mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

fixed "Windows Installer Service could not be accessed"

This commit is contained in:
DavidXanatos 2020-04-10 16:06:27 +02:00
parent a1de93fbcd
commit e9d144b696
8 changed files with 59 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
CHANGELOG.md Normal file
View File

@ -0,0 +1,13 @@
# Changelog
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).
## [5.40.1] - 2020-04-10
### Added
- "Other" type for the Resource Access Monitor
-- added call to StartService to the logged Resources
### Fixed
- fixed "Windows Installer Service could not be accessed" that got introduced with Windows 1903

2
Sandboxie/apps/control/AboutDialog.cpp
View File

@ -143,7 +143,7 @@ BOOL CAboutDialog::OnInitDialog()
U_PDF = L' ';
}
text.Format(L"%S %c(%d-bit)%c",
MY_VERSION_STRING, U_LRO, _bitness, U_PDF);
MY_VERSION_STRING_EX, U_LRO, _bitness, U_PDF);
CString ver = CMyMsg(MSG_3302, text);
GetDlgItem(ID_ABOUT_VERSION)->SetWindowText(ver);

3
Sandboxie/apps/control/MonitorDialog.cpp
View File

@ -101,6 +101,7 @@ void CMonitorDialog::OnIdle()
static const WCHAR *_Clsid = L"Clsid ";
static const WCHAR *_Image = L"Image ";
static const WCHAR *_FileOrKey = L"File/Key ";
static const WCHAR *_Other = L"Other ";
static const WCHAR *_Separator = L" -------------------------------";
CListBox *listbox = (CListBox *)GetDlgItem(ID_MESSAGE_LIST);
@ -147,6 +148,8 @@ void CMonitorDialog::OnIdle()
PrefixPtr = _Image;
else if (type == MONITOR_FILE_OR_KEY)
PrefixPtr = _FileOrKey;
else if (type == MONITOR_OTHER)
PrefixPtr = _Other;
wcsncpy(name, PrefixPtr, 9);
int index = listbox->AddString(name);

1
Sandboxie/common/my_version.h
View File

@ -22,6 +22,7 @@
#define MY_VERSION_BINARY 5,40
#define MY_VERSION_STRING "5.40"
#define MY_VERSION_STRING_EX "5.40.1"
// These #defines are used by either Resource Compiler, or by NSIC installer
#define SBIE_INSTALLER_PATH "..\\Bin\\"

39
Sandboxie/core/dll/gui.c
View File

@ -724,26 +724,27 @@ _FX void Gui_InitWindows7(void)
// Processthreadsapi.h from Windows 8 See
// https://msdn.microsoft.com/en-us/library/windows/desktop/hh769085%28v=vs.85%29.aspx
// https://msdn.microsoft.com/en-us/library/windows/desktop/hh871472(v=vs.85).aspx
#if 0
typedef enum _PROCESS_MITIGATION_POLICY {
ProcessDEPPolicy = 0,
ProcessASLRPolicy = 1,
ProcessReserved1MitigationPolicy = 2,
ProcessStrictHandleCheckPolicy = 3,
ProcessSystemCallDisablePolicy = 4,
MaxProcessMitigationPolicy = 5
} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;
typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY {
union {
DWORD Flags;
struct {
DWORD DisallowWin32kSystemCalls : 1;
DWORD ReservedFlags : 31;
};
};
} PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY;
#endif
//typedef enum _PROCESS_MITIGATION_POLICY {
// ProcessDEPPolicy = 0,
// ProcessASLRPolicy = 1,
// ProcessReserved1MitigationPolicy = 2,
// ProcessStrictHandleCheckPolicy = 3,
// ProcessSystemCallDisablePolicy = 4,
// MaxProcessMitigationPolicy = 5
//} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;
//
//typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY {
// union {
// DWORD Flags;
// struct {
// DWORD DisallowWin32kSystemCalls : 1;
// DWORD ReservedFlags : 31;
// };
// };
//} PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY;
//
typedef BOOL (WINAPI * pGetProcessMitigationPolicy)(
HANDLE hProcess,
PROCESS_MITIGATION_POLICY MitigationPolicy,

7
Sandboxie/core/dll/scm.c
View File

@ -847,6 +847,13 @@ _FX BOOL Scm_CloseServiceHandle(SC_HANDLE hSCObject)
_FX WCHAR *Scm_GetHandleName(SC_HANDLE hService)
{
WCHAR *name = NULL;
// fix-me: refactory include of SC_HANDLE_
if (hService == /*SC_HANDLE_RPCSS*/((SC_HANDLE)0x12345672))
return L"RpcSs";
if (hService == /*SC_HANDLE_MSISERVER*/((SC_HANDLE)0x12345673))
return L"MSIServer";
if (hService == /*SC_HANDLE_EVENTSYSTEM*/((SC_HANDLE)0x12345674))
return L"EventSystem";
__try {
if (hService && *(ULONG *)hService == tzuk)
name = (WCHAR *)(((ULONG *)hService) + 1);

14
Sandboxie/core/dll/scm_create.c
View File

@ -824,6 +824,10 @@ _FX BOOL SbieDll_StartBoxedService(const WCHAR *ServiceName, BOOLEAN WithAdd)
SERVICE_QUERY_RPL *rpl;
ULONG retries, error;
//WCHAR text[130];
//Sbie_swprintf(text, L"StartBoxedService; name: '%s'; pid: %d", ServiceName, GetCurrentProcessId()); // fix-me: pottential buffer overflow
//SbieApi_MonitorPut(MONITOR_OTHER, text);
//
// when invoked from SandboxieRpcSs to handle StartProcess,
// specify WithAdd to add the service to the sandbox
@ -1091,6 +1095,10 @@ _FX BOOL Scm_StartServiceW(
if (! ServiceName)
return FALSE;
WCHAR text[130];
Sbie_swprintf(text, L"StartService; name: '%s'; pid: %d", ServiceName, GetCurrentProcessId()); // fix-me: pottential buffer overflow
SbieApi_MonitorPut(MONITOR_OTHER, text);
if (Scm_IsBoxedService(ServiceName))
return SbieDll_StartBoxedService(ServiceName, FALSE);
@ -1190,7 +1198,7 @@ _FX BOOL Scm_StartServiceCtrlDispatcherX(
L"00000000_" SBIE L"_SERVICE_NAME";
WCHAR *ServiceName;
WCHAR *Buffer;
UNICODE_STRING uni;
UNICODE_STRING uni; // fix-me: this mustbe freed !
void *args[3];
ULONG ThreadId;
HANDLE hEvent;
@ -1254,6 +1262,10 @@ _FX BOOL Scm_StartServiceCtrlDispatcherX(
}
}
//WCHAR text[130];
//Sbie_swprintf(text, L"StartServiceCtrlDispatcher; name: '%s'; pid %d", ServiceName, GetCurrentProcessId()); // fix-me: pottential buffer overflow
//SbieApi_MonitorPut(MONITOR_OTHER, text);
//
// open the key for the service
//

1
Sandboxie/core/drv/api_flags.h
View File

@ -49,6 +49,7 @@
#define MONITOR_IGNORE 0x066B
#define MONITOR_IMAGE 0x077B
#define MONITOR_FILE_OR_KEY 0x088B
#define MONITOR_OTHER 0x099B
#define MONITOR_OPEN 0x1000
#define MONITOR_DENY 0x2000