Hesham/wintun
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

api: remove security attributes debug trap door

Browse Source 
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2020-10-30 13:26:36 +01:00 committed by Simon Rozman
parent 7964694e1e
commit 8c935ce151
6 changed files with 14 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
api/adapter.c
View File

@ -1274,7 +1274,7 @@ CreateTemporaryDirectory(_Out_cap_c_(MAX_PATH) WCHAR *RandomTempSubDirectory)
swprintf_s(&RandomSubDirectory[i * 2], 3, L"%02x", RandomBytes[i]); swprintf_s(&RandomSubDirectory[i * 2], 3, L"%02x", RandomBytes[i]);
if (!PathCombineW(RandomTempSubDirectory, WindowsTempDirectory, RandomSubDirectory)) if (!PathCombineW(RandomTempSubDirectory, WindowsTempDirectory, RandomSubDirectory))
return ERROR_BUFFER_OVERFLOW; return ERROR_BUFFER_OVERFLOW;
if (!CreateDirectoryW(RandomTempSubDirectory, SecurityAttributes)) if (!CreateDirectoryW(RandomTempSubDirectory, &SecurityAttributes))
return LOG_LAST_ERROR(L"Failed to create temporary folder"); return LOG_LAST_ERROR(L"Failed to create temporary folder");
return ERROR_SUCCESS; return ERROR_SUCCESS;
} }
@ -1415,8 +1415,8 @@ ExecuteRunDll32(
} }
HANDLE StreamRStdout = INVALID_HANDLE_VALUE, StreamRStderr = INVALID_HANDLE_VALUE, HANDLE StreamRStdout = INVALID_HANDLE_VALUE, StreamRStderr = INVALID_HANDLE_VALUE,
StreamWStdout = INVALID_HANDLE_VALUE, StreamWStderr = INVALID_HANDLE_VALUE; StreamWStdout = INVALID_HANDLE_VALUE, StreamWStderr = INVALID_HANDLE_VALUE;
if (!CreatePipe(&StreamRStdout, &StreamWStdout, SecurityAttributes, 0) || if (!CreatePipe(&StreamRStdout, &StreamWStdout, &SecurityAttributes, 0) ||
!CreatePipe(&StreamRStderr, &StreamWStderr, SecurityAttributes, 0)) !CreatePipe(&StreamRStderr, &StreamWStderr, &SecurityAttributes, 0))
{ {
Result = LOG_LAST_ERROR(L"Failed to create pipes"); Result = LOG_LAST_ERROR(L"Failed to create pipes");
goto cleanupPipes; goto cleanupPipes;
@ -1433,8 +1433,8 @@ ExecuteRunDll32(
.Response = Response, .Response = Response,
.ResponseCapacity = ResponseCapacity }; .ResponseCapacity = ResponseCapacity };
HANDLE ThreadStdout = NULL, ThreadStderr = NULL; HANDLE ThreadStdout = NULL, ThreadStderr = NULL;
if ((ThreadStdout = CreateThread(SecurityAttributes, 0, ProcessStdout, &ProcessStdoutState, 0, NULL)) == NULL || if ((ThreadStdout = CreateThread(&SecurityAttributes, 0, ProcessStdout, &ProcessStdoutState, 0, NULL)) == NULL ||
(ThreadStderr = CreateThread(SecurityAttributes, 0, ProcessStderr, StreamRStderr, 0, NULL)) == NULL) (ThreadStderr = CreateThread(&SecurityAttributes, 0, ProcessStderr, StreamRStderr, 0, NULL)) == NULL)
{ {
Result = LOG_LAST_ERROR(L"Failed to spawn reader threads"); Result = LOG_LAST_ERROR(L"Failed to spawn reader threads");
goto cleanupThreads; goto cleanupThreads;

12
api/api.c
View File

@ -7,8 +7,7 @@
HINSTANCE ResourceModule; HINSTANCE ResourceModule;
HANDLE ModuleHeap; HANDLE ModuleHeap;
static SECURITY_ATTRIBUTES SecurityAttributesSystem = { .nLength = sizeof(SECURITY_ATTRIBUTES) }; SECURITY_ATTRIBUTES SecurityAttributes = { .nLength = sizeof(SECURITY_ATTRIBUTES) };
SECURITY_ATTRIBUTES *SecurityAttributes;
WINTUN_STATUS WINAPI WINTUN_STATUS WINAPI
WintunGetVersion( WintunGetVersion(
@ -65,11 +64,8 @@ DllMain(_In_ HINSTANCE hinstDLL, _In_ DWORD fdwReason, _In_ LPVOID lpvReserved)
case DLL_PROCESS_ATTACH: case DLL_PROCESS_ATTACH:
ResourceModule = hinstDLL; ResourceModule = hinstDLL;
ModuleHeap = HeapCreate(0, 0, 0); ModuleHeap = HeapCreate(0, 0, 0);
#ifndef _DEBUG
ConvertStringSecurityDescriptorToSecurityDescriptorW( ConvertStringSecurityDescriptorToSecurityDescriptorW(
L"O:SYD:P(A;;GA;;;SY)", SDDL_REVISION_1, &SecurityAttributesSystem.lpSecurityDescriptor, NULL); L"O:SYD:P(A;;GA;;;SY)", SDDL_REVISION_1, &SecurityAttributes.lpSecurityDescriptor, NULL);
SecurityAttributes = &SecurityAttributesSystem;
#endif
AdapterInit(); AdapterInit();
NamespaceInit(); NamespaceInit();
NciInit(); NciInit();
@ -78,9 +74,7 @@ DllMain(_In_ HINSTANCE hinstDLL, _In_ DWORD fdwReason, _In_ LPVOID lpvReserved)
case DLL_PROCESS_DETACH: case DLL_PROCESS_DETACH:
NciCleanup(); NciCleanup();
NamespaceCleanup(); NamespaceCleanup();
#ifndef _DEBUG LocalFree(SecurityAttributes.lpSecurityDescriptor);
LocalFree(SecurityAttributesSystem.lpSecurityDescriptor);
#endif
HeapDestroy(ModuleHeap); HeapDestroy(ModuleHeap);
break; break;
} }

