Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 02:58:02 -06:00
Code Activity

Windows vulnerability fix: correct checking device name to avoid possible bypass attack detected by the Open Crypto Audit project

Browse Source
This commit is contained in:
Mounir IDRASSI
2014-09-01 00:00:23 +02:00
parent 4fa4d6d227
commit f82e16f0a1
1 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/Driver/Ntdriver.c
View File

@@ -1734,6 +1734,22 @@ void TCSleep (int milliSeconds)
TCfree (timer);
}
BOOL IsDeviceName(wchar_t wszVolume[TC_MAX_PATH])
{
if ( (wszVolume[0] == '\\')
&& (wszVolume[1] == 'D' || wszVolume[1] == 'd')
&& (wszVolume[2] == 'E' || wszVolume[2] == 'e')
&& (wszVolume[3] == 'V' || wszVolume[3] == 'v')
&& (wszVolume[4] == 'I' || wszVolume[4] == 'i')
&& (wszVolume[5] == 'C' || wszVolume[5] == 'c')
&& (wszVolume[6] == 'E' || wszVolume[6] == 'e')
)
{
return TRUE;
}
else
return FALSE;
}
/* VolumeThreadProc does all the work of processing IRP's, and dispatching them
to either the ReadWrite function or the DeviceControl function */
@@ -1749,7 +1765,7 @@ VOID VolumeThreadProc (PVOID Context)
Dump ("Mount THREAD OPENING VOLUME BEGIN\n");
if (memcmp (pThreadBlock->mount->wszVolume, WIDE ("\\Device"), 14) != 0)
if ( !IsDeviceName (pThreadBlock->mount->wszVolume))
{
RtlStringCbCopyW (pThreadBlock->wszMountVolume, sizeof(pThreadBlock->wszMountVolume),WIDE ("\\??\\"));
RtlStringCbCatW (pThreadBlock->wszMountVolume, sizeof(pThreadBlock->wszMountVolume),pThreadBlock->mount->wszVolume);