From 2d20564f0a78f682d56d90dc93f8b9c9b3741cf9 Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Fri, 16 Oct 2020 13:26:04 +0200 Subject: [PATCH] api: redirect log to stderr in rundll32 invocations The WoW64 client will provide stdio handles to read the log messages. Furthermore, the rundll32 calls could return results using stdout. Signed-off-by: Simon Rozman --- api/rundll32.c | 68 ++++++++++++++++++-------------------------------- 1 file changed, 24 insertions(+), 44 deletions(-) diff --git a/api/rundll32.c b/api/rundll32.c index 46b93ec..3925ad1 100644 --- a/api/rundll32.c +++ b/api/rundll32.c @@ -7,10 +7,6 @@ #if defined(_M_AMD64) || defined(_M_ARM64) -// TODO: Log to Windows Event Log in production. - -# ifdef _DEBUG - static VOID CALLBACK ConsoleLogger(_In_ WINTUN_LOGGER_LEVEL Level, _In_ const WCHAR *LogLine) { @@ -29,11 +25,9 @@ ConsoleLogger(_In_ WINTUN_LOGGER_LEVEL Level, _In_ const WCHAR *LogLine) default: return; } - fwprintf(stdout, Template, LogLine); + fwprintf(stderr, Template, LogLine); } -# endif - static BOOL ElevateToSystem(VOID) { HANDLE CurrentProcessToken, ThreadToken, ProcessSnapshot, WinlogonProcess, WinlogonToken, DuplicatedToken; @@ -128,30 +122,20 @@ cleanup: return FALSE; } -static void -Init(_In_ BOOL ShowConsole) +static int Argc; +static WCHAR **Argv; + +static void Init(VOID) { -# ifdef _DEBUG - if (ShowConsole) - { - AllocConsole(); - FILE *Stream; - _wfreopen_s(&Stream, L"CONOUT$", L"w", stdout); - } WintunSetLogger(ConsoleLogger); -# else - UNREFERENCED_PARAMETER(ShowConsole); -# endif + Argv = CommandLineToArgvW(GetCommandLineW(), &Argc); ElevateToSystem(); } static void Done(VOID) { RevertToSelf(); -# ifdef _DEBUG - _putws(L"\nPress any key to close . . ."); - (VOID) _getwch(); -# endif + LocalFree(Argv); } __declspec(dllexport) VOID __stdcall CreateAdapter(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow) @@ -159,30 +143,28 @@ __declspec(dllexport) VOID __stdcall CreateAdapter(HWND hwnd, HINSTANCE hinst, L UNREFERENCED_PARAMETER(hwnd); UNREFERENCED_PARAMETER(hinst); UNREFERENCED_PARAMETER(lpszCmdLine); + UNREFERENCED_PARAMETER(nCmdShow); - int Argc; - LPWSTR *Argv = CommandLineToArgvW(GetCommandLineW(), &Argc); + Init(); if (Argc < 4) - goto cleanupArgv; - + goto cleanup; if (wcslen(Argv[2]) >= MAX_POOL) - goto cleanupArgv; + goto cleanup; if (wcslen(Argv[3]) >= MAX_ADAPTER_NAME) - goto cleanupArgv; + goto cleanup; GUID RequestedGUID; if (Argc > 4 && FAILED(CLSIDFromString(Argv[4], &RequestedGUID))) - goto cleanupArgv; + goto cleanup; + WINTUN_ADAPTER *Adapter; BOOL RebootRequired = FALSE; - Init(!!nCmdShow); DWORD Result = WintunCreateAdapter(Argv[2], Argv[3], Argc > 4 ? &RequestedGUID : NULL, &Adapter, &RebootRequired); - Done(); if (Result != ERROR_SUCCESS) - goto cleanupArgv; - + goto cleanup; WintunFreeAdapter(Adapter); -cleanupArgv: - LocalFree(Argv); + +cleanup: + Done(); } __declspec(dllexport) VOID __stdcall DeleteAdapter(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow) @@ -190,22 +172,20 @@ __declspec(dllexport) VOID __stdcall DeleteAdapter(HWND hwnd, HINSTANCE hinst, L UNREFERENCED_PARAMETER(hwnd); UNREFERENCED_PARAMETER(hinst); UNREFERENCED_PARAMETER(lpszCmdLine); + UNREFERENCED_PARAMETER(nCmdShow); - int Argc; - LPWSTR *Argv = CommandLineToArgvW(GetCommandLineW(), &Argc); + Init(); if (Argc < 3) - goto cleanupArgv; + goto cleanup; WINTUN_ADAPTER Adapter = { 0 }; if (FAILED(CLSIDFromString(Argv[2], &Adapter.CfgInstanceID))) - goto cleanupArgv; + goto cleanup; BOOL RebootRequired = FALSE; - Init(!!nCmdShow); WintunDeleteAdapter(&Adapter, &RebootRequired); - Done(); -cleanupArgv: - LocalFree(Argv); +cleanup: + Done(); } #endif