2
api/api.h
View File

@ -23,4 +23,4 @@
extern HINSTANCE ResourceModule; extern HINSTANCE ResourceModule;
extern HANDLE ModuleHeap; extern HANDLE ModuleHeap;
extern SECURITY_ATTRIBUTES *SecurityAttributes; extern SECURITY_ATTRIBUTES SecurityAttributes;

4
api/namespace.c
View File

@ -82,7 +82,7 @@ NamespaceRuntimeInit(void)
for (;;) for (;;)
{ {
if (CreatePrivateNamespaceW(SecurityAttributes, Boundary, L"Wintun")) if (CreatePrivateNamespaceW(&SecurityAttributes, Boundary, L"Wintun"))
break; break;
Result = GetLastError(); Result = GetLastError();
if (Result == ERROR_ALREADY_EXISTS) if (Result == ERROR_ALREADY_EXISTS)
@ -138,7 +138,7 @@ NamespaceTakeMutex(_In_z_ const WCHAR *Pool)
memcpy(MutexName, MutexNamePrefix, sizeof(MutexNamePrefix) - sizeof(WCHAR)); memcpy(MutexName, MutexNamePrefix, sizeof(MutexNamePrefix) - sizeof(WCHAR));
Bin2Hex(Hash, sizeof(Hash), MutexName + _countof(MutexNamePrefix) - 1); Bin2Hex(Hash, sizeof(Hash), MutexName + _countof(MutexNamePrefix) - 1);
MutexName[_countof(MutexName) - 1] = 0; MutexName[_countof(MutexName) - 1] = 0;
Mutex = CreateMutexW(SecurityAttributes, FALSE, MutexName); Mutex = CreateMutexW(&SecurityAttributes, FALSE, MutexName);
if (!Mutex) if (!Mutex)
goto cleanupPoolNorm; goto cleanupPoolNorm;
switch (WaitForSingleObject(Mutex, INFINITE)) switch (WaitForSingleObject(Mutex, INFINITE))

2
api/resource.c
View File

@ -38,7 +38,7 @@ ResourceCopyToFile(_In_z_ const WCHAR *DestinationPath, _In_z_ const WCHAR *Reso
DestinationPath, DestinationPath,
GENERIC_WRITE, GENERIC_WRITE,
0, 0,
SecurityAttributes, &SecurityAttributes,
CREATE_NEW, CREATE_NEW,
FILE_ATTRIBUTE_NORMAL | FILE_ATTRIBUTE_TEMPORARY, FILE_ATTRIBUTE_NORMAL | FILE_ATTRIBUTE_TEMPORARY,
NULL); NULL);

4
api/session.c
View File

@ -86,7 +86,7 @@ WintunStartSession(_In_ const WINTUN_ADAPTER *Adapter, _In_ DWORD Capacity, _Out
} }
(*Session)->Descriptor.Send.RingSize = RingSize; (*Session)->Descriptor.Send.RingSize = RingSize;
(*Session)->Descriptor.Send.Ring = (TUN_RING *)AllocatedRegion; (*Session)->Descriptor.Send.Ring = (TUN_RING *)AllocatedRegion;
(*Session)->Descriptor.Send.TailMoved = CreateEventW(SecurityAttributes, FALSE, FALSE, NULL); (*Session)->Descriptor.Send.TailMoved = CreateEventW(&SecurityAttributes, FALSE, FALSE, NULL);
if (!(*Session)->Descriptor.Send.TailMoved) if (!(*Session)->Descriptor.Send.TailMoved)
{ {
Result = LOG_LAST_ERROR(L"Failed to create send event"); Result = LOG_LAST_ERROR(L"Failed to create send event");
@ -95,7 +95,7 @@ WintunStartSession(_In_ const WINTUN_ADAPTER *Adapter, _In_ DWORD Capacity, _Out
(*Session)->Descriptor.Receive.RingSize = RingSize; (*Session)->Descriptor.Receive.RingSize = RingSize;
(*Session)->Descriptor.Receive.Ring = (TUN_RING *)(AllocatedRegion + RingSize); (*Session)->Descriptor.Receive.Ring = (TUN_RING *)(AllocatedRegion + RingSize);
(*Session)->Descriptor.Receive.TailMoved = CreateEvent(SecurityAttributes, FALSE, FALSE, NULL); (*Session)->Descriptor.Receive.TailMoved = CreateEvent(&SecurityAttributes, FALSE, FALSE, NULL);
if (!(*Session)->Descriptor.Receive.TailMoved) if (!(*Session)->Descriptor.Receive.TailMoved)
{ {
Result = LOG_LAST_ERROR(L"Failed to create receive event"); Result = LOG_LAST_ERROR(L"Failed to create receive event");