BOOL CKClearProc::DZ_GetNoinstallApp(int n)
{
if (g_vsNoinstallapp.Find(n) == -1)
{
return FALSE;
}
return TRUE;
}
void ListDeleteItems(CListViewCtrlEx &listCtrl, CSimpleArray<int> &arr)
{
for(int i=listCtrl.GetItemCount()-1; i>=0; --i)
{
T_VulListItemData *pItem = (T_VulListItemData*)listCtrl.GetItemData(i);
if(pItem && arr.Find(pItem->nID)!=-1)
{
listCtrl.DeleteItem( i );
}
}
}
void CUserPatcher::_FillRegInfo( INT nKBID, LPCTSTR szPatchName, LPCTSTR szProductKey, LPCTSTR szPatchKey, LPCTSTR szPatchValue, LPCTSTR szLogfile )
{
LPCTSTR _key_patch = _T("Patches");
CString strProduct;
strProduct.Format(_T("Installer\\Products\\%s\\Patches"), szProductKey);
WriteRegString(HKEY_CLASSES_ROOT, strProduct, szPatchKey, szPatchValue);
CSimpleArray<CString> ms;
ReadRegMString(HKEY_CLASSES_ROOT, strProduct, _key_patch, ms);
if( ms.Find(szPatchKey)==-1 )
{
ms.Add( szPatchKey );
WriteRegMString(HKEY_CLASSES_ROOT, strProduct, _key_patch, ms);
}
// HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Patches\CEA540E1AE6DD1D41A6E01E6EF2B271C
CString strPatchInfo;
strPatchInfo.Format(_T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\%s\\Patches\\%s"), szProductKey, szPatchKey);
CString strMoreInfoURL;
FormatKBWebUrl( strMoreInfoURL, nKBID );
CString strDate;
_GetDateString(strDate);
WriteRegString(HKEY_LOCAL_MACHINE, strPatchInfo, _T("DisplayName"), szPatchName);
WriteRegString(HKEY_LOCAL_MACHINE, strPatchInfo, _T("Installed"), strDate);
WriteRegString(HKEY_LOCAL_MACHINE, strPatchInfo, _T("MoreInfoURL"), strMoreInfoURL);
WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("LUAEnabled"), 0);
WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("MSI3"), 1);
WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("PatchType"), 0);
WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("State"), 1);
WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("Uninstallable"),0);
}
HRESULT CImplVulfix::Scan(DWORD dwFlags)
{
TIME_CHECK( _T("CImplVulfix::Scan ") );
m_Canceled = FALSE;
T_ComInit __init__com__;
HRESULT hr ;
do
{
Reset();
GetLangID();
CSysEnv& sysEnv = singleton<CSysEnv>::Instance();
sysEnv.Init();
if( FAILED( hr=sysEnv.IsSupported(FALSE) ) )
break;
Init();
m_objIgnore.LoadIgnoreDB();
CString filenameSystem, filenameOffice, filenameSoft;
GetXmlDBFileName(VTYPE_WINDOWS, filenameSystem, IsWin64());
GetXmlDBFileName(VTYPE_OFFICE, filenameOffice, FALSE);
GetXmlDBFileName(VTYPE_SOFTLEAK, filenameSoft, FALSE);
if( !PathFileExists(filenameSystem) && !PathFileExists(filenameOffice) && !PathFileExists(filenameSoft) )
{
hr = KERR_LOAD_FILE;
break;
}
m_pFilterOS = CreateOSFilter(sysEnv.m_WinVer, dwFlags);
InitOSFilter( m_pFilterOS, sysEnv.m_WinVer, dwFlags);
if( m_pFilterOS->WaitComplete() )
{
m_dbOS.SetObserver( m_Observer );
m_dbOffice.SetObserver( m_Observer );
m_dbSoft.SetObserver( m_Observer );
m_pFilterOS->SetIIgnore( &m_objIgnore );
CString filename;
try
{
FixLocale();
//BOOL bWin64 = IsWin64();
//PVOID OldValue = NULL;
//if(bWin64)
// Wow64DisableWow64FsRedirection(&OldValue);
!m_Canceled && m_dbOffice.Load( filenameOffice, m_pFilterOS, dwFlags );
!m_Canceled && sysEnv.IsLangSupported() && sysEnv.IsOsSupported() && m_dbOS.Load( filenameSystem, m_pFilterOS, dwFlags );
!m_Canceled && m_dbSoft.Load( filenameSoft, NULL, dwFlags);
//if(bWin64)
// Wow64RevertWow64FsRedirection(OldValue);
}
catch (...)
{
hr = KERR_LOAD_FILE;
}
CSimpleArray<LPTUpdateItem> arrLeaks;
CSimpleArray<TReplacedUpdate*> arrReplaced;
m_dbOS.GetUnfixedLeakList( arrLeaks, m_arrFixedVuls, m_arrInvalid, arrReplaced );
m_dbOffice.GetUnfixedLeakList( arrLeaks, m_arrFixedVuls, m_arrInvalid, arrReplaced );
const CSimpleArray<int> &arrExpired = m_dbOS.GetExpiredIds();
CSimpleArray<int> arrReplacedId;
for(int i=0; i<arrReplaced.GetSize(); ++i)
{
arrReplacedId.Add( arrReplaced[i]->nKBID );
}
// select soft ignored vuls
CSimpleArray<LPTVulSoft> arrSoftLeaks;
m_dbSoft.GetUnfixedLeakList( arrSoftLeaks );
for(int i=0; i<arrSoftLeaks.GetSize(); ++i)
{
LPTVulSoft ps = arrSoftLeaks[i];
ps->isIgnored = m_objIgnore.IsIgnored( ps->nID );
if( ps->isIgnored )
{
LPTUpdateItem pu = new TUpdateItem;
pu->m_nType = VTYPE_SOFTLEAK;
pu->nID = ps->nID;
pu->strName = ps->matchedItem.strName;
pu->strDescription = ps->strDescription;
pu->strWebpage = ps->matchedItem.strWebpage;
pu->nWarnLevel = ps->nLevel;
pu->strPubdate = ps->strPubdate;
m_arrIgnoredVuls.Add( pu );
m_arrIgnoredVulsFromSoft.Add( pu );
}
else
m_arrSoftLeaks.Add( ps );
}
// select installable, ignored , expired
for(int i=0; i<arrLeaks.GetSize(); ++i )
{
LPTUpdateItem &pi = arrLeaks[i];
pi->isExpired = arrExpired.Find( pi->nID )!=-1;
if(pi->isExpired)
m_arrInvalid.Add( pi );
else if(pi->isIgnored)
m_arrIgnoredVuls.Add( pi );
else
{
bool bReplaced = arrReplacedId.Find( pi->nID )!=-1;
if(!bReplaced)
m_arrLeaks.Add( pi );
}
}
// find correct replace relationship
for(int i=0; i<arrReplaced.GetSize(); ++i)
{
TReplacedUpdate* pu = arrReplaced[i];
BOOL bInstalled = FindArrayIndex( m_arrFixedVuls, pu->nKBID )!=-1;
if( !bInstalled )
{
if( FindArrayIndex(m_arrFixedVuls, pu->nKBID2)!=-1
|| FindArrayIndex(m_arrLeaks, pu->nKBID2)!=-1
|| FindArrayIndex(m_arrIgnoredVuls, pu->nKBID2)!=-1 )
m_arrReplacedUpdates.Add( pu );
}
}
// - 保存最后无漏洞时间, 使得下次不再提示有风险
// -- 非快速扫描的结果才有效果
if( RequireUsingInterface() && !(dwFlags & VULSCAN_EXPRESS_SCAN) )
{
BOOL hasMustLeak = FALSE;
const CSimpleArray<LPTUpdateItem> &arrLeaks = GetResults();
for(int i=0; i<arrLeaks.GetSize(); ++i)
{
if(arrLeaks[i]->nWarnLevel>0)
{
hasMustLeak = TRUE;
break;
}
}
CString strVal;
if(!hasMustLeak)
{
T_Date date;
GetLatestPackgeDate(date.nYear, date.nMonth, date.nDay);
strVal.Format(_T("%04d-%02d-%02d"), date.nYear, date.nMonth, date.nDay);
}
WriteVulConfig(_T("VulScan"), _T("LastSafePkgDate"), strVal);
}
}
hr = KERR_NONE;
} while (FALSE);
return hr;
}