VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Mount
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2017-06-08 01:16:05 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2017-06-08 01:17:48 +0200
commit5c009d449e19f38e22a940ea517fde617761f037 (patch)
tree4b982b5a50ce5912ce92e5cffc8dac547cd96653 /src/Mount
parent9b0cc3d6795b8c0f38e3986bdddcb91e8aa384a1 (diff)
downloadVeraCrypt-5c009d449e19f38e22a940ea517fde617761f037.tar.gz
VeraCrypt-5c009d449e19f38e22a940ea517fde617761f037.zip
Windows: Validate XML format of EFI DcsProp after user editing and before writing it to disk. Enhance UI handling of DcsProp editing and PlatformInfo display.
Diffstat (limited to 'src/Mount')
-rw-r--r--src/Mount/Mount.c155
-rw-r--r--src/Mount/Mount.rc24
-rw-r--r--src/Mount/Resource.h4
3 files changed, 156 insertions, 27 deletions
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 2525a65a..63dd199c 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -51,6 +51,8 @@
#include <Strsafe.h>
+#import <msxml6.dll>
+
#include <wtsapi32.h>
typedef BOOL (WINAPI *WTSREGISTERSESSIONNOTIFICATION)(HWND, DWORD);
@@ -215,6 +217,125 @@ static void UnregisterWtsNotification(HWND hWnd)
}
}
+static std::vector<MSXML2::IXMLDOMNodePtr> GetReadChildNodes (MSXML2::IXMLDOMNodeListPtr childs)
+{
+ std::vector<MSXML2::IXMLDOMNodePtr> list;
+ if (childs && childs->Getlength())
+ {
+ for (long i = 0; i < childs->Getlength(); i++)
+ {
+ MSXML2::IXMLDOMNodePtr node = childs->Getitem(i);
+ if (node)
+ {
+ //skip comments
+ if (node->GetnodeType() == NODE_COMMENT)
+ continue;
+ // skip root xml node
+ if (node->GetbaseName().GetBSTR() && (0 == strcmp ("xml", (const char*) node->GetbaseName())))
+ continue;
+
+ list.push_back (node);
+ }
+ }
+ }
+
+ return list;
+}
+
+static bool validateDcsPropXml(const char* xmlData)
+{
+ bool bValid = false;
+ HRESULT hr = CoInitialize(NULL);
+ if(FAILED(hr))
+ return false;
+ else
+ {
+ MSXML2::IXMLDOMDocumentPtr pXMLDom;
+ hr= pXMLDom.CreateInstance(__uuidof(MSXML2::DOMDocument60), NULL, CLSCTX_INPROC_SERVER);
+ if (SUCCEEDED(hr))
+ {
+ try
+ {
+ pXMLDom->async = VARIANT_FALSE;
+ pXMLDom->validateOnParse = VARIANT_FALSE;
+ pXMLDom->resolveExternals = VARIANT_FALSE;
+
+ if(pXMLDom->loadXML(xmlData) == VARIANT_TRUE && pXMLDom->hasChildNodes())
+ {
+ MSXML2::IXMLDOMNodePtr veracryptNode, configurationNode, configNode;
+ std::vector<MSXML2::IXMLDOMNodePtr> nodes = GetReadChildNodes (pXMLDom->GetchildNodes());
+ size_t nodesCount = nodes.size();
+ if (nodesCount == 1
+ && ((veracryptNode = nodes[0])->GetnodeType() == NODE_ELEMENT)
+ && veracryptNode->GetnodeName().GetBSTR()
+ && (0 == strcmp ((const char*) veracryptNode->GetnodeName(), "VeraCrypt"))
+ && veracryptNode->hasChildNodes()
+
+ )
+ {
+ nodes = GetReadChildNodes (veracryptNode->GetchildNodes());
+ nodesCount = nodes.size();
+ if ((nodesCount == 1)
+ && ((configurationNode = nodes[0])->GetnodeType() == NODE_ELEMENT)
+ && configurationNode->GetnodeName().GetBSTR()
+ && (0 == strcmp ((const char*) configurationNode->GetnodeName(), "configuration"))
+ && (configurationNode->hasChildNodes())
+ )
+ {
+ nodes = GetReadChildNodes (configurationNode->GetchildNodes());
+ nodesCount = nodes.size();
+
+ if (nodesCount > 1)
+ {
+ bValid = true;
+ for (size_t i = 0; bValid && (i < nodesCount); i++)
+ {
+ configNode = nodes[i];
+ if (configNode->GetnodeType() == NODE_COMMENT)
+ continue;
+ else if ( (configNode->GetnodeType() == NODE_ELEMENT)
+ && (configNode->GetnodeName().GetBSTR())
+ && (0 == strcmp ((const char*) configNode->GetnodeName(), "config"))
+ )
+ {
+ nodes = GetReadChildNodes (configNode->GetchildNodes());
+ nodesCount = nodes.size();
+ if ((nodesCount == 0 || (nodesCount == 1 && nodes[0]->GetnodeType() == NODE_TEXT))
+ && configNode->Getattributes()
+ && (configNode->Getattributes()->Getlength() == 1)
+ && (configNode->Getattributes()->Getitem(0))
+ )
+ {
+ std::string val;
+ bstr_t bstr = configNode->Getattributes()->Getitem(0)->GetnodeName ();
+ if (bstr.GetBSTR())
+ val = (const char*) bstr;
+ if (val != "key")
+ bValid = false;
+ }
+ else
+ bValid = false;
+ }
+ else
+ bValid = false;
+ }
+ }
+ }
+ }
+ }
