Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-02 02:34:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

[KERNEL32] Re-enable Safer and AppCompat checks in CreateProcessInternalW. CORE-12585

Browse source 
svn path=/trunk/; revision=73473
This commit is contained in:
Mark Jansen 2016-12-20 19:51:44 +00:00
parent 974a6b6921
commit bd37cb261c
1 changed files with 27 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
reactos/dll/win32/kernel32/client/proc.c
View file

@ -2313,7 +2313,7 @@ CreateProcessInternalW(IN HANDLE hUserToken,
HANDLE FileHandle, SectionHandle, ProcessHandle;
ULONG ResumeCount;
PROCESS_PRIORITY_CLASS PriorityClass;
NTSTATUS Status, Status1, ImageDbgStatus;
NTSTATUS Status, AppCompatStatus, SaferStatus, IFEOStatus, ImageDbgStatus;
PPEB Peb, RemotePeb;
PTEB Teb;
INITIAL_TEB InitialTeb;
@ -2386,7 +2386,7 @@ CreateProcessInternalW(IN HANDLE hUserToken,
/* Zero out the initial core variables and handles */
QuerySection = FALSE;
InJob = FALSE;
SkipSaferAndAppCompat = TRUE; // HACK for making .bat/.cmd launch working again.
SkipSaferAndAppCompat = FALSE;
ParameterFlags = 0;
Flags = 0;
DebugHandle = NULL;
@ -3051,12 +3051,12 @@ StartScan:
if (QuerySection)
{
/* Nothing to do */
Status = STATUS_SUCCESS;
AppCompatStatus = STATUS_SUCCESS;
}
else
{
/* Get some information about the executable */
Status = NtQuerySection(SectionHandle,
AppCompatStatus = NtQuerySection(SectionHandle,
SectionImageInformation,
&ImageInformation,
sizeof(ImageInformation),
@ -3064,7 +3064,7 @@ StartScan:
}
/* Do we have section information now? */
if (NT_SUCCESS(Status))
if (NT_SUCCESS(AppCompatStatus))
{
/* Don't ask for it again, save the machine type */
QuerySection = TRUE;
@ -3073,7 +3073,7 @@ StartScan:
}
/* Is there a reason/Shim we shouldn't run this application? */
Status = BasepCheckBadapp(FileHandle,
AppCompatStatus = BasepCheckBadapp(FileHandle,
FreeBuffer,
lpEnvironment,
ImageMachine,
@ -3082,11 +3082,11 @@ StartScan:
&AppCompatSxsData,
&AppCompatSxsDataSize,
&FusionFlags);
if (!NT_SUCCESS(Status))
if (!NT_SUCCESS(AppCompatStatus))
{
/* This is usually the status we get back */
DPRINT1("App compat launch failure: %lx\n", Status);
if (Status == STATUS_ACCESS_DENIED)
DPRINT1("App compat launch failure: %lx\n", AppCompatStatus);
if (AppCompatStatus == STATUS_ACCESS_DENIED)
{
/* Convert it to something more Win32-specific */
SetLastError(ERROR_CANCELLED);
@ -3094,7 +3094,7 @@ StartScan:
else
{
/* Some other error */
BaseSetLastNTError(Status);
BaseSetLastNTError(AppCompatStatus);
}
/* Did we have a section? */
@ -3148,13 +3148,13 @@ StartScan:
if (SaferNeeded)
{
/* We have to call into the WinSafer library and actually check */
Status = BasepCheckWinSaferRestrictions(hUserToken,
SaferStatus = BasepCheckWinSaferRestrictions(hUserToken,
(LPWSTR)lpApplicationName,
FileHandle,
&InJob,
&TokenHandle,
&JobHandle);
if (Status == 0xFFFFFFFF)
if (SaferStatus == 0xFFFFFFFF)
{
/* Back in 2003, they didn't have an NTSTATUS for this... */
DPRINT1("WinSafer blocking process launch\n");
@ -3164,10 +3164,10 @@ StartScan:
}
/* Other status codes are not-Safer related, just convert them */
if (!NT_SUCCESS(Status))
if (!NT_SUCCESS(SaferStatus))
{
DPRINT1("Error checking WinSafer: %lx\n", Status);
BaseSetLastNTError(Status);
DPRINT1("Error checking WinSafer: %lx\n", SaferStatus);
BaseSetLastNTError(SaferStatus);
Result = FALSE;
goto Quickie;
}
@ -3576,7 +3576,7 @@ StartScan:
goto Quickie;
}
/* Don't let callers pass in this flag -- we'll only get it from IFRO */
/* Don't let callers pass in this flag -- we'll only get it from IFEO */
Flags &= ~PROCESS_CREATE_FLAGS_LARGE_PAGES;
/* Clear the IFEO-missing flag, before we know for sure... */
@ -3587,11 +3587,11 @@ StartScan:
(NtCurrentPeb()->ReadImageFileExecOptions))
{
/* Let's do this! Attempt to open IFEO */
Status1 = LdrOpenImageFileOptionsKey(&PathName, 0, &KeyHandle);
if (!NT_SUCCESS(Status1))
IFEOStatus = LdrOpenImageFileOptionsKey(&PathName, 0, &KeyHandle);
if (!NT_SUCCESS(IFEOStatus))
{
/* We failed, set the flag so we store this in the parameters */
if (Status1 == STATUS_OBJECT_NAME_NOT_FOUND) ParameterFlags |= 2;
if (IFEOStatus == STATUS_OBJECT_NAME_NOT_FOUND) ParameterFlags |= 2;
}
else
{
@ -3605,8 +3605,8 @@ StartScan:
if (!DebuggerCmdLine)
{
/* Close IFEO on failure */
Status1 = NtClose(KeyHandle);
ASSERT(NT_SUCCESS(Status1));
IFEOStatus = NtClose(KeyHandle);
ASSERT(NT_SUCCESS(IFEOStatus));
/* Fail the call */
SetLastError(ERROR_NOT_ENOUGH_MEMORY);
@ -3616,13 +3616,13 @@ StartScan:
}
/* Now query for the debugger */
Status1 = LdrQueryImageFileKeyOption(KeyHandle,
IFEOStatus = LdrQueryImageFileKeyOption(KeyHandle,
L"Debugger",
REG_SZ,
DebuggerCmdLine,
MAX_PATH * sizeof(WCHAR),
&ResultSize);
if (!(NT_SUCCESS(Status1)) ||
if (!(NT_SUCCESS(IFEOStatus)) ||
(ResultSize < sizeof(WCHAR)) ||
(DebuggerCmdLine[0] == UNICODE_NULL))
{
@ -3632,21 +3632,21 @@ StartScan:
}
/* Also query if we should map with large pages */
Status1 = LdrQueryImageFileKeyOption(KeyHandle,
IFEOStatus = LdrQueryImageFileKeyOption(KeyHandle,
L"UseLargePages",
REG_DWORD,
&UseLargePages,
sizeof(UseLargePages),
NULL);
if ((NT_SUCCESS(Status1)) && (UseLargePages))
if ((NT_SUCCESS(IFEOStatus)) && (UseLargePages))
{
/* Do it! This is the only way this flag can be set */
Flags |= PROCESS_CREATE_FLAGS_LARGE_PAGES;
}
/* We're done with IFEO, can close it now */
Status1 = NtClose(KeyHandle);
ASSERT(NT_SUCCESS(Status1));
IFEOStatus = NtClose(KeyHandle);
ASSERT(NT_SUCCESS(IFEOStatus));
}
}