breakout fixes

This commit is contained in:
DavidXanatos 2022-01-31 11:24:04 +01:00
parent bdf7b94baa
commit ec5b682663
4 changed files with 28 additions and 15 deletions

View File

@ -30,7 +30,7 @@ AllowNoIcons=yes
AlwaysRestart=no AlwaysRestart=no
LicenseFile=.\license.txt LicenseFile=.\license.txt
UsedUserAreasWarning=no UsedUserAreasWarning=no
VersionInfoCopyright=Copyright (C) 2020-2021 by David Xanatos (xanasoft.com) VersionInfoCopyright=Copyright (C) 2020-2022 by David Xanatos (xanasoft.com)
VersionInfoVersion={#MyAppVersion} VersionInfoVersion={#MyAppVersion}
; Handled in code section as always want DirPage for portable mode. ; Handled in code section as always want DirPage for portable mode.
@ -117,7 +117,7 @@ Filename: "{app}\KmdUtil.exe"; Parameters: "install SbieSvc ""{app}\SbieSvc.exe"
Filename: "{app}\KmdUtil.exe"; Parameters: "start SbieSvc"; StatusMsg: "KmdUtil start SbieSvc"; Check: not IsPortable Filename: "{app}\KmdUtil.exe"; Parameters: "start SbieSvc"; StatusMsg: "KmdUtil start SbieSvc"; Check: not IsPortable
; Start the Sandman UI. ; Start the Sandman UI.
Filename: "{app}\SandMan.exe"; Parameters: "-autorun"; StatusMsg: "Launch SandMan UI..."; Flags: postinstall nowait; Check: (not IsPortable) and (not WizardSilent) Filename: "{app}\SandMan.exe"; StatusMsg: "Launch SandMan UI..."; Flags: postinstall nowait; Check: (not IsPortable) and (not WizardSilent)
;Filename: "{app}\SandMan.exe"; Parameters: "-autorun"; StatusMsg: "Launch SandMan UI..."; Flags: runasoriginaluser nowait; Check: not IsPortable ;Filename: "{app}\SandMan.exe"; Parameters: "-autorun"; StatusMsg: "Launch SandMan UI..."; Flags: runasoriginaluser nowait; Check: not IsPortable

View File

@ -1,4 +1,4 @@
Copyright 2020 - 2021 David Xanatos (xanasoft.com) Copyright 2020 - 2022 David Xanatos (xanasoft.com)
This software is provided under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License This software is provided under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License

View File

@ -941,21 +941,24 @@ _FX BOOL Proc_CreateProcessInternalW(
// check if this is a break out candidate // check if this is a break out candidate
// //
if(lpApplicationName && lpCommandLine) { if(lpApplicationName) {
const WCHAR* lpProgram = wcsrchr(lpApplicationName, L'\\'); const WCHAR* lpProgram = wcsrchr(lpApplicationName, L'\\');
if (lpProgram) { if (lpProgram) {
if (SbieDll_CheckStringInList(lpProgram + 1, NULL, L"BreakoutProcess") if (SbieDll_CheckStringInList(lpProgram + 1, NULL, L"BreakoutProcess")
|| SbieDll_CheckPatternInList(lpApplicationName, (ULONG)(lpProgram - lpApplicationName), NULL, L"BreakoutFolder")) { || SbieDll_CheckPatternInList(lpApplicationName, (ULONG)(lpProgram - lpApplicationName), NULL, L"BreakoutFolder")) {
const WCHAR* lpArguments; const WCHAR* lpArguments = NULL;
if (lpCommandLine[0] == L'\"') { if (lpCommandLine) {
lpArguments = wcschr(lpCommandLine + 1, L'\"'); if (lpCommandLine[0] == L'\"') {
if (lpArguments) lpArguments++; // skip " lpArguments = wcschr(lpCommandLine + 1, L'\"');
} else if (lpArguments) lpArguments++; // skip "
lpArguments = wcschr(lpCommandLine, L' '); }
if(!lpArguments) lpArguments = wcschr(lpCommandLine, L'\0'); else
lpArguments = wcschr(lpCommandLine, L' ');
if (!lpArguments) lpArguments = wcschr(lpCommandLine, L'\0');
}
WCHAR *mybuf = Dll_Alloc((wcslen(lpApplicationName) + 2 + wcslen(lpArguments) + 1) * sizeof(WCHAR)); WCHAR *mybuf = Dll_Alloc((wcslen(lpApplicationName) + 2 + (lpArguments ? wcslen(lpArguments) : 0) + 1) * sizeof(WCHAR));
if (mybuf) { if (mybuf) {
// //
@ -967,9 +970,18 @@ _FX BOOL Proc_CreateProcessInternalW(
wcscpy(mybuf, L"\""); wcscpy(mybuf, L"\"");
wcscat(mybuf, lpApplicationName); wcscat(mybuf, lpApplicationName);
wcscat(mybuf, L"\""); wcscat(mybuf, L"\"");
wcscat(mybuf, lpArguments); if(lpArguments)
wcscat(mybuf, lpArguments);
ULONG crflags2 = dwCreationFlags & (CREATE_NO_WINDOW | CREATE_SUSPENDED if (! lpCurrentDirectory) {
lpCurrentDirectory = Dll_Alloc(sizeof(WCHAR) * 8192);
if (lpCurrentDirectory) {
((WCHAR*)lpCurrentDirectory)[0] = L'\0';
RtlGetCurrentDirectory_U(sizeof(WCHAR) * 8190, lpCurrentDirectory);
}
}
ULONG crflags2 = dwCreationFlags & (CREATE_NO_WINDOW //| CREATE_SUSPENDED
| HIGH_PRIORITY_CLASS | ABOVE_NORMAL_PRIORITY_CLASS | HIGH_PRIORITY_CLASS | ABOVE_NORMAL_PRIORITY_CLASS
| BELOW_NORMAL_PRIORITY_CLASS | IDLE_PRIORITY_CLASS | BELOW_NORMAL_PRIORITY_CLASS | IDLE_PRIORITY_CLASS
| CREATE_UNICODE_ENVIRONMENT); | CREATE_UNICODE_ENVIRONMENT);

View File

@ -1322,8 +1322,9 @@ BOOL ProcessServer::RunSandboxedDupAndCloseHandles(
} }
if (ok) { if (ok) {
// Note: PROCESS_SUSPEND_RESUME is enough to start a debugging session which will give a full access handle in the first debug event (diversenok)
DWORD dwRead = STANDARD_RIGHTS_READ | SYNCHRONIZE | DWORD dwRead = STANDARD_RIGHTS_READ | SYNCHRONIZE |
PROCESS_VM_READ | PROCESS_QUERY_INFORMATION | PROCESS_SUSPEND_RESUME | PROCESS_VM_READ | PROCESS_QUERY_INFORMATION | //PROCESS_SUSPEND_RESUME | unlike THREAD_SUSPEND_RESUME this one is dangerous
PROCESS_QUERY_LIMITED_INFORMATION; PROCESS_QUERY_LIMITED_INFORMATION;
ok = DuplicateHandle(GetCurrentProcess(), piInput->hProcess, ok = DuplicateHandle(GetCurrentProcess(), piInput->hProcess,
CallerProcessHandle, &piReply->hProcess, CallerProcessHandle, &piReply->hProcess,