VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2020-01-22 18:08:09 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2020-01-22 18:20:35 +0100
commit11aa708076910d5aaf187eecc4e33ea207155b12 (patch)
tree0ec4bf0de53465a2791d1d3bf48defa2bda42077 /src/Common
parent3874e9af97427c42aa0a789a3e75c6f841cd14e4 (diff)
downloadVeraCrypt-11aa708076910d5aaf187eecc4e33ea207155b12.tar.gz
VeraCrypt-11aa708076910d5aaf187eecc4e33ea207155b12.zip
Windows: use fix for CVE-2019-19501 only when process elevated otherwise it will not add any benefit compared to standard ShellExecute while at the same time potentially causing issue when opening links.
Diffstat (limited to 'src/Common')
-rw-r--r--src/Common/Dlgcode.c23
1 files changed, 22 insertions, 1 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 261ec33e..7640b59e 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -14243,12 +14243,33 @@ cleanup:
return retval;
}
+// This function checks if the process is running with elevated privileges or not
+BOOL IsElevated()
+{
+ DWORD dwSize = 0;
+ HANDLE hToken = NULL;
+ TOKEN_ELEVATION tokenInformation;
+ BOOL bReturn = FALSE;
+
+ if(OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
+ {
+ if(GetTokenInformation(hToken, TokenElevation, &tokenInformation, sizeof(TOKEN_ELEVATION), &dwSize))
+ {
+ if (tokenInformation.TokenIsElevated)
+ bReturn = TRUE;
+ }
+
+ CloseHandle(hToken);
+ }
+ return bReturn;
+}
+
// This function always loads a URL in a non-privileged mode
// If current process has admin privileges, we execute the command "rundll32 url.dll,FileProtocolHandler URL" as non-elevated
// Use this security mechanism only starting from Windows Vista
void SafeOpenURL (LPCWSTR szUrl)
{
- if (IsAdmin () && IsOSAtLeast (WIN_VISTA))
+ if (IsOSAtLeast (WIN_VISTA) && IsAdmin () && IsElevated())
{
WCHAR szRunDllPath[TC_MAX_PATH];
WCHAR szUrlDllPath[TC_MAX_PATH];