BOOL SetFileDacl(LPCWSTR path)
{
BOOL bRet = FALSE;
WCHAR sddl[MAX_KRNLOBJNAME] = {L'\0'};
PSECURITY_DESCRIPTOR pSD = NULL;
LPWSTR pszUserSid;
if(GetUserSid(&pszUserSid))
{
_snwprintf_s(sddl, _TRUNCATE, L"D:%s(A;;FR;;;RC)(A;;FA;;;SY)(A;;FA;;;BA)(A;;FA;;;%s)",
(IsVersion62AndOver() ? L"(A;;FR;;;AC)" : L""), pszUserSid);
LocalFree(pszUserSid);
}
if(ConvertStringSecurityDescriptorToSecurityDescriptorW(sddl, SDDL_REVISION_1, &pSD, NULL))
{
if(SetFileSecurityW(path, DACL_SECURITY_INFORMATION, pSD))
{
bRet = TRUE;
}
LocalFree(pSD);
}
return bRet;
}
BOOL SetFileDacl(LPCWSTR path)
{
BOOL bRet = FALSE;
WCHAR sddl[MAX_KRNLOBJNAME] = {L'\0'};
PSECURITY_DESCRIPTOR psd = nullptr;
LPWSTR pszUserSid;
if(GetUserSid(&pszUserSid))
{
// SDDL_ALL_APP_PACKAGES / SDDL_RESTRICTED_CODE / SDDL_LOCAL_SYSTEM / SDDL_BUILTIN_ADMINISTRATORS / User SID
_snwprintf_s(sddl, _TRUNCATE, L"D:%s(A;;FR;;;RC)(A;;FA;;;SY)(A;;FA;;;BA)(A;;FA;;;%s)",
(IsWindowsVersion62OrLater() ? L"(A;;FR;;;AC)" : L""), pszUserSid);
LocalFree(pszUserSid);
}
if(ConvertStringSecurityDescriptorToSecurityDescriptorW(sddl, SDDL_REVISION_1, &psd, nullptr))
{
if(SetFileSecurityW(path, DACL_SECURITY_INFORMATION, psd))
{
bRet = TRUE;
}
LocalFree(psd);
}
return bRet;
}
static NTSTATUS perm_sddl(PWSTR Sddl)
{
PSECURITY_DESCRIPTOR SecurityDescriptor = 0;
if (!ConvertStringSecurityDescriptorToSecurityDescriptorW(
Sddl, SDDL_REVISION_1, &SecurityDescriptor, 0))
return FspNtStatusFromWin32(GetLastError());
perm_print_sd(SecurityDescriptor);
LocalFree(SecurityDescriptor);
return STATUS_SUCCESS;
}
void SetLowLabelToGDSynchroObjects()
{
// The LABEL_SECURITY_INFORMATION SDDL SACL to be set for low integrity
#define LOW_INTEGRITY_SDDL_SACL_W L"S:(ML;;NW;;;LW)"
PSECURITY_DESCRIPTOR pSD = NULL;
PACL pSacl = NULL; // not allocated
BOOL fSaclPresent = FALSE;
BOOL fSaclDefaulted = FALSE;
LPCWSTR pwszMapFileName = L"GoldenDictTextOutHookSharedMem64";
if( ConvertStringSecurityDescriptorToSecurityDescriptorW( LOW_INTEGRITY_SDDL_SACL_W, 1 /* SDDL_REVISION_1 */, &pSD, NULL ) )
{
if( GetSecurityDescriptorSacl(pSD, &fSaclPresent, &pSacl, &fSaclDefaulted))
{
// Note that psidOwner, psidGroup, and pDacl are
// all NULL and set the new LABEL_SECURITY_INFORMATION
SetNamedSecurityInfoW( (LPWSTR)pwszMapFileName, SE_KERNEL_OBJECT, LABEL_SECURITY_INFORMATION, NULL, NULL, NULL, pSacl);
}
LocalFree(pSD);
}
}
NTSTATUS MemfsCreate(
ULONG Flags,
ULONG FileInfoTimeout,
ULONG MaxFileNodes,
ULONG MaxFileSize,
PWSTR VolumePrefix,
PWSTR RootSddl,
MEMFS **PMemfs)
{
NTSTATUS Result;
FSP_FSCTL_VOLUME_PARAMS VolumeParams;
PWSTR DevicePath = (Flags & MemfsNet) ?
