VirtualBox

Changeset 53821 in vbox


Ignore:
Timestamp:
Jan 15, 2015 1:53:02 PM (10 years ago)
Author:
vboxsync
Message:

SUPR3HardenedMain-win.cpp: Handle the case where someone uses LdrLoadDll/LoadLibary to find a DLL that has already been loaded.

Location:
trunk/src/VBox/HostDrivers/Support/win
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/Support/win/SUPR3HardenedMain-win.cpp

    r53220 r53821  
    17971797    NTSTATUS        rcNtResolve     = STATUS_SUCCESS;
    17981798    bool            fSkipValidation = false;
     1799    bool            fCheckIfLoaded  = false;
    17991800    WCHAR           wszPath[260];
    18001801    static UNICODE_STRING const s_DefaultSuffix = RTNT_CONSTANT_UNISTR(L".dll");
     
    19331934             * Search for the DLL.  Only System32 is allowed as the target of
    19341935             * a search on the API level, all VBox calls will have full paths.
     1936             * If the DLL is not in System32, we will resort to check if it's
     1937             * refering to an already loaded DLL (fCheckIfLoaded).
    19351938             */
    19361939            AssertCompile(sizeof(g_System32WinPath.awcBuffer) <= sizeof(wszPath));
     
    19551958                cwc += 4;
    19561959            }
     1960            fCheckIfLoaded = true;
    19571961        }
    19581962
     
    20312035        {
    20322036            DWORD dwErr = RtlGetLastWin32Error();
    2033             SUP_DPRINTF(("supR3HardenedMonitor_LdrLoadDll: error opening '%ls': %u (NtPath=%.*ls; Input=%.*ls)\n",
     2037
     2038            /*
     2039             * Deal with special case where the caller (first case was MS LifeCam)
     2040             * is using LoadLibrary instead of GetModuleHandle to find a loaded DLL.
     2041             */
     2042            NTSTATUS rcNtGetDll = STATUS_SUCCESS;
     2043            if (   fCheckIfLoaded
     2044                 && (   rcNt == STATUS_OBJECT_NAME_NOT_FOUND
     2045                     || rcNt == STATUS_OBJECT_PATH_NOT_FOUND))
     2046            {
     2047                rcNtGetDll = LdrGetDllHandle(NULL /*DllPath*/, NULL /*pfFlags*/, pOrgName, phMod);
     2048                if (NT_SUCCESS(rcNtGetDll))
     2049                {
     2050                    RtlRestoreLastWin32Error(dwSavedLastError);
     2051                    return rcNtGetDll;
     2052                }
     2053            }
     2054
     2055            SUP_DPRINTF(("supR3HardenedMonitor_LdrLoadDll: error opening '%ls': %u (NtPath=%.*ls; Input=%.*ls; rcNtGetDll=%#x\n",
    20342056                         wszPath, dwErr, NtPathUniStr.Length / sizeof(RTUTF16), NtPathUniStr.Buffer,
    2035                          pOrgName->Length / sizeof(WCHAR), pOrgName->Buffer));
     2057                         pOrgName->Length / sizeof(WCHAR), pOrgName->Buffer, rcNtGetDll));
    20362058        }
    20372059        RTNtPathFree(&NtPathUniStr, &hRootDir);

  • trunk/src/VBox/HostDrivers/Support/win/import-template-ntdll.h

    r52953 r53821  
    6161SUPHARNT_IMPORT_STDCALL_EARLY(LdrInitializeThunk, 12)
    6262SUPHARNT_IMPORT_STDCALL_EARLY_OPTIONAL(LdrRegisterDllNotification, 16)
     63SUPHARNT_IMPORT_STDCALL_EARLY_OPTIONAL(LdrGetDllHandle, 16)
    6364
    6465SUPHARNT_IMPORT_STDCALL(RtlAddAccessAllowedAce, 16)
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette