Build 0.8.1

sandboxie-plus · Jun 14, 2021 · 181250b · 181250b
1 parent 1a6c094
commit 181250b
Show file tree

Hide file tree

Showing 11 changed files with 59 additions and 26 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,15 @@ All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
 
+## [0.8.1 / 5.50.1] - 2021-06-14
+
+### Fixed
+- fixed an issue with driver verifyer and user handles
+- fixed driver memory leak of FLT_FILE_NAME_INFORMATION objects
+- fixed broken clipboard introduced in 5.50.0
+- fixed dcom launch issue on windows 7 32 bit introduced in 5.50.0
+
+
 
 ## [0.8.0 / 5.50.0] - 2021-06-13
 

diff --git a/Sandboxie/common/my_version.h b/Sandboxie/common/my_version.h
@@ -21,8 +21,8 @@
 #ifndef _MY_VERSION_H
 #define _MY_VERSION_H
 
-#define MY_VERSION_BINARY       5,50,0
-#define MY_VERSION_STRING       "5.50.0"
+#define MY_VERSION_BINARY       5,50,1
+#define MY_VERSION_STRING       "5.50.1"
 #define MY_VERSION_COMPAT		"5.50.0" // this refers to the driver ABI compatibility
 
 // These #defines are used by either Resource Compiler, or by NSIC installer

diff --git a/Sandboxie/core/dll/sxs.c b/Sandboxie/core/dll/sxs.c
@@ -1901,17 +1901,17 @@ _FX ULONG Sxs_CheckManifestForElevation(
 
         _strlwr(args.ManifestText);
 
-        if (strstr(args.ManifestText, "level='asinvoker'") 
-         || strstr(args.ManifestText, "level=\"asinvoker\""))
-            if (pAsInvoker) *pAsInvoker = TRUE;
+        if (pAsInvoker) *pAsInvoker = 
+            (strstr(args.ManifestText, "level='asinvoker'") 
+            || strstr(args.ManifestText, "level=\"asinvoker\""));
 
-        if (strstr(args.ManifestText, "level='requireadministrator'")
-         || strstr(args.ManifestText, "level=\"requireadministrator\""))
-            if (pRequireAdministrator) *pRequireAdministrator = TRUE;
+        if (pRequireAdministrator) *pRequireAdministrator = 
+            (strstr(args.ManifestText, "level='requireadministrator'")
+            || strstr(args.ManifestText, "level=\"requireadministrator\""));
 
-        if (strstr(args.ManifestText, "level='highestavailable'")
-         || strstr(args.ManifestText, "level=\"highestavailable\""))
-            if (pHighestAvailable) *pHighestAvailable = TRUE;
+        if (pHighestAvailable) *pHighestAvailable = 
+            (strstr(args.ManifestText, "level='highestavailable'")
+            || strstr(args.ManifestText, "level=\"highestavailable\""));
     }
 
     Sxs_AllocOrFreeBuffers(&args, FALSE);

diff --git a/Sandboxie/core/drv/file_flt.c b/Sandboxie/core/drv/file_flt.c
@@ -491,6 +491,7 @@ _FX FLT_PREOP_CALLBACK_STATUS File_PreOperation(
 
                         RtlInitUnicodeString(&usFileName, (PCWSTR)pTempFullPath);
                     }
+                    FltReleaseFileNameInformation(pTargetFileNameInfo);
                 }
             }
         }

diff --git a/Sandboxie/core/drv/ipc.c b/Sandboxie/core/drv/ipc.c
@@ -79,6 +79,11 @@ static NTSTATUS Ipc_Api_QuerySymbolicLink(PROCESS *proc, ULONG64 *parms);
 //---------------------------------------------------------------------------
 
 
+NTSTATUS Thread_GetKernelHandleForUserHandle(
+    HANDLE *OutKernelHandle, HANDLE InUserHandle);
+
+//---------------------------------------------------------------------------
+
 #ifdef ALLOC_PRAGMA
 #pragma alloc_text (INIT, Ipc_Init)
 #pragma alloc_text (INIT, Ipc_Init_Type)
@@ -1158,17 +1163,35 @@ _FX NTSTATUS Ipc_Api_DuplicateObject(PROCESS *proc, ULONG64 *parms)
         // wont be able to grab it while we are evaluaiting it
         //
 
-        status = ZwDuplicateObject(
-                        SourceProcessHandle, SourceHandle,
-                        TargetProcessHandle, &TestHandle,
+        HANDLE SourceKernelHandle;
+        status = Thread_GetKernelHandleForUserHandle(&SourceKernelHandle, SourceHandle);
+        if (NT_SUCCESS(status)) {
+
+            HANDLE SourceProcessKernelHandle;
+            status = Thread_GetKernelHandleForUserHandle(&SourceProcessKernelHandle, SourceProcessHandle);
+            if (NT_SUCCESS(status)) {
+
+                HANDLE TargetProcessKernelHandle = ZwCurrentProcess();
+                //status = Thread_GetKernelHandleForUserHandle(&TargetProcessKernelHandle, TargetProcessHandle);
+                //if (NT_SUCCESS(status)) {
+
+                    status = ZwDuplicateObject(
+                        SourceProcessKernelHandle, SourceKernelHandle,
+                        TargetProcessKernelHandle, &TestHandle,
                         DesiredAccess, HandleAttributes,
                         Options & ~DUPLICATE_CLOSE_SOURCE);
 
-        if (NT_SUCCESS(status)) {
+                    if (NT_SUCCESS(status)) {
 
-            status = Ipc_CheckObjectName(TestHandle, KernelMode);
+                        status = Ipc_CheckObjectName(TestHandle, UserMode);
 
-            ZwClose(TestHandle);
+                        ZwClose(TestHandle);
+                    }
+                //    ZwClose(TargetProcessKernelHandle);
+                //}
+                ZwClose(SourceProcessKernelHandle);
+            }
+            ZwClose(SourceKernelHandle);
         }
 
     } else

diff --git a/Sandboxie/core/drv/thread_token.c b/Sandboxie/core/drv/thread_token.c
@@ -106,7 +106,7 @@ static NTSTATUS Thread_ImpersonateAnonymousToken(
 //---------------------------------------------------------------------------
 
 
-static NTSTATUS Thread_GetKernelHandleForUserHandle(
+NTSTATUS Thread_GetKernelHandleForUserHandle(
     HANDLE *OutKernelHandle, HANDLE InUserHandle);
 
 

diff --git a/Sandboxie/core/svc/DriverAssistInject.cpp b/Sandboxie/core/svc/DriverAssistInject.cpp
@@ -107,7 +107,7 @@ void DriverAssist::InjectLow(void *_msg)
     // notify driver that we successfully injected the lowlevel code
     //
 
-    if (SbieApi_Call(API_INJECT_COMPLETE, 1, msg->process_id) == 0)
+    if (SbieApi_Call(API_INJECT_COMPLETE, 1, (ULONG_PTR)msg->process_id) == 0)
         errlvl = 0;
     else
         errlvl = 0x99;

diff --git a/Sandboxie/core/svc/DriverAssistStart.cpp b/Sandboxie/core/svc/DriverAssistStart.cpp
@@ -204,7 +204,7 @@ ULONG DriverAssist::StartDriverAsync(void *arg)
                     LsaHandle, &AuthPkgName, &AuthPkgNum);
 
                 if (rc == 0)
-                    SbieApi_Call(API_SET_LSA_AUTH_PKG, 1, AuthPkgNum);
+                    SbieApi_Call(API_SET_LSA_AUTH_PKG, 1, (ULONG_PTR)AuthPkgNum);
 
                 LsaDeregisterLogonProcess(LsaHandle);
             }
@@ -285,7 +285,7 @@ void DriverAssist::InitClipboard()
                 SetClipboardData(0x333333, hGlobal2);
                 SetClipboardData(0x444444, hGlobal2);
 
-                SbieApi_Call(API_GUI_CLIPBOARD, 1, -1);
+                SbieApi_Call(API_GUI_CLIPBOARD, 1, (ULONG_PTR)-1);
 
                 EmptyClipboard();
                 CloseClipboard();

diff --git a/Sandboxie/core/svc/GuiServer.cpp b/Sandboxie/core/svc/GuiServer.cpp
@@ -2367,7 +2367,7 @@ ULONG GuiServer::CloseClipboardSlave(SlaveArgs *args)
                     ULONG fmt = 0;
 
                     while (1) {
-                        status = SbieApi_Call(API_GUI_CLIPBOARD, 1, 0x4000);
+                        status = SbieApi_Call(API_GUI_CLIPBOARD, 1, (ULONG_PTR)0x4000);
                         if (status != 0)
                             break;
                         fmt = EnumClipboardFormats(fmt);
@@ -2393,7 +2393,7 @@ ULONG GuiServer::CloseClipboardSlave(SlaveArgs *args)
                         // always fails.  so we want clip_il to stay 0x4000
                         //
 
-                        status = SbieApi_Call(API_GUI_CLIPBOARD, 1, caller_il);
+                        status = SbieApi_Call(API_GUI_CLIPBOARD, 1, (ULONG_PTR)caller_il);
                     }*/
 
                     CloseClipboard();
@@ -2460,7 +2460,7 @@ ULONG GuiServer::GetClipboardDataSlave(SlaveArgs *args)
             // then we can't get it, see more in CloseClipboardSlave above.
             // work around that by setting IL to 0x4000
             //
-            if (SbieApi_Call(API_GUI_CLIPBOARD, 1, 0x4000) == 0) {
+            if (SbieApi_Call(API_GUI_CLIPBOARD, 1, (ULONG_PTR)0x4000) == 0) {
                 mem_handle = GetClipboardData(req->format);
                 rpl->error = GetLastError();
             }

diff --git a/Sandboxie/core/svc/ProcessServer.cpp b/Sandboxie/core/svc/ProcessServer.cpp
@@ -1091,7 +1091,7 @@ BOOL ProcessServer::RunSandboxedStartProcess(
         if (ok && StartProgramInSandbox) {
 
             LONG rc = SbieApi_Call(API_START_PROCESS, 2,
-                                      BoxNameOrModelPid, pi->dwProcessId);
+                                      (ULONG_PTR)BoxNameOrModelPid, (ULONG_PTR)pi->dwProcessId);
             if (rc != 0) {
 
                 LastError = RtlNtStatusToDosError(rc);

diff --git a/SandboxiePlus/version.h b/SandboxiePlus/version.h
@@ -2,7 +2,7 @@
 
 #define VERSION_MJR		0
 #define VERSION_MIN 	8
-#define VERSION_REV 	0
+#define VERSION_REV 	1
 #define VERSION_UPD 	0
 
 #ifndef STR
-Original file line number
+Diff line change
@@ Expand Up / @@ -491,6 +491,7 @@ _FX FLT_PREOP_CALLBACK_STATUS File_PreOperation( @@
                             RtlInitUnicodeString(&usFileName, (PCWSTR)pTempFullPath);
                         }
+                        FltReleaseFileNameInformation(pTargetFileNameInfo);
                     }
                 }
             }
@@ Expand Down @@