diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-12-05 13:19:06 +0100 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-12-05 13:35:18 +0100 |
commit | 27d1f404f1dd187e56cbd9fa9b7d56da2fa55eb3 (patch) | |
tree | 7f6c03f3a23cb4bc3151f46860f77a7dfb653e01 | |
parent | ade8e3f8cbfd1143fcd2e4bfbd6c387b8b64f732 (diff) | |
download | VeraCrypt-27d1f404f1dd187e56cbd9fa9b7d56da2fa55eb3.tar.gz VeraCrypt-27d1f404f1dd187e56cbd9fa9b7d56da2fa55eb3.zip |
Windows: Enhancement to the fix for CVE-2019-19501
-rw-r--r-- | src/Common/Dlgcode.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index a1e64456..39db3936 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -14117,7 +14117,7 @@ static bool RunAsDesktopUser( return false; } - if (!OpenThreadToken (GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES, FALSE, &hThreadToken)) + if (!OpenThreadToken (GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES, TRUE, &hThreadToken)) { return false; } @@ -14127,6 +14127,9 @@ static bool RunAsDesktopUser( tkp.PrivilegeCount = 1; LookupPrivilegeValueW(NULL, SE_INCREASE_QUOTA_NAME, &tkp.Privileges[0].Luid); tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; + + SetThreadToken (NULL, NULL); + AdjustTokenPrivileges(hThreadToken, FALSE, &tkp, 0, NULL, NULL); dwLastErr = GetLastError(); if (ERROR_SUCCESS != dwLastErr) @@ -14233,9 +14236,9 @@ void SafeOpenURL (LPCWSTR szUrl) StringCbPrintfW(szRunDllPath, sizeof(szRunDllPath), L"%s\\%s", szSystemPath, L"rundll32.exe"); StringCbPrintfW(szUrlDllPath, sizeof(szUrlDllPath), L"%s\\%s", szSystemPath, L"url.dll"); - StringCchPrintfW(szCommandLine, 1024, L"%s,FileProtocolHandler %s", szUrlDllPath, szUrl); + StringCchPrintfW(szCommandLine, 1024, L"%s %s,FileProtocolHandler %s", szRunDllPath, szUrlDllPath, szUrl); - RunAsDesktopUser (szRunDllPath, szCommandLine); + RunAsDesktopUser (NULL, szCommandLine); delete [] szCommandLine; } |