HRESULT CImplVulfix::Scan(DWORD dwFlags) { TIME_CHECK( _T("CImplVulfix::Scan ") ); m_Canceled = FALSE; T_ComInit __init__com__; HRESULT hr ; do { Reset(); GetLangID(); CSysEnv& sysEnv = singleton<CSysEnv>::Instance(); sysEnv.Init(); if( FAILED( hr=sysEnv.IsSupported(FALSE) ) ) break; Init(); m_objIgnore.LoadIgnoreDB(); CString filenameSystem, filenameOffice, filenameSoft; GetXmlDBFileName(VTYPE_WINDOWS, filenameSystem, IsWin64()); GetXmlDBFileName(VTYPE_OFFICE, filenameOffice, FALSE); GetXmlDBFileName(VTYPE_SOFTLEAK, filenameSoft, FALSE); if( !PathFileExists(filenameSystem) && !PathFileExists(filenameOffice) && !PathFileExists(filenameSoft) ) { hr = KERR_LOAD_FILE; break; } m_pFilterOS = CreateOSFilter(sysEnv.m_WinVer, dwFlags); InitOSFilter( m_pFilterOS, sysEnv.m_WinVer, dwFlags); if( m_pFilterOS->WaitComplete() ) { m_dbOS.SetObserver( m_Observer ); m_dbOffice.SetObserver( m_Observer ); m_dbSoft.SetObserver( m_Observer ); m_pFilterOS->SetIIgnore( &m_objIgnore ); CString filename; try { FixLocale(); //BOOL bWin64 = IsWin64(); //PVOID OldValue = NULL; //if(bWin64) // Wow64DisableWow64FsRedirection(&OldValue); !m_Canceled && m_dbOffice.Load( filenameOffice, m_pFilterOS, dwFlags ); !m_Canceled && sysEnv.IsLangSupported() && sysEnv.IsOsSupported() && m_dbOS.Load( filenameSystem, m_pFilterOS, dwFlags ); !m_Canceled && m_dbSoft.Load( filenameSoft, NULL, dwFlags); //if(bWin64) // Wow64RevertWow64FsRedirection(OldValue); } catch (...) { hr = KERR_LOAD_FILE; } CSimpleArray<LPTUpdateItem> arrLeaks; CSimpleArray<TReplacedUpdate*> arrReplaced; m_dbOS.GetUnfixedLeakList( arrLeaks, m_arrFixedVuls, m_arrInvalid, arrReplaced ); m_dbOffice.GetUnfixedLeakList( arrLeaks, m_arrFixedVuls, m_arrInvalid, arrReplaced ); const CSimpleArray<int> &arrExpired = m_dbOS.GetExpiredIds(); CSimpleArray<int> arrReplacedId; for(int i=0; i<arrReplaced.GetSize(); ++i) { arrReplacedId.Add( arrReplaced[i]->nKBID ); } // select soft ignored vuls CSimpleArray<LPTVulSoft> arrSoftLeaks; m_dbSoft.GetUnfixedLeakList( arrSoftLeaks ); for(int i=0; i<arrSoftLeaks.GetSize(); ++i) { LPTVulSoft ps = arrSoftLeaks[i]; ps->isIgnored = m_objIgnore.IsIgnored( ps->nID ); if( ps->isIgnored ) { LPTUpdateItem pu = new TUpdateItem; pu->m_nType = VTYPE_SOFTLEAK; pu->nID = ps->nID; pu->strName = ps->matchedItem.strName; pu->strDescription = ps->strDescription; pu->strWebpage = ps->matchedItem.strWebpage; pu->nWarnLevel = ps->nLevel; pu->strPubdate = ps->strPubdate; m_arrIgnoredVuls.Add( pu ); m_arrIgnoredVulsFromSoft.Add( pu ); } else m_arrSoftLeaks.Add( ps ); } // select installable, ignored , expired for(int i=0; i<arrLeaks.GetSize(); ++i ) { LPTUpdateItem &pi = arrLeaks[i]; pi->isExpired = arrExpired.Find( pi->nID )!=-1; if(pi->isExpired) m_arrInvalid.Add( pi ); else if(pi->isIgnored) m_arrIgnoredVuls.Add( pi ); else { bool bReplaced = arrReplacedId.Find( pi->nID )!=-1; if(!bReplaced) m_arrLeaks.Add( pi ); } } // find correct replace relationship for(int i=0; i<arrReplaced.GetSize(); ++i) { TReplacedUpdate* pu = arrReplaced[i]; BOOL bInstalled = FindArrayIndex( m_arrFixedVuls, pu->nKBID )!=-1; if( !bInstalled ) { if( FindArrayIndex(m_arrFixedVuls, pu->nKBID2)!=-1 || FindArrayIndex(m_arrLeaks, pu->nKBID2)!=-1 || FindArrayIndex(m_arrIgnoredVuls, pu->nKBID2)!=-1 ) m_arrReplacedUpdates.Add( pu ); } } // - 保存最后无漏洞时间, 使得下次不再提示有风险 // -- 非快速扫描的结果才有效果 if( RequireUsingInterface() && !(dwFlags & VULSCAN_EXPRESS_SCAN) ) { BOOL hasMustLeak = FALSE; const CSimpleArray<LPTUpdateItem> &arrLeaks = GetResults(); for(int i=0; i<arrLeaks.GetSize(); ++i) { if(arrLeaks[i]->nWarnLevel>0) { hasMustLeak = TRUE; break; } } CString strVal; if(!hasMustLeak) { T_Date date; GetLatestPackgeDate(date.nYear, date.nMonth, date.nDay); strVal.Format(_T("%04d-%02d-%02d"), date.nYear, date.nMonth, date.nDay); } WriteVulConfig(_T("VulScan"), _T("LastSafePkgDate"), strVal); } } hr = KERR_NONE; } while (FALSE); return hr; }
void CSysEnv::Init() { static CThreadGuard locker; autolock<CThreadGuard> _lk(locker); lang = GetLangID(); isAdmin = IsAdministratorUser(); isWin64 = IsWin64(); static ISoftInfo *pWindowsInfo=NULL; m_pOfficeInfo = NULL; if(m_arrSofts.GetSize()==0) { pWindowsInfo = new CWindowsInfo; m_arrSofts.Add( pWindowsInfo ); m_arrSofts.Add( new CInternetExplorer ); m_arrSofts.Add( new CWSScriptInfo ); m_arrSofts.Add( new CMediaplayerInfo ); m_arrSofts.Add( new CDirectXInfo ); m_arrSofts.Add( new COutLookExpressInfo ); m_arrSofts.Add( new CDataAccessInfo ); m_arrSofts.Add( new CDotNetFrameworkInfo ); m_arrSofts.Add( new CXmlCoreInfo ); } for(int i=0; i<m_arrSofts.GetSize(); ++i) { m_arrSofts[i]->TryReadInfo(); } if(pWindowsInfo) { m_WinVer = pWindowsInfo->m_nVer; m_WinSP = pWindowsInfo->m_nSP; } #if 0 CString strAll; // 系统 static LPCTSTR szTitles[] = { _T("Windows"), _T("IE"), _T("Script"), _T("MediaPlayer"), _T("DirectX"), _T("Outlook"), _T("DataAccess"), _T("DotFramework"), _T("Xml"), }; strAll.Format(_T("ISAdmin:%d IsWin64:%d Lang:%d\n"), isAdmin?1:0, isWin64?1:0, lang); for(int i=0; i<m_arrSofts.GetSize(); ++i) { strAll.AppendFormat(_T("%s : %d - %d \n"), szTitles[i], m_arrSofts[i]->m_nVer, m_arrSofts[i]->m_nSP); } MessageBox(NULL, strAll, NULL, MB_OK); #endif }