Windows: Protect against using a container file as its own keyfile. Normalizing path names to never use '/' but always '\'.

2025-11-12 19:38:26 -06:00 · 2015-08-24 01:31:30 +02:00
parent 20cb199e55
commit ad3b8eca69
9 changed files with 95 additions and 40 deletions
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -6184,6 +6184,16 @@ BOOL CheckFileExtension (char *fileName)
 	return FALSE;
 }

+void CorrectFileName (char* fileName)
+{
+	/* replace '/' by '\' */
+	size_t i, len = strlen (fileName);
+	for (i = 0; i < len; i++)
+	{
+		if (fileName [i] == '/')
+			fileName [i] = '\\';
+	}
+}

 void IncreaseWrongPwdRetryCount (int count)
 {
--- a/src/Common/Dlgcode.h
+++ b/src/Common/Dlgcode.h
@@ -328,6 +328,7 @@ static BOOL CALLBACK CloseVolumeExplorerWindowsEnum( HWND hwnd, LPARAM driveNo);
 BOOL CloseVolumeExplorerWindows (HWND hwnd, int driveNo);
 BOOL CheckCapsLock (HWND hwnd, BOOL quiet);
 BOOL CheckFileExtension (char *fileName);
+void CorrectFileName (char* fileName);
 void IncreaseWrongPwdRetryCount (int count);
 void ResetWrongPwdRetryCount (void);
 BOOL WrongPwdRetryCountOverLimit (void);
--- a/src/Common/Keyfiles.c
+++ b/src/Common/Keyfiles.c
@@ -222,7 +222,7 @@ close:
 }


-BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFile)
+BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFile, const char* volumeFileName)
 {
 	BOOL status = TRUE;
 	KeyFile kfSubStruct;
@@ -322,7 +322,7 @@ BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFile)
 				StringCbPrintfA (kfSub->FileName, sizeof(kfSub->FileName), "%s%c%s", kf->FileName,
 					'\\',
 					fBuf.name
-					);
+					);				

 				// Determine whether it's a path or a file
 				if (stat (kfSub->FileName, &statStruct) != 0)
@@ -346,6 +346,13 @@ BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFile)
 					continue;	 
 				}

+				CorrectFileName (kfSub->FileName);
+				if (volumeFileName && (_stricmp (volumeFileName, kfSub->FileName) == 0))
+				{
+					// skip if it is the current container file name
+					continue;
+				}
+
 				++keyfileCount;

 				// Apply keyfile to the pool
@@ -474,13 +481,25 @@ BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
 			{
 				if (SelectMultipleFiles (hwndDlg, "SELECT_KEYFILE", kf->FileName, sizeof(kf->FileName),bHistory))
 				{
+					bool containerFileSkipped = false;
 					do
 					{
-						param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
-						LoadKeyList (hwndDlg, param->FirstKeyFile);
+						CorrectFileName (kf->FileName);
+						if (_stricmp (param->VolumeFileName, kf->FileName) == 0)
+							containerFileSkipped = true;
+						else
+						{
+							param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
+							LoadKeyList (hwndDlg, param->FirstKeyFile);

-						kf = (KeyFile *) malloc (sizeof (KeyFile));
+							kf = (KeyFile *) malloc (sizeof (KeyFile));
+						}
 					} while (SelectMultipleFilesNext (kf->FileName, sizeof(kf->FileName)));
+
+					if (containerFileSkipped)
+					{
+						Warning ("SELECTED_KEYFILE_IS_CONTAINER_FILE", hwndDlg);
+					}
 				}

 				free (kf);
--- a/src/Common/Keyfiles.h
+++ b/src/Common/Keyfiles.h
@@ -30,6 +30,7 @@ typedef struct KeyFileStruct

 typedef struct
 {
+	char VolumeFileName[MAX_PATH + 1];
 	BOOL EnableKeyFiles;
 	KeyFile *FirstKeyFile;
 } KeyFilesDlgParam;
@@ -38,7 +39,7 @@ KeyFile *KeyFileAdd (KeyFile *firstKeyFile, KeyFile *keyFile);
 void KeyFileRemoveAll (KeyFile **firstKeyFile);
 KeyFile *KeyFileClone (KeyFile *keyFile);
 KeyFile *KeyFileCloneAll (KeyFile *firstKeyFile);
-BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFile);
+BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFilem, const char* volumeFileName);

 BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam);
 BOOL KeyfilesPopupMenu (HWND hwndDlg, POINT popupPosition, KeyFilesDlgParam *dialogParam);
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -647,6 +647,7 @@
    <string lang="en" key="SELECT_KEYFILE">Select Keyfile</string>
    <string lang="en" key="SELECT_KEYFILE_PATH">Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames!</string>
    <string lang="en" key="SELECT_KEYFILE_GENERATION_DIRECTORY">Select a directory where to store the keyfiles.</string>
+    <string lang="en" key="SELECTED_KEYFILE_IS_CONTAINER_FILE">The current container file was selected as a keyfile. It will be skipped.</string>
    <string lang="en" key="SERPENT_HELP">Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists.</string>
    <string lang="en" key="SIZE_HELP">Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB.</string>
    <string lang="en" key="SIZE_HELP_HIDDEN_HOST_VOL">Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB.</string>