Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2026-05-21 21:30:48 -05:00
Code Activity

Windows: Fix elevated COM format drive validation and device path normalization (#1670)

Browse Source 
* Windows: Add input validation whitelists to elevated COM methods

* Windows: Add drive number validation to FormatNtfs and FormatFs COM methods

* Windows: Fix correctness regressions in elevated COM format and device path validation

* Windows: Revert unready COM input validation; keep FormatNtfs/FormatFs return fix
This commit is contained in:
audriusbuika
2026-04-16 04:31:02 +03:00
committed by GitHub
parent 3e9c47d256
commit 4fea6403ce
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Common/BootEncryption.cpp
+1 -1
View File
@@ -1041,7 +1041,7 @@ namespace VeraCrypt
FileOpen = false; FileOpen = false;
Elevated = false; Elevated = false;
if (path.find(L"\\\\?\\") == 0) if (path.find(L"\\\\?\\") == 0 || path.find(L"\\\\.\\") == 0)
effectivePath = path; effectivePath = path;
else else
effectivePath = wstring (L"\\\\.\\") + path; effectivePath = wstring (L"\\\\.\\") + path;
src/Format/FormatCom.cpp
+4
View File
@@ -92,6 +92,8 @@ public:
virtual BOOL STDMETHODCALLTYPE FormatNtfs (int driveNo, int clusterSize) virtual BOOL STDMETHODCALLTYPE FormatNtfs (int driveNo, int clusterSize)
{ {
if (driveNo < 0 || driveNo > 25)
return ERROR_INVALID_PARAMETER;
return ::FormatNtfs (driveNo, clusterSize, TRUE); return ::FormatNtfs (driveNo, clusterSize, TRUE);
} }
@@ -134,6 +136,8 @@ public:
virtual BOOL STDMETHODCALLTYPE FormatFs (int driveNo, int clusterSize, int fsType) virtual BOOL STDMETHODCALLTYPE FormatFs (int driveNo, int clusterSize, int fsType)
{ {
if (driveNo < 0 || driveNo > 25)
return ERROR_INVALID_PARAMETER;
return ::FormatFs (driveNo, clusterSize, fsType, TRUE); return ::FormatFs (driveNo, clusterSize, fsType, TRUE);
} }