fixed "Windows Installer Service could not be accessed"

sandboxie-plus · Apr 10, 2020 · e9d144b · jsoref · Apr 12, 2020 · jsoref
1 parent a1de93f
commit e9d144b
Show file tree

Hide file tree

Showing 8 changed files with 59 additions and 21 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,13 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+This project adheres to [Semantic Versioning](http://semver.org/).
+
+## [5.40.1] - 2020-04-10
+
+### Added
+- "Other" type for the Resource Access Monitor
+-- added call to StartService to the logged Resources
+
+### Fixed
+- fixed "Windows Installer Service could not be accessed" that got introduced with Windows 1903
+
diff --git a/Sandboxie/apps/control/AboutDialog.cpp b/Sandboxie/apps/control/AboutDialog.cpp
@@ -143,7 +143,7 @@ BOOL CAboutDialog::OnInitDialog()
         U_PDF = L' ';
     }
     text.Format(L"%S %c(%d-bit)%c",
-        MY_VERSION_STRING, U_LRO, _bitness, U_PDF);
+        MY_VERSION_STRING_EX, U_LRO, _bitness, U_PDF);
 
     CString ver = CMyMsg(MSG_3302, text);
     GetDlgItem(ID_ABOUT_VERSION)->SetWindowText(ver);

diff --git a/Sandboxie/apps/control/MonitorDialog.cpp b/Sandboxie/apps/control/MonitorDialog.cpp
@@ -101,6 +101,7 @@ void CMonitorDialog::OnIdle()
     static const WCHAR *_Clsid      = L"Clsid    ";
     static const WCHAR *_Image      = L"Image    ";
     static const WCHAR *_FileOrKey  = L"File/Key ";
+	static const WCHAR *_Other      = L"Other    ";
     static const WCHAR *_Separator  = L"   -------------------------------";
 
     CListBox *listbox = (CListBox *)GetDlgItem(ID_MESSAGE_LIST);
@@ -147,6 +148,8 @@ void CMonitorDialog::OnIdle()
             PrefixPtr = _Image;
         else if (type == MONITOR_FILE_OR_KEY)
             PrefixPtr = _FileOrKey;
+        else if (type == MONITOR_OTHER)
+            PrefixPtr = _Other;
         wcsncpy(name, PrefixPtr, 9);
 
         int index = listbox->AddString(name);

diff --git a/Sandboxie/common/my_version.h b/Sandboxie/common/my_version.h
@@ -22,6 +22,7 @@
 
 #define MY_VERSION_BINARY       5,40
 #define MY_VERSION_STRING       "5.40"
+#define MY_VERSION_STRING_EX	"5.40.1"
 
 // These #defines are used by either Resource Compiler, or by NSIC installer
 #define SBIE_INSTALLER_PATH		"..\\Bin\\"

diff --git a/Sandboxie/core/dll/gui.c b/Sandboxie/core/dll/gui.c
@@ -724,26 +724,27 @@ _FX void Gui_InitWindows7(void)
 // Processthreadsapi.h from Windows 8 See
 // https://msdn.microsoft.com/en-us/library/windows/desktop/hh769085%28v=vs.85%29.aspx
 // https://msdn.microsoft.com/en-us/library/windows/desktop/hh871472(v=vs.85).aspx
+#if 0
+typedef enum _PROCESS_MITIGATION_POLICY { 
+  ProcessDEPPolicy                  = 0,
+  ProcessASLRPolicy                 = 1,
+  ProcessReserved1MitigationPolicy  = 2,
+  ProcessStrictHandleCheckPolicy    = 3,
+  ProcessSystemCallDisablePolicy    = 4,
+  MaxProcessMitigationPolicy        = 5
+} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;
+
+typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY {
+  union {
+      DWORD  Flags;
+      struct {
+          DWORD DisallowWin32kSystemCalls : 1;
+          DWORD ReservedFlags : 31;
+      };
+  };
+} PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY;
+#endif
 
