
<string>DNS Filter</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_66">
<property name="leftMargin">
<number>3</number>
</property>
<property name="rightMargin">
<number>3</number>
</property>
<property name="bottomMargin">
<number>3</number>
</property>
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_65">
<item row="1" column="1">
<widget class="QPushButton" name="btnAddDns">
<property name="text">
<string>Add Filter</string>
</property>
</widget>
</item>
<item row="2" column="1">
<spacer name="verticalSpacer_32">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="0" column="0">
<widget class="QLabel" name="label_19">
<property name="text">
<string>With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect.</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="3" column="1">
<widget class="QPushButton" name="btnDelDns">
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="1" column="0" rowspan="3">
<widget class="QTreeWidget" name="treeDns">
<property name="sortingEnabled">
<bool>true</bool>
</property>
<column>
<property name="text">
<string>Program</string>
</property>
</column>
<column>
<property name="text">
<string>Domain</string>
</property>
</column>
<column>
<property name="text">
<string>IP</string>
</property>
</column>
</widget>
</item>
</layout>
</item>
</layout>
</widget>
<widget class="QWidget" name="tabNetProxy">
<attribute name="title">
<string>Internet Proxy</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_64">
<property name="leftMargin">
<number>3</number>
</property>
<property name="rightMargin">
<number>3</number>
</property>
<property name="bottomMargin">
<number>3</number>
</property>
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_15">
<item row="4" column="1">
<layout class="QVBoxLayout" name="verticalLayout_3">
<property name="spacing">
<number>2</number>
</property>
<item>
<layout class="QHBoxLayout" name="horizontalLayout_4">
<item>
<widget class="QPushButton" name="btnMoveProxyUp">
<property name="text">
<string>Move Up</string>
</property>
</widget>
</item>
</layout>
</item>
<item>
<layout class="QHBoxLayout" name="horizontalLayout_5">
<item>
<widget class="QPushButton" name="btnMoveProxyDown">
<property name="text">
<string>Move Down</string>
</property>
</widget>
</item>
</layout>
</item>
</layout>
</item>
<item row="7" column="1">
<widget class="QPushButton" name="btnDelProxy">
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="1" column="1">
<widget class="QPushButton" name="btnAddProxy">
<property name="text">
<string>Add Proxy</string>
</property>
</widget>
</item>
<item row="5" column="1">
<spacer name="verticalSpacer_41">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="0" column="0">
<widget class="QLabel" name="label_18">
<property name="text">
<string>Sandboxed programs can be forced to use a preset SOCKS5 proxy.</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="6" column="1">
<widget class="QCheckBox" name="chkProxyResolveHostnames">
<property name="text">
<string>Resolve hostnames via proxy</string>
</property>
</widget>
</item>
<item row="1" column="0" rowspan="7">
<widget class="QTreeWidget" name="treeProxy">
<property name="sortingEnabled">
<bool>false</bool>
</property>
<column>
<property name="text">
<string>Program</string>
</property>
</column>
<column>
<property name="text">
<string>IP</string>
</property>
</column>
<column>
<property name="text">
<string>Port</string>
</property>
</column>
<column>
<property name="text">
<string>Auth</string>
</property>
</column>
<column>
<property name="text">
<string>Login</string>
</property>
</column>
<column>
<property name="text">
<string>Password</string>
</property>
</column>
</widget>
</item>
<item row="3" column="1">
<spacer name="verticalSpacer_33">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="2" column="1">
<widget class="QPushButton" name="btnTestProxy">
<property name="text">
<string>Test Proxy</string>
</property>
</widget>
</item>
</layout>
</item>
</layout>
</widget>
<widget class="QWidget" name="tabNetConfig">
<attribute name="title">
<string>Other Options</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_64">
<layout class="QGridLayout" name="gridLayout_81">
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_30">
<item row="5" column="1">
<widget class="QCheckBox" name="chkBlockNetParam">
<layout class="QGridLayout" name="gridLayout_80">
<item row="1" column="1">
<widget class="QCheckBox" name="chkBlockSamba">
<property name="text">
<string>Prevent change to network and firewall parameters (user mode)</string>
<string>Block common SAMBA ports</string>
</property>
</widget>
</item>
<item row="4" column="1">
<widget class="QCheckBox" name="chkBlockNetShare">
<property name="text">
<string>Block network files and folders, unless specifically opened.</string>
</property>
</widget>
</item>
<item row="2" column="1">
<widget class="QCheckBox" name="chkBlockDns">
<property name="text">
<string>Block DNS, UDP port 53</string>
</property>
</widget>
</item>
<item row="6" column="0">
<spacer name="verticalSpacer_10">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="0" column="0">
<widget class="QLabel" name="lblPorts">
<property name="font">
@ -3371,20 +3627,23 @@ The process match level has a higher priority than the specificity and describes
<kerning>true</kerning>
</font>
</property>
<property name="toolTip">
<string>Protect the system from sandboxed processes</string>
</property>
<property name="text">
<string>Port Blocking</string>
</property>
</widget>
</item>
<item row="4" column="1">
<widget class="QCheckBox" name="chkBlockNetShare">
<property name="text">
<string>Block network files and folders, unless specifically opened.</string>
<item row="6" column="1">
<spacer name="horizontalSpacer_18">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
</widget>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="3" column="0">
<widget class="QLabel" name="lblNetwork">
@ -3403,43 +3662,10 @@ The process match level has a higher priority than the specificity and describes
</property>
</widget>
</item>
<item row="6" column="0">
<spacer name="verticalSpacer_10">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="1" column="1">
<widget class="QCheckBox" name="chkBlockSamba">
<item row="5" column="1">
<widget class="QCheckBox" name="chkBlockNetParam">
<property name="text">
<string>Block common SAMBA ports</string>
</property>
</widget>
</item>
<item row="6" column="1">
<spacer name="horizontalSpacer_18">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="2" column="1">
<widget class="QCheckBox" name="chkBlockDns">
<property name="text">
<string>Block DNS, UDP port 53</string>
<string>Prevent change to network and firewall parameters (user mode)</string>
</property>
</widget>
</item>
@ -4557,6 +4783,13 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
</property>
</widget>
</item>
<item row="10" column="4">
<widget class="QCheckBox" name="chkDnsTrace">
<property name="text">
<string>DNS Request Logging</string>
</property>
</widget>
</item>
<item row="8" column="1" colspan="2">
<widget class="QCheckBox" name="chkGuiTrace">
<property name="text">
@ -4753,9 +4986,100 @@ instead of &quot;*&quot;.</string>
</property>
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_3">
<item row="1" column="0">
<widget class="QLabel" name="label_6">
<property name="text">
<string>Filter Categories</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="6" column="4">
<widget class="QToolButton" name="btnDelTemplate">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>0</width>
<height>23</height>
</size>
</property>
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="2" column="0" rowspan="6" colspan="4">
<widget class="QTreeWidget" name="treeTemplates">
<property name="selectionMode">
<enum>QAbstractItemView::ExtendedSelection</enum>
</property>
<property name="sortingEnabled">
<bool>true</bool>
</property>
<column>
<property name="text">
<string>Category</string>
</property>
</column>
<column>
<property name="text">
<string>Name</string>
</property>
</column>
</widget>
</item>
<item row="2" column="4">
<widget class="QToolButton" name="btnAddTemplate">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>0</width>
<height>23</height>
</size>
</property>
<property name="text">
<string>Add Template</string>
</property>
</widget>
</item>
<item row="1" column="1">
<widget class="QComboBox" name="cmbCategories"/>
</item>
<item row="1" column="2">
<widget class="QLabel" name="label_15">
<property name="text">
<string>Text Filter</string>
</property>
</widget>
</item>
<item row="1" column="3">
<widget class="QLineEdit" name="txtTemplates"/>
</item>
<item row="4" column="4">
<widget class="QToolButton" name="btnOpenTemplate">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="text">
<string>Open Template</string>
</property>
</widget>
</item>
<item row="0" column="0" colspan="4">
<widget class="QLabel" name="label_13">
<property name="text">
@ -4779,83 +5103,18 @@ instead of &quot;*&quot;.</string>
</property>
</spacer>
</item>
<item row="1" column="2">
<widget class="QLabel" name="label_15">
<property name="text">
<string>Text Filter</string>
<item row="5" column="4">
<spacer name="verticalSpacer_42">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
</widget>
</item>
<item row="1" column="3">
<widget class="QLineEdit" name="txtTemplates"/>
</item>
<item row="2" column="4">
<widget class="QToolButton" name="btnAddTemplate">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<property name="sizeHint" stdset="0">
<size>
<width>0</width>
<height>23</height>
<width>20</width>
<height>40</height>
</size>
</property>
<property name="text">
<string>Add Template</string>
</property>
</widget>
</item>
<item row="1" column="0">
<widget class="QLabel" name="label_6">
<property name="text">
<string>Filter Categories</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="2" column="0" rowspan="4" colspan="4">
<widget class="QTreeWidget" name="treeTemplates">
<property name="selectionMode">
<enum>QAbstractItemView::ExtendedSelection</enum>
</property>
<property name="sortingEnabled">
<bool>true</bool>
</property>
<column>
<property name="text">
<string>Category</string>
</property>
</column>
<column>
<property name="text">
<string>Name</string>
</property>
</column>
</widget>
</item>
<item row="4" column="4">
<widget class="QToolButton" name="btnDelTemplate">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>0</width>
<height>23</height>
</size>
</property>
<property name="text">
<string>Remove</string>
</property>
</widget>
</spacer>
</item>
</layout>
</item>

2
SandboxiePlus/SandMan/Forms/SelectBoxWindow.ui
View File

@ -6,7 +6,7 @@
<rect>
<x>0</x>
<y>0</y>
<width>263</width>
<width>290</width>
<height>430</height>
</rect>
</property>

267
SandboxiePlus/SandMan/Forms/SettingsWindow.ui
View File

@ -77,7 +77,7 @@
<item>
<widget class="QCheckBox" name="chkSuspend">
<property name="text">
<string>Hotkey for suspending all process</string>
<string>Hotkey for suspending all processes:</string>
</property>
</widget>
</item>
@ -1088,20 +1088,64 @@
<layout class="QGridLayout" name="gridLayout_32">
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_31">
<item row="1" column="2">
<widget class="QComboBox" name="cmbDPI"/>
</item>
<item row="2" column="1">
<widget class="QLabel" name="label_24">
<item row="1" column="1">
<widget class="QLabel" name="label_23">
<property name="text">
<string>Font Scaling</string>
<string>High DPI Scaling</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="4" column="3">
<item row="2" column="3">
<widget class="QLabel" name="label_13">
<property name="text">
<string>%</string>
</property>
</widget>
</item>
<item row="6" column="1">
<widget class="QLabel" name="label_26">
<property name="text">
<string>External Ini Editor</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="5" column="1">
<widget class="QLabel" name="label_6">
<property name="text">
<string>Ini Editor Font</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="2" column="2">
<widget class="QComboBox" name="cmbFontScale">
<property name="editable">
<bool>true</bool>
</property>
</widget>
</item>
<item row="7" column="4">
<spacer name="horizontalSpacer_20">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="5" column="3">
<layout class="QHBoxLayout" name="horizontalLayout_4">
<item>
<widget class="QPushButton" name="btnSelectIniFont">
@ -1138,8 +1182,11 @@
</item>
</layout>
</item>
<item row="6" column="2">
<spacer name="horizontalSpacer_18">
<item row="1" column="2">
<widget class="QComboBox" name="cmbDPI"/>
</item>
<item row="7" column="0">
<spacer name="horizontalSpacer_17">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
@ -1155,7 +1202,6 @@
<widget class="QLabel" name="lblDisplay">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
<kerning>true</kerning>
</font>
@ -1165,18 +1211,8 @@
</property>
</widget>
</item>
<item row="1" column="1">
<widget class="QLabel" name="label_23">
<property name="text">
<string>High DPI Scaling</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="6" column="4">
<spacer name="horizontalSpacer_20">
<item row="7" column="2">
<spacer name="horizontalSpacer_18">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
@ -1188,28 +1224,7 @@
</property>
</spacer>
</item>
<item row="3" column="0">
<widget class="QLabel" name="lblIni">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="text">
<string>Ini Options</string>
</property>
</widget>
</item>
<item row="2" column="3">
<widget class="QLabel" name="label_13">
<property name="text">
<string>%</string>
</property>
</widget>
</item>
<item row="6" column="3">
<item row="7" column="3">
<spacer name="horizontalSpacer_19">
<property name="orientation">
<enum>Qt::Horizontal</enum>
@ -1222,17 +1237,24 @@
</property>
</spacer>
</item>
<item row="4" column="1">
<widget class="QLabel" name="label_6">
<item row="2" column="1">
<widget class="QLabel" name="label_24">
<property name="text">
<string>Ini Editor Font</string>
<string>Font Scaling</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="6" column="1">
<item row="5" column="2">
<widget class="QLabel" name="lblIniEditFont">
<property name="text">
<string>#</string>
</property>
</widget>
</item>
<item row="7" column="1">
<spacer name="verticalSpacer_10">
<property name="orientation">
<enum>Qt::Vertical</enum>
@ -1245,19 +1267,8 @@
</property>
</spacer>
</item>
<item row="4" column="2">
<widget class="QLabel" name="lblIniEditFont">
<property name="text">
<string>#</string>
</property>
</widget>
</item>
<item row="2" column="2">
<widget class="QComboBox" name="cmbFontScale">
<property name="editable">
<bool>true</bool>
</property>
</widget>
<item row="6" column="2" colspan="2">
<widget class="QLineEdit" name="txtEditor"/>
</item>
<item row="1" column="3">
<widget class="QLabel" name="label">
@ -1266,29 +1277,23 @@
</property>
</widget>
</item>
<item row="6" column="0">
<spacer name="horizontalSpacer_17">
<property name="orientation">
<enum>Qt::Horizontal</enum>
<item row="4" column="0">
<widget class="QLabel" name="lblIni">
<property name="font">
<font>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="5" column="2" colspan="2">
<widget class="QLineEdit" name="txtEditor"/>
</item>
<item row="5" column="1">
<widget class="QLabel" name="label_26">
<property name="text">
<string>External Ini Editor</string>
<string>Ini Options</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</widget>
</item>
<item row="3" column="1" colspan="4">
<widget class="QCheckBox" name="chkHide">
<property name="text">
<string>Hide SandMan windows from screen capture (UI restart required)</string>
</property>
</widget>
</item>
@ -2523,22 +2528,36 @@ Unlike the preview channel, it does not include untested, potentially breaking,
</property>
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_25">
<item row="4" column="2">
<widget class="QToolButton" name="btnDelTemplate">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
<item row="1" column="1">
<widget class="QLineEdit" name="txtTemplates"/>
</item>
<item row="3" column="2">
<spacer name="verticalSpacer_20">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="minimumSize">
<property name="sizeHint" stdset="0">
<size>
<width>0</width>
<height>23</height>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="1" column="0">
<widget class="QLabel" name="label_18">
<property name="text">
<string>Remove</string>
<string>Text Filter</string>
</property>
</widget>
</item>
<item row="0" column="0" colspan="2">
<widget class="QLabel" name="label_10">
<property name="text">
<string>This list contains user created custom templates for sandbox options</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
@ -2561,30 +2580,20 @@ Unlike the preview channel, it does not include untested, potentially breaking,
</property>
</widget>
</item>
<item row="3" column="2">
<spacer name="verticalSpacer_20">
<property name="orientation">
<enum>Qt::Vertical</enum>
<item row="4" column="2">
<widget class="QToolButton" name="btnOpenTemplate">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="1" column="0">
<widget class="QLabel" name="label_18">
<property name="text">
<string>Text Filter</string>
<string>Open Template</string>
</property>
</widget>
</item>
<item row="1" column="1">
<widget class="QLineEdit" name="txtTemplates"/>
</item>
<item row="2" column="0" rowspan="3" colspan="2">
<item row="2" column="0" rowspan="5" colspan="2">
<widget class="QTreeWidget" name="treeTemplates">
<property name="selectionMode">
<enum>QAbstractItemView::ExtendedSelection</enum>
@ -2596,16 +2605,38 @@ Unlike the preview channel, it does not include untested, potentially breaking,
</column>
</widget>
</item>
<item row="0" column="0" colspan="2">
<widget class="QLabel" name="label_10">
<property name="text">
<string>This list contains user created custom templates for sandbox options</string>
<item row="6" column="2">
<widget class="QToolButton" name="btnDelTemplate">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="wordWrap">
<bool>true</bool>
<property name="minimumSize">
<size>
<width>0</width>
<height>23</height>
</size>
</property>
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="5" column="2">
<spacer name="verticalSpacer_17">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
</layout>
</item>
</layout>

Some files were not shown because too many files have changed in this diff Show More