+ }
+ catch(_com_error errorObject)
+ {
+ bValid = false;
+ }
+ }
+ }
+
+ CoUninitialize();
+ return bValid;
+}
+
+
static void localcleanup (void)
{
// Wipe command line
@@ -10899,8 +11020,6 @@ void SecurityTokenPreferencesDialog (HWND hwndDlg)
DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_PREFERENCES), hwndDlg, (DLGPROC) SecurityTokenPreferencesDlgProc, 0);
}
-INT_PTR TextEditDialogBox (int type, HWND parent, const WCHAR* Title, std::string& text);
-
static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam)
{
WORD lw = LOWORD (wParam);
@@ -10972,7 +11091,7 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
case IDCANCEL:
EndDialog (hwndDlg, lw);
return 1;
- case IDB_SHOW_PLATFORMINFO:
+ case IDC_SHOW_PLATFORMINFO:
{
try
{
@@ -10995,13 +11114,14 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
else
offset = 0;
platforminfo = (const char*) &fileContent[offset];
- TextEditDialogBox(0, hwndDlg, L"PlatformInfo", platforminfo);
+ TextEditDialogBox(TRUE, hwndDlg, GetString ("EFI_PLATFORM_INFORMATION"), platforminfo);
}
catch (Exception &e) { e.Show(hwndDlg); }
}
return 0;
- case IDB_EDIT_DCSPROP:
+ case IDC_EDIT_DCSPROP:
+ if (AskWarnNoYes ("EDIT_DCSPROP_FOR_ADVANCED_ONLY", hwndDlg) == IDYES)
{
try
{
@@ -11026,14 +11146,23 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
offset = 0;
dcsprop = (const char*) &fileContent[offset];
- if(TextEditDialogBox(0, hwndDlg, L"DcsProp", dcsprop) == IDOK) {
- // Add UTF-8 BOM
- fileContent.resize (dcsprop.length() + 3);
- memcpy (fileContent.data(), "\xEF\xBB\xBF", 3);
- memcpy (&fileContent[3], &dcsprop[0], dcsprop.length());
- File f2(path,false,true);
- f2.Write(fileContent.data(), fileContent.size());
- f2.Close();
+ while (TextEditDialogBox(FALSE, hwndDlg, GetString ("BOOT_LOADER_CONFIGURATION_FILE"), dcsprop) == IDOK)
+ {
+ if (validateDcsPropXml (dcsprop.c_str()))
+ {
+ // Add UTF-8 BOM
+ fileContent.resize (dcsprop.length() + 3);
+ memcpy (fileContent.data(), "\xEF\xBB\xBF", 3);
+ memcpy (&fileContent[3], &dcsprop[0], dcsprop.length());
+ File f2(path,false,true);
+ f2.Write(fileContent.data(), fileContent.size());
+ f2.Close();
+ break;
+ }
+ else
+ {
+ MessageBoxW (hwndDlg, GetString ("DCSPROP_XML_VALIDATION_FAILED"), lpszTitle, ICON_HAND);
+ }
}
}
catch (Exception &e) { e.Show(hwndDlg); }
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index 46d385ba..d07a9b4a 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -285,25 +285,25 @@ BEGIN
LTEXT "",IDT_PKCS11_LIB_HELP,16,63,286,65
END
-IDD_EFI_SYSENC_SETTINGS DIALOGEX 0, 0, 367, 134
+IDD_EFI_SYSENC_SETTINGS DIALOGEX 0, 0, 374, 156
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - System Encryption Settings"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
BEGIN
CONTROL "&Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)",IDC_BOOT_LOADER_CACHE_PASSWORD,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,90,339,10
- DEFPUSHBUTTON "OK",IDOK,261,120,50,14
- PUSHBUTTON "Cancel",IDCANCEL,315,120,50,14
- GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,8,7,355,65
- GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,6,75,355,44
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,68,339,10
+ DEFPUSHBUTTON "OK",IDOK,258,132,50,14
+ PUSHBUTTON "Cancel",IDCANCEL,317,132,50,14
+ GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,8,7,355,45
+ GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,7,53,355,44
CONTROL "Include PIM when caching pre-boot authentication password",IDC_BOOT_LOADER_CACHE_PIM,
- "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,16,105,340,10
+ "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,16,83,340,10
CONTROL "Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk)",IDC_DISABLE_BOOT_LOADER_PIM_PROMPT,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,20,339,9
CONTROL "Do not request Hash algorithm in the pre-boot authentication screen",IDC_DISABLE_BOOT_LOADER_HASH_PROMPT,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,35,339,9
- PUSHBUTTON "Show PlatformInfo",IDB_SHOW_PLATFORMINFO,75,51,68,14
- DEFPUSHBUTTON "Edit DcsProp",IDB_EDIT_DCSPROP,15,51,50,14
+ PUSHBUTTON "Display EFI