-//typedef enum _PROCESS_MITIGATION_POLICY { 
-//  ProcessDEPPolicy                  = 0,
-//  ProcessASLRPolicy                 = 1,
-//  ProcessReserved1MitigationPolicy  = 2,
-//  ProcessStrictHandleCheckPolicy    = 3,
-//  ProcessSystemCallDisablePolicy    = 4,
-//  MaxProcessMitigationPolicy        = 5
-//} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;
-//
-//typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY {
-//  union {
-//      DWORD  Flags;
-//      struct {
-//          DWORD DisallowWin32kSystemCalls : 1;
-//          DWORD ReservedFlags : 31;
-//      };
-//  };
-//} PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY;
-//
 typedef BOOL (WINAPI * pGetProcessMitigationPolicy)(
     HANDLE hProcess,
     PROCESS_MITIGATION_POLICY MitigationPolicy,

diff --git a/Sandboxie/core/dll/scm.c b/Sandboxie/core/dll/scm.c
@@ -847,6 +847,13 @@ _FX BOOL Scm_CloseServiceHandle(SC_HANDLE hSCObject)
 _FX WCHAR *Scm_GetHandleName(SC_HANDLE hService)
 {
     WCHAR *name = NULL;
+	// fix-me: refactory include of SC_HANDLE_
+	if (hService == /*SC_HANDLE_RPCSS*/((SC_HANDLE)0x12345672))
+		return L"RpcSs";
+	if (hService == /*SC_HANDLE_MSISERVER*/((SC_HANDLE)0x12345673))
+		return L"MSIServer";
+	if (hService == /*SC_HANDLE_EVENTSYSTEM*/((SC_HANDLE)0x12345674))
+		return L"EventSystem";
     __try {
         if (hService && *(ULONG *)hService == tzuk)
             name = (WCHAR *)(((ULONG *)hService) + 1);

diff --git a/Sandboxie/core/dll/scm_create.c b/Sandboxie/core/dll/scm_create.c
@@ -824,6 +824,10 @@ _FX BOOL SbieDll_StartBoxedService(const WCHAR *ServiceName, BOOLEAN WithAdd)
     SERVICE_QUERY_RPL *rpl;
     ULONG retries, error;
 
+	//WCHAR text[130];
+	//Sbie_swprintf(text, L"StartBoxedService; name: '%s'; pid: %d", ServiceName, GetCurrentProcessId()); // fix-me: pottential buffer overflow
+    //SbieApi_MonitorPut(MONITOR_OTHER, text);
+
     //
     // when invoked from SandboxieRpcSs to handle StartProcess,
     // specify WithAdd to add the service to the sandbox
@@ -1091,6 +1095,10 @@ _FX BOOL Scm_StartServiceW(
     if (! ServiceName)
         return FALSE;
 
+    WCHAR text[130];
+	Sbie_swprintf(text, L"StartService; name: '%s'; pid: %d", ServiceName, GetCurrentProcessId()); // fix-me: pottential buffer overflow
+    SbieApi_MonitorPut(MONITOR_OTHER, text);
+
     if (Scm_IsBoxedService(ServiceName))
         return SbieDll_StartBoxedService(ServiceName, FALSE);
 
@@ -1190,7 +1198,7 @@ _FX BOOL Scm_StartServiceCtrlDispatcherX(
         L"00000000_" SBIE L"_SERVICE_NAME";
     WCHAR *ServiceName;
     WCHAR *Buffer;
-    UNICODE_STRING uni;
+    UNICODE_STRING uni; // fix-me: this mustbe freed !
     void *args[3];
     ULONG ThreadId;
     HANDLE hEvent;
@@ -1254,6 +1262,10 @@ _FX BOOL Scm_StartServiceCtrlDispatcherX(
         }
     }
 
+    //WCHAR text[130];
+	//Sbie_swprintf(text, L"StartServiceCtrlDispatcher; name: '%s'; pid %d", ServiceName, GetCurrentProcessId()); // fix-me: pottential buffer overflow
+    //SbieApi_MonitorPut(MONITOR_OTHER, text);
+
     //
     // open the key for the service
     //

diff --git a/Sandboxie/core/drv/api_flags.h b/Sandboxie/core/drv/api_flags.h
@@ -49,6 +49,7 @@
 #define MONITOR_IGNORE              0x066B
 #define MONITOR_IMAGE               0x077B
 #define MONITOR_FILE_OR_KEY         0x088B
+#define MONITOR_OTHER				0x099B
 #define MONITOR_OPEN                0x1000
 #define MONITOR_DENY                0x2000