L"" FSP_FSCTL_NET_DEVICE_NAME : L"" FSP_FSCTL_DISK_DEVICE_NAME;
UINT64 AllocationUnit;
MEMFS *Memfs;
MEMFS_FILE_NODE *RootNode;
PSECURITY_DESCRIPTOR RootSecurity;
ULONG RootSecuritySize;
BOOLEAN Inserted;
*PMemfs = 0;
if (0 == RootSddl)
RootSddl = L"O:BAG:BAD:P(A;;FA;;;SY)(A;;FA;;;BA)(A;;FA;;;WD)";
if (!ConvertStringSecurityDescriptorToSecurityDescriptorW(RootSddl, SDDL_REVISION_1,
&RootSecurity, &RootSecuritySize))
return FspNtStatusFromWin32(GetLastError());
Memfs = (MEMFS *)malloc(sizeof *Memfs);
if (0 == Memfs)
{
LocalFree(RootSecurity);
return STATUS_INSUFFICIENT_RESOURCES;
}
memset(Memfs, 0, sizeof *Memfs);
Memfs->MaxFileNodes = MaxFileNodes;
AllocationUnit = MEMFS_SECTOR_SIZE * MEMFS_SECTORS_PER_ALLOCATION_UNIT;
Memfs->MaxFileSize = (ULONG)((MaxFileSize + AllocationUnit - 1) / AllocationUnit * AllocationUnit);
Result = MemfsFileNodeMapCreate(&Memfs->FileNodeMap);
if (!NT_SUCCESS(Result))
{
free(Memfs);
LocalFree(RootSecurity);
return Result;
}
memset(&VolumeParams, 0, sizeof VolumeParams);
VolumeParams.SectorSize = MEMFS_SECTOR_SIZE;
VolumeParams.SectorsPerAllocationUnit = MEMFS_SECTORS_PER_ALLOCATION_UNIT;
VolumeParams.VolumeCreationTime = MemfsGetSystemTime();
VolumeParams.VolumeSerialNumber = (UINT32)(MemfsGetSystemTime() / (10000 * 1000));
VolumeParams.FileInfoTimeout = FileInfoTimeout;
VolumeParams.CaseSensitiveSearch = 1;
VolumeParams.CasePreservedNames = 1;
VolumeParams.UnicodeOnDisk = 1;
VolumeParams.PersistentAcls = 1;
if (0 != VolumePrefix)
wcscpy_s(VolumeParams.Prefix, sizeof VolumeParams.Prefix / sizeof(WCHAR), VolumePrefix);
Result = FspFileSystemCreate(DevicePath, &VolumeParams, &MemfsInterface, &Memfs->FileSystem);
if (!NT_SUCCESS(Result))
{
MemfsFileNodeMapDelete(Memfs->FileNodeMap);
free(Memfs);
LocalFree(RootSecurity);
return Result;
}
Memfs->FileSystem->UserContext = Memfs;
Memfs->VolumeLabelLength = sizeof L"MEMFS" - sizeof(WCHAR);
memcpy(Memfs->VolumeLabel, L"MEMFS", Memfs->VolumeLabelLength);
#if 0
FspFileSystemSetOperationGuardStrategy(Memfs->FileSystem,
FSP_FILE_SYSTEM_OPERATION_GUARD_STRATEGY_COARSE);
#endif
/*
* Create root directory.
*/
Result = MemfsFileNodeCreate(L"\\", &RootNode);
if (!NT_SUCCESS(Result))
{
MemfsDelete(Memfs);
LocalFree(RootSecurity);
return Result;
}
RootNode->FileInfo.FileAttributes = FILE_ATTRIBUTE_DIRECTORY;
RootNode->FileSecurity = malloc(RootSecuritySize);
if (0 == RootNode->FileSecurity)
{
MemfsFileNodeDelete(RootNode);
MemfsDelete(Memfs);
LocalFree(RootSecurity);
return STATUS_INSUFFICIENT_RESOURCES;
}
RootNode->FileSecuritySize = RootSecuritySize;
memcpy(RootNode->FileSecurity, RootSecurity, RootSecuritySize);
Result = MemfsFileNodeMapInsert(Memfs->FileNodeMap, RootNode, &Inserted);
if (!NT_SUCCESS(Result))
{
MemfsFileNodeDelete(RootNode);
MemfsDelete(Memfs);
LocalFree(RootSecurity);
return Result;
}
LocalFree(RootSecurity);
*PMemfs = Memfs;
return STATUS_SUCCESS;
}
static VOID Test(PWSTR Prefix)
{
static PWSTR Sddl = L"D:P(A;;GA;;;SY)(A;;GA;;;BA)(A;;GA;;;WD)";
static const GUID ReparseGuid =
{ 0x2cf25cfa, 0x41af, 0x4796, { 0xb5, 0xef, 0xac, 0xa3, 0x85, 0x3, 0xe2, 0xd8 } };
WCHAR FileName[1024], VolumeName[MAX_PATH];
PSECURITY_DESCRIPTOR SecurityDescriptor;
HANDLE Handle;
BOOL Success;
UINT8 RdBuffer[4096], WrBuffer[4096];
REPARSE_GUID_DATA_BUFFER ReparseDataBuf;
DWORD BytesTransferred, Offset;
WIN32_FIND_DATAW FindData;
WIN32_FIND_STREAM_DATA FindStreamData;
memset(WrBuffer, 'B', sizeof WrBuffer);
Success = ConvertStringSecurityDescriptorToSecurityDescriptorW(
Sddl, SDDL_REVISION_1, &SecurityDescriptor, 0);
ASSERT(Success);
wsprintfW(FileName, L"%s\\", Prefix);
Success = GetVolumeInformationW(FileName, VolumeName, MAX_PATH, 0, 0, 0, 0, 0);
ASSERT(Success);
wsprintfW(FileName, L"%s\\", Prefix);
Success = SetVolumeLabelW(FileName, VolumeName);
//ASSERT(Success);
wsprintfW(FileName, L"%s\\fscrash", Prefix);
Success = CreateDirectoryW(FileName, 0);
ASSERT(Success);
wsprintfW(FileName, L"%s\\fscrash\\file0", Prefix);
Handle = CreateFileW(FileName,
GENERIC_ALL, 0, 0,
CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0);
ASSERT(INVALID_HANDLE_VALUE != Handle);
Success = CloseHandle(Handle);
ASSERT(Success);
wsprintfW(FileName, L"%s\\fscrash\\file0", Prefix);
Handle = CreateFileW(FileName,
GENERIC_ALL, 0, 0,
CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0);
ASSERT(INVALID_HANDLE_VALUE != Handle);
Success = WriteFile(Handle, WrBuffer, sizeof WrBuffer, &BytesTransferred, 0);
ASSERT(Success);
ASSERT(sizeof WrBuffer == BytesTransferred);
Success = FlushFileBuffers(Handle);
ASSERT(Success);
Offset = SetFilePointer(Handle, 0, 0, FILE_BEGIN);
ASSERT(0 == Offset);
Success = ReadFile(Handle, RdBuffer, sizeof RdBuffer, &BytesTransferred, 0);
ASSERT(Success);
ASSERT(sizeof WrBuffer == BytesTransferred);
Offset = SetFilePointer(Handle, 0, 0, FILE_BEGIN);
ASSERT(0 == Offset);
Success = SetEndOfFile(Handle);
ASSERT(Success);
Offset = GetFileSize(Handle, 0);
ASSERT(0 == Offset);
Success = LockFile(Handle, 0, 0, 1, 0);
ASSERT(Success);
Success = UnlockFile(Handle, 0, 0, 1, 0);
ASSERT(Success);
Success = SetKernelObjectSecurity(Handle, DACL_SECURITY_INFORMATION, SecurityDescriptor);
ASSERT(Success);
Success = GetKernelObjectSecurity(Handle, DACL_SECURITY_INFORMATION, 0, 0, &BytesTransferred);
ASSERT(!Success);
ASSERT(ERROR_INSUFFICIENT_BUFFER == GetLastError());
ReparseDataBuf.ReparseTag = 0x1234;
ReparseDataBuf.ReparseDataLength = 0;
ReparseDataBuf.Reserved = 0;
memcpy(&ReparseDataBuf.ReparseGuid, &ReparseGuid, sizeof ReparseGuid);
Success = DeviceIoControl(Handle, FSCTL_SET_REPARSE_POINT,
&ReparseDataBuf, REPARSE_GUID_DATA_BUFFER_HEADER_SIZE + ReparseDataBuf.ReparseDataLength,
0, 0,
&BytesTransferred, 0);
ASSERT(Success);
Success = CloseHandle(Handle);
ASSERT(Success);
wsprintfW(FileName, L"%s\\fscrash\\*", Prefix);
Handle = FindFirstFileW(FileName, &FindData);
ASSERT(INVALID_HANDLE_VALUE != Handle);
do
{
} while (FindNextFileW(Handle, &FindData));
ASSERT(ERROR_NO_MORE_FILES == GetLastError());
Success = FindClose(Handle);
ASSERT(Success);
wsprintfW(FileName, L"%s\\fscrash\\file0", Prefix);
Handle = FindFirstStreamW(FileName, FindStreamInfoStandard, &FindStreamData, 0);
ASSERT(INVALID_HANDLE_VALUE != Handle);
do
{
} while (FindNextStreamW(Handle, &FindStreamData));
ASSERT(ERROR_HANDLE_EOF == GetLastError());
Success = FindClose(Handle);
ASSERT(Success);
wsprintfW(FileName, L"%s\\fscrash\\file0", Prefix);
Success = DeleteFileW(FileName);
ASSERT(Success);
wsprintfW(FileName, L"%s\\fscrash", Prefix);
Success = RemoveDirectoryW(FileName);
ASSERT(Success);
LocalFree(SecurityDescriptor);
}
int APIENTRY wWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nCmdShow)
{
MSG msg;
WNDCLASSEXW wc;
HWND hWnd;
WSADATA wsaData;
PSECURITY_DESCRIPTOR psd;
SECURITY_ATTRIBUTES sa;
_wsetlocale(LC_ALL, L"JPN");
CreateConfigPath();
if(ConvertStringSecurityDescriptorToSecurityDescriptorW(krnlobjsddl, SDDL_REVISION_1, &psd, NULL))
{
sa.nLength = sizeof(sa);
sa.lpSecurityDescriptor = psd;
sa.bInheritHandle = FALSE;
hMutex = CreateMutexW(&sa, FALSE, mgrmutexname);
if(hMutex == NULL || GetLastError() == ERROR_ALREADY_EXISTS)
{
LocalFree(psd);
return 0;
}
LocalFree(psd);
}
else
{
return 0;
}
WSAStartup(WINSOCK_VERSION, &wsaData);
ZeroMemory(&ftConfig, sizeof(ftConfig));
if(IsFileUpdated(pathconfigxml, &ftConfig))
{
LoadConfig();
}
ZeroMemory(&ftSKKDic, sizeof(ftSKKDic));
if(IsFileUpdated(pathskkdic, &ftSKKDic))
{
MakeSKKDicPos();
}
InitLua();
hInst = hInstance;
ZeroMemory(&wc, sizeof(wc));
wc.cbSize = sizeof(wc);
wc.style = CS_HREDRAW | CS_VREDRAW;
wc.lpfnWndProc = WndProc;
wc.hInstance = hInst;
wc.hCursor = LoadCursor(NULL, IDC_ARROW);
wc.hbrBackground = (HBRUSH)(COLOR_WINDOW + 1);
wc.lpszClassName = DictionaryManagerClass;
RegisterClassExW(&wc);
#ifdef _DEBUG
hWnd = CreateWindowW(DictionaryManagerClass, TextServiceDesc,
WS_OVERLAPPEDWINDOW, 0, 0, 600, 800, NULL, NULL, hInst, NULL);
#else
hWnd = CreateWindowW(DictionaryManagerClass, TextServiceDesc,
WS_POPUP, 0, 0, 0, 0, NULL, NULL, hInst, NULL);
#endif
if(!hWnd)
{
UninitLua();
WSACleanup();
return 0;
}
#ifdef _DEBUG
ShowWindow(hWnd, SW_MINIMIZE);
#else
ShowWindow(hWnd, SW_HIDE);
#endif
UpdateWindow(hWnd);
while(GetMessageW(&msg, NULL, 0, 0))
{
if(!TranslateAcceleratorW(msg.hwnd, NULL, &msg))
{
TranslateMessage(&msg);
DispatchMessageW(&msg);
}
}
UninitLua();
WSACleanup();
return (int) msg.wParam;
}
bool InitializeProfAPISharedObj()
{
gCAProfAPISharedMapFile = OpenFileMappingW(FILE_MAP_ALL_ACCESS, // read/write access
FALSE, // do not inherit the name
CPU_PROF_SHARED_OBJ); // name of mapping object
if (!gCAProfAPISharedMapFile)
{
SECURITY_ATTRIBUTES secAttr;
char secDesc[ SECURITY_DESCRIPTOR_MIN_LENGTH ];
secAttr.nLength = sizeof(secAttr);
secAttr.bInheritHandle = FALSE;
secAttr.lpSecurityDescriptor = &secDesc;
bool bHasSD = false;
OSVERSIONINFO osVersionInfo;
osVersionInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
if (GetVersionEx(&osVersionInfo))
{
if (osVersionInfo.dwMajorVersion >= 6)
{
// Vista, Longhorn or later;
bHasSD = true;
}
}
if (bHasSD)
{
PSECURITY_DESCRIPTOR pSD;
PACL pSacl = nullptr; // not allocated
BOOL fSaclPresent = FALSE;
BOOL fSaclDefaulted = FALSE;
ConvertStringSecurityDescriptorToSecurityDescriptorW(L"S:(ML;;NW;;;LW)", // this means "low integrity"
SDDL_REVISION_1,
&pSD,
nullptr);
GetSecurityDescriptorSacl(pSD, &fSaclPresent, &pSacl,
&fSaclDefaulted);
SetSecurityDescriptorSacl(secAttr.lpSecurityDescriptor, TRUE,
pSacl, FALSE);
}
InitializeSecurityDescriptor(secAttr.lpSecurityDescriptor,
SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl(secAttr.lpSecurityDescriptor, TRUE, 0,
FALSE);
gCAProfAPISharedMapFile =
CreateFileMappingW(INVALID_HANDLE_VALUE,
&secAttr, // default security
PAGE_READWRITE, // read/write access
0, // max. object size
CPU_PROF_SHARED_MEM_SIZE, // buffer size
CPU_PROF_SHARED_OBJ); // name of mapping object
}
if (gCAProfAPISharedMapFile)
{
return true;
}
else
{
return false;
}
}
