Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 02:58:02 -06:00
Code Activity

Windows: Enhancement to the fix for CVE-2019-19501

Browse Source
This commit is contained in:
Mounir IDRASSI
2019-12-05 13:19:06 +01:00
parent ade8e3f8cb
commit 27d1f404f1
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/Common/Dlgcode.c
View File

@@ -14117,7 +14117,7 @@ static bool RunAsDesktopUser(
return false; return false;
} }
if (!OpenThreadToken (GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES, FALSE, &hThreadToken)) if (!OpenThreadToken (GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES, TRUE, &hThreadToken))
{ {
return false; return false;
} }
@@ -14127,6 +14127,9 @@ static bool RunAsDesktopUser(
tkp.PrivilegeCount = 1; tkp.PrivilegeCount = 1;
LookupPrivilegeValueW(NULL, SE_INCREASE_QUOTA_NAME, &tkp.Privileges[0].Luid); LookupPrivilegeValueW(NULL, SE_INCREASE_QUOTA_NAME, &tkp.Privileges[0].Luid);
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
SetThreadToken (NULL, NULL);
AdjustTokenPrivileges(hThreadToken, FALSE, &tkp, 0, NULL, NULL); AdjustTokenPrivileges(hThreadToken, FALSE, &tkp, 0, NULL, NULL);
dwLastErr = GetLastError(); dwLastErr = GetLastError();
if (ERROR_SUCCESS != dwLastErr) if (ERROR_SUCCESS != dwLastErr)
@@ -14233,9 +14236,9 @@ void SafeOpenURL (LPCWSTR szUrl)
StringCbPrintfW(szRunDllPath, sizeof(szRunDllPath), L"%s\\%s", szSystemPath, L"rundll32.exe"); StringCbPrintfW(szRunDllPath, sizeof(szRunDllPath), L"%s\\%s", szSystemPath, L"rundll32.exe");
StringCbPrintfW(szUrlDllPath, sizeof(szUrlDllPath), L"%s\\%s", szSystemPath, L"url.dll"); StringCbPrintfW(szUrlDllPath, sizeof(szUrlDllPath), L"%s\\%s", szSystemPath, L"url.dll");
StringCchPrintfW(szCommandLine, 1024, L"%s,FileProtocolHandler %s", szUrlDllPath, szUrl); StringCchPrintfW(szCommandLine, 1024, L"%s %s,FileProtocolHandler %s", szRunDllPath, szUrlDllPath, szUrl);
RunAsDesktopUser (szRunDllPath, szCommandLine); RunAsDesktopUser (NULL, szCommandLine);
delete [] szCommandLine; delete [] szCommandLine;
} }