Merge branch 'master' into master

This commit is contained in:
isaak654 2024-02-27 17:24:57 +01:00 committed by GitHub
commit e45246eb4a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
26 changed files with 9926 additions and 9372 deletions

View File

@ -7,6 +7,10 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.13.1 / 5.68.1] - 2024-02-??
### Added
- Sandman, suspend all processes [#3582](https://github.com/sandboxie-plus/Sandboxie/issues/3582) (thx Yeyixiao)
- Add "On Terminate" trigger [#3584](https://github.com/sandboxie-plus/Sandboxie/issues/3584) (thx Yeyixiao)
### Fixed
- added missing checkbox for API tracing
- fixed incompatibility with Windows ARM64 Insider build 26052 and later
@ -14,9 +18,15 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- In Application Compartment Box,There is a bug in file redirection,CreateDirectory Fail [#3637](https://github.com/sandboxie-plus/Sandboxie/issues/3637)
- fixed issues with appcompartment mode compatybility fallback
- fixed missing max password length check [#3639]https://github.com/sandboxie-plus/Sandboxie/issues/3639
- Can't launch executables from volumes without a drive letter in a sandbox (regression) on windows 1803 and earlier [#3627](https://github.com/sandboxie-plus/Sandboxie/issues/3627)
### Changed
- changed DynData format to add flags
- Revert or provide a way to opt out of the new sandbox directory structure for volumes without drive letters [#3632](https://github.com/sandboxie-plus/Sandboxie/issues/3632)
- guid usage can be re-enabled with "UseVolumeGuidWhenNoLetter=y"
### Removed
- removed UseNewSymlinkResolver setting new mechanism is always used

View File

@ -363,9 +363,9 @@ static WCHAR *File_PublicUser = NULL;
static ULONG File_PublicUserLen = 0;
static BOOLEAN File_DriveAddSN = FALSE;
static BOOLEAN File_UseVolumeGuid = FALSE;
BOOLEAN File_Delete_v2 = FALSE;
static BOOLEAN File_NoReparse = FALSE;
static WCHAR *File_AltBoxPath = NULL;
static ULONG File_AltBoxPathLen = 0;
@ -572,13 +572,13 @@ _FX NTSTATUS File_GetCopyPathImpl(WCHAR* TruePath, WCHAR **OutCopyPath, ULONG *O
ULONG drive_len;
guid = NULL;
drive = File_GetDriveForPath(TruePath, length);
if (drive)
drive_len = drive->len;
else
drive = File_GetDriveForUncPath(TruePath, length, &drive_len);
if (!drive)
if (!drive && File_UseVolumeGuid)
guid = File_GetGuidForPath(TruePath, length);
if (drive || guid) {
@ -763,9 +763,8 @@ check_sandbox_prefix:
drive = NULL;
guid = NULL;
if (name[_DriveLen - 1] == L'\\') {
if (name[_DriveLen] == L'{')
if (name[_DriveLen] == L'{' && File_UseVolumeGuid)
guid = File_GetLinkForGuid(&name[_DriveLen]);
else
drive = File_GetDriveForLetter(name[_DriveLen]);
@ -1131,8 +1130,10 @@ _FX NTSTATUS File_GetName(
// the next section of code from trying to translate symlinks
//
drive = File_GetDriveForPath(objname_buf, objname_len / sizeof(WCHAR));
if(!drive)
guid = NULL;
drive = File_GetDriveForPath(
objname_buf, objname_len / sizeof(WCHAR));
if(!drive && File_UseVolumeGuid)
guid = File_GetGuidForPath(objname_buf, objname_len / sizeof(WCHAR));
if (drive || guid) {

View File

@ -144,7 +144,7 @@ _FX BOOLEAN File_Init(void)
File_DriveAddSN = SbieApi_QueryConfBool(NULL, L"UseVolumeSerialNumbers", FALSE);
File_NoReparse = SbieApi_QueryConfBool(NULL, L"NoPathReparse", FALSE);
File_UseVolumeGuid = SbieApi_QueryConfBool(NULL, L"UseVolumeGuidWhenNoLetter", FALSE);
if (! File_InitDrives(0xFFFFFFFF))
return FALSE;
@ -878,6 +878,25 @@ _FX void File_InitLinks(THREAD_DATA *TlsData)
DosPath += wcslen(DosPath) + 1;
}
} else if (File_UseVolumeGuid) {
// handle the case where the volume is not mounted as a
// drive letter:
// add reparse points for all mounted directories
//
// This behavioure creates \[BoxRoot]\drive\{guid} fodlers
// instead of using the first mount point on a volume with a letter
//
WCHAR *FirstDosPath = DosPath;
File_AddLink(TRUE, FirstDosPath, DeviceName);
DosPath += DosPathLen + 1;
while (*DosPath) {
File_AddLink(TRUE, DosPath, DeviceName);
DosPath += wcslen(DosPath) + 1;
}
} else {
//
@ -889,11 +908,17 @@ _FX void File_InitLinks(THREAD_DATA *TlsData)
// also to the first mounted directory
//
//
// Note: this behavioure makes the first mounted directory
// the location in the box where all files for that volume will be located
// other mount points will be redirected to this folder
//
WCHAR *FirstDosPath = DosPath;
File_AddLink(TRUE, FirstDosPath, DeviceName);
File_AddLink(TRUE, DeviceName, FirstDosPath);
DosPath += DosPathLen + 1;
while (*DosPath) {
File_AddLink(TRUE, DosPath, DeviceName);
File_AddLink(TRUE, DosPath, FirstDosPath);
DosPath += wcslen(DosPath) + 1;
}
}

View File

@ -604,9 +604,6 @@ _FX WCHAR *File_TranslateTempLinks(
WCHAR *ret;
ULONG TruePath_len, ret_len;
if (File_NoReparse)
return NULL;
//
// entry
//
@ -1022,72 +1019,67 @@ _FX FILE_LINK *File_AddTempLink(WCHAR *path)
stop = TRUE;
newpath = NULL;
status = File_OpenForAddTempLink(&handle, path, FILE_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT | FILE_OPEN_REPARSE_POINT);
BOOLEAN UserReparse = SbieApi_QueryConfBool(NULL, L"UseNewSymlinkResolver", TRUE);
if (NT_SUCCESS(status)) {
if (UserReparse) {
status = File_OpenForAddTempLink(&handle, path, FILE_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT | FILE_OPEN_REPARSE_POINT);
REPARSE_DATA_BUFFER* reparseDataBuffer = Dll_AllocTemp(MAXIMUM_REPARSE_DATA_BUFFER_SIZE);
status = pNtFsControlFile(handle, NULL, NULL, NULL, &IoStatusBlock, FSCTL_GET_REPARSE_POINT, NULL, 0, reparseDataBuffer, MAXIMUM_REPARSE_DATA_BUFFER_SIZE);
if (NT_SUCCESS(status)) {
REPARSE_DATA_BUFFER* reparseDataBuffer = Dll_AllocTemp(MAXIMUM_REPARSE_DATA_BUFFER_SIZE);
status = pNtFsControlFile(handle, NULL, NULL, NULL, &IoStatusBlock, FSCTL_GET_REPARSE_POINT, NULL, 0, reparseDataBuffer, MAXIMUM_REPARSE_DATA_BUFFER_SIZE);
WCHAR* SubstituteNameBuffer = NULL;
//WCHAR* PrintNameBuffer = NULL;
BOOL RelativePath = FALSE;
if (NT_SUCCESS(status)) {
if (reparseDataBuffer->ReparseTag == IO_REPARSE_TAG_SYMLINK)
{
SubstituteNameBuffer = &reparseDataBuffer->SymbolicLinkReparseBuffer.PathBuffer[reparseDataBuffer->SymbolicLinkReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
if (reparseDataBuffer->SymbolicLinkReparseBuffer.Flags & SYMLINK_FLAG_RELATIVE)
RelativePath = TRUE;
SubstituteNameBuffer[reparseDataBuffer->SymbolicLinkReparseBuffer.SubstituteNameLength / sizeof(WCHAR)] = 0;
}
else if (reparseDataBuffer->ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
{
SubstituteNameBuffer = &reparseDataBuffer->MountPointReparseBuffer.PathBuffer[reparseDataBuffer->MountPointReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
SubstituteNameBuffer[reparseDataBuffer->MountPointReparseBuffer.SubstituteNameLength / sizeof(WCHAR)] = 0;
}
WCHAR* SubstituteNameBuffer = NULL;
//WCHAR* PrintNameBuffer = NULL;
BOOL RelativePath = FALSE;
if (reparseDataBuffer->ReparseTag == IO_REPARSE_TAG_SYMLINK)
if (SubstituteNameBuffer)
{
if (RelativePath)
{
SubstituteNameBuffer = &reparseDataBuffer->SymbolicLinkReparseBuffer.PathBuffer[reparseDataBuffer->SymbolicLinkReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
if (reparseDataBuffer->SymbolicLinkReparseBuffer.Flags & SYMLINK_FLAG_RELATIVE)
RelativePath = TRUE;
SubstituteNameBuffer[reparseDataBuffer->SymbolicLinkReparseBuffer.SubstituteNameLength / sizeof(WCHAR)] = 0;
// todo RelativePath - for now we fall back to the old method
}
else if (reparseDataBuffer->ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
else
{
SubstituteNameBuffer = &reparseDataBuffer->MountPointReparseBuffer.PathBuffer[reparseDataBuffer->MountPointReparseBuffer.SubstituteNameOffset/sizeof(WCHAR)];
SubstituteNameBuffer[reparseDataBuffer->MountPointReparseBuffer.SubstituteNameLength / sizeof(WCHAR)] = 0;
}
WCHAR* input_str = SubstituteNameBuffer;
if (_wcsnicmp(input_str, L"\\??\\Volume{", 11) == 0)
input_str = File_TranslateGuidToNtPath(SubstituteNameBuffer);
else if (_wcsnicmp(input_str, File_BQQB, 4) == 0)
input_str = File_TranslateDosToNtPath(SubstituteNameBuffer + 4);
if (SubstituteNameBuffer)
{
if (RelativePath)
{
// todo RelativePath - for now we fall back to the old method
}
else
{
WCHAR* input_str = SubstituteNameBuffer;
if (_wcsnicmp(input_str, L"\\??\\Volume{", 11) == 0)
input_str = File_TranslateGuidToNtPath(SubstituteNameBuffer);
else if (_wcsnicmp(input_str, File_BQQB, 4) == 0)
input_str = File_TranslateDosToNtPath(SubstituteNameBuffer + 4);
if (input_str) {
if (input_str) {
ULONG input_len = wcslen(input_str);
while (input_len > 0 && input_str[input_len - 1] == L'\\')
input_len -= 1; // remove trailing backslash
ULONG input_len = wcslen(input_str);
while (input_len > 0 && input_str[input_len - 1] == L'\\')
input_len -= 1; // remove trailing backslash
newpath = File_TranslateTempLinks_2(input_str, input_len);
newpath = File_TranslateTempLinks_2(input_str, input_len);
if (input_str != SubstituteNameBuffer)
Dll_Free(input_str);
}
if (input_str != SubstituteNameBuffer)
Dll_Free(input_str);
}
}
}
//else if (status == STATUS_NOT_A_REPARSE_POINT)
}
//else if (status == STATUS_NOT_A_REPARSE_POINT)
Dll_Free(reparseDataBuffer);
Dll_Free(reparseDataBuffer);
pNtClose(handle);
}
pNtClose(handle);
}
const ULONG PATH_BUF_LEN = 1024;
@ -1328,19 +1320,6 @@ _FX FILE_LINK *File_FindPermLinksForMatchPath(
link = List_Head(File_PermLinks);
while (link) {
/*const ULONG src_len = link->src_len;
if (
#ifdef WOW64_FS_REDIR
link != File_Wow64FileLink &&
#endif WOW64_FS_REDIR
name_len >= src_len &&
(name[src_len] == L'\\' || name[src_len] == L'\0') &&
_wcsnicmp(name, link->src, src_len) == 0) {
return link;
}*/
const ULONG dst_len = link->dst_len;
if (

View File

@ -34,7 +34,7 @@ const wchar_t Parameters[] = L"\\Parameters";
#define IMAGE_FILE_MACHINE_ARM64 0xAA64 // ARM64 Little-Endian
#endif
#define WIN11_LATEST 26052 // <-----
#define WIN11_LATEST 26070 // <-----
#define SVR2025 26040
#define WIN11_FIRST 22000
#define SVR2022 20348

View File

@ -2281,6 +2281,7 @@ void CSandMan::OnBoxClosed(const CSandBoxPtr& pBox)
AddAsyncOp(pProgress, true, tr("Executing OnBoxTerminate: %1").arg(Value2));
}
}
if (!pBox->GetBool("NeverDelete", false))
{
if (pBox->GetBool("AutoDelete", false))
@ -2651,6 +2652,7 @@ void CSandMan::SetupHotKeys()
if (theConf->GetBool("Options/EnablePauseForceKey", false))
m_pHotkeyManager->registerHotkey(theConf->GetString("Options/PauseForceKeySequence", "Ctrl+Alt+F"), HK_FORCE);
if (theConf->GetBool("Options/EnableSuspendKey", false))
m_pHotkeyManager->registerHotkey(theConf->GetString("Options/SuspendKeySequence", "Ctrl+Pause"), HK_SUSPEND);
}
@ -2675,10 +2677,8 @@ void CSandMan::OnHotKey(size_t id)
case HK_SUSPEND:
{
for (auto each : theAPI->GetAllBoxes()) {
for (auto each : theAPI->GetAllBoxes())
each->SetSuspendedAll(TRUE);
};
break;
}

View File

@ -231,7 +231,9 @@ void COptionsWindow::LoadAdvanced()
AddTriggerItem(Value, eAutoExec);
foreach(const QString & Value, m_pBox->GetTextList("OnFileRecovery", m_Template))
AddTriggerItem(Value, eRecoveryCheck);
foreach(const QString& Value, m_pBox->GetTextList("OnBoxTerminate", m_Template))
foreach(const QString & Value, m_pBox->GetTextList("OnBoxDelete", m_Template))
AddTriggerItem(Value, eDeleteCmd);
foreach(const QString & Value, m_pBox->GetTextList("OnBoxTerminate", m_Template))
AddTriggerItem(Value, eTerminateCmd);
ShowTriggersTmpl();

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff