BOOL CKClearProc::DZ_GetNoinstallApp(int n) { if (g_vsNoinstallapp.Find(n) == -1) { return FALSE; } return TRUE; }
void ListDeleteItems(CListViewCtrlEx &listCtrl, CSimpleArray<int> &arr) { for(int i=listCtrl.GetItemCount()-1; i>=0; --i) { T_VulListItemData *pItem = (T_VulListItemData*)listCtrl.GetItemData(i); if(pItem && arr.Find(pItem->nID)!=-1) { listCtrl.DeleteItem( i ); } } }
void CUserPatcher::_FillRegInfo( INT nKBID, LPCTSTR szPatchName, LPCTSTR szProductKey, LPCTSTR szPatchKey, LPCTSTR szPatchValue, LPCTSTR szLogfile ) { LPCTSTR _key_patch = _T("Patches"); CString strProduct; strProduct.Format(_T("Installer\\Products\\%s\\Patches"), szProductKey); WriteRegString(HKEY_CLASSES_ROOT, strProduct, szPatchKey, szPatchValue); CSimpleArray<CString> ms; ReadRegMString(HKEY_CLASSES_ROOT, strProduct, _key_patch, ms); if( ms.Find(szPatchKey)==-1 ) { ms.Add( szPatchKey ); WriteRegMString(HKEY_CLASSES_ROOT, strProduct, _key_patch, ms); } // HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Patches\CEA540E1AE6DD1D41A6E01E6EF2B271C CString strPatchInfo; strPatchInfo.Format(_T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\%s\\Patches\\%s"), szProductKey, szPatchKey); CString strMoreInfoURL; FormatKBWebUrl( strMoreInfoURL, nKBID ); CString strDate; _GetDateString(strDate); WriteRegString(HKEY_LOCAL_MACHINE, strPatchInfo, _T("DisplayName"), szPatchName); WriteRegString(HKEY_LOCAL_MACHINE, strPatchInfo, _T("Installed"), strDate); WriteRegString(HKEY_LOCAL_MACHINE, strPatchInfo, _T("MoreInfoURL"), strMoreInfoURL); WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("LUAEnabled"), 0); WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("MSI3"), 1); WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("PatchType"), 0); WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("State"), 1); WriteRegDWord(HKEY_LOCAL_MACHINE, strPatchInfo, _T("Uninstallable"),0); }
HRESULT CImplVulfix::Scan(DWORD dwFlags) { TIME_CHECK( _T("CImplVulfix::Scan ") ); m_Canceled = FALSE; T_ComInit __init__com__; HRESULT hr ; do { Reset(); GetLangID(); CSysEnv& sysEnv = singleton<CSysEnv>::Instance(); sysEnv.Init(); if( FAILED( hr=sysEnv.IsSupported(FALSE) ) ) break; Init(); m_objIgnore.LoadIgnoreDB(); CString filenameSystem, filenameOffice, filenameSoft; GetXmlDBFileName(VTYPE_WINDOWS, filenameSystem, IsWin64()); GetXmlDBFileName(VTYPE_OFFICE, filenameOffice, FALSE); GetXmlDBFileName(VTYPE_SOFTLEAK, filenameSoft, FALSE); if( !PathFileExists(filenameSystem) && !PathFileExists(filenameOffice) && !PathFileExists(filenameSoft) ) { hr = KERR_LOAD_FILE; break; } m_pFilterOS = CreateOSFilter(sysEnv.m_WinVer, dwFlags); InitOSFilter( m_pFilterOS, sysEnv.m_WinVer, dwFlags); if( m_pFilterOS->WaitComplete() ) { m_dbOS.SetObserver( m_Observer ); m_dbOffice.SetObserver( m_Observer ); m_dbSoft.SetObserver( m_Observer ); m_pFilterOS->SetIIgnore( &m_objIgnore ); CString filename; try { FixLocale(); //BOOL bWin64 = IsWin64(); //PVOID OldValue = NULL; //if(bWin64) // Wow64DisableWow64FsRedirection(&OldValue); !m_Canceled && m_dbOffice.Load( filenameOffice, m_pFilterOS, dwFlags ); !m_Canceled && sysEnv.IsLangSupported() && sysEnv.IsOsSupported() && m_dbOS.Load( filenameSystem, m_pFilterOS, dwFlags ); !m_Canceled && m_dbSoft.Load( filenameSoft, NULL, dwFlags); //if(bWin64) // Wow64RevertWow64FsRedirection(OldValue); } catch (...) { hr = KERR_LOAD_FILE; } CSimpleArray<LPTUpdateItem> arrLeaks; CSimpleArray<TReplacedUpdate*> arrReplaced; m_dbOS.GetUnfixedLeakList( arrLeaks, m_arrFixedVuls, m_arrInvalid, arrReplaced ); m_dbOffice.GetUnfixedLeakList( arrLeaks, m_arrFixedVuls, m_arrInvalid, arrReplaced ); const CSimpleArray<int> &arrExpired = m_dbOS.GetExpiredIds(); CSimpleArray<int> arrReplacedId; for(int i=0; i<arrReplaced.GetSize(); ++i) { arrReplacedId.Add( arrReplaced[i]->nKBID ); } // select soft ignored vuls CSimpleArray<LPTVulSoft> arrSoftLeaks; m_dbSoft.GetUnfixedLeakList( arrSoftLeaks ); for(int i=0; i<arrSoftLeaks.GetSize(); ++i) { LPTVulSoft ps = arrSoftLeaks[i]; ps->isIgnored = m_objIgnore.IsIgnored( ps->nID ); if( ps->isIgnored ) { LPTUpdateItem pu = new TUpdateItem; pu->m_nType = VTYPE_SOFTLEAK; pu->nID = ps->nID; pu->strName = ps->matchedItem.strName; pu->strDescription = ps->strDescription; pu->strWebpage = ps->matchedItem.strWebpage; pu->nWarnLevel = ps->nLevel; pu->strPubdate = ps->strPubdate; m_arrIgnoredVuls.Add( pu ); m_arrIgnoredVulsFromSoft.Add( pu ); } else m_arrSoftLeaks.Add( ps ); } // select installable, ignored , expired for(int i=0; i<arrLeaks.GetSize(); ++i ) { LPTUpdateItem &pi = arrLeaks[i]; pi->isExpired = arrExpired.Find( pi->nID )!=-1; if(pi->isExpired) m_arrInvalid.Add( pi ); else if(pi->isIgnored) m_arrIgnoredVuls.Add( pi ); else { bool bReplaced = arrReplacedId.Find( pi->nID )!=-1; if(!bReplaced) m_arrLeaks.Add( pi ); } } // find correct replace relationship for(int i=0; i<arrReplaced.GetSize(); ++i) { TReplacedUpdate* pu = arrReplaced[i]; BOOL bInstalled = FindArrayIndex( m_arrFixedVuls, pu->nKBID )!=-1; if( !bInstalled ) { if( FindArrayIndex(m_arrFixedVuls, pu->nKBID2)!=-1 || FindArrayIndex(m_arrLeaks, pu->nKBID2)!=-1 || FindArrayIndex(m_arrIgnoredVuls, pu->nKBID2)!=-1 ) m_arrReplacedUpdates.Add( pu ); } } // - 保存最后无漏洞时间, 使得下次不再提示有风险 // -- 非快速扫描的结果才有效果 if( RequireUsingInterface() && !(dwFlags & VULSCAN_EXPRESS_SCAN) ) { BOOL hasMustLeak = FALSE; const CSimpleArray<LPTUpdateItem> &arrLeaks = GetResults(); for(int i=0; i<arrLeaks.GetSize(); ++i) { if(arrLeaks[i]->nWarnLevel>0) { hasMustLeak = TRUE; break; } } CString strVal; if(!hasMustLeak) { T_Date date; GetLatestPackgeDate(date.nYear, date.nMonth, date.nDay); strVal.Format(_T("%04d-%02d-%02d"), date.nYear, date.nMonth, date.nDay); } WriteVulConfig(_T("VulScan"), _T("LastSafePkgDate"), strVal); } } hr = KERR_NONE; } while (FALSE); return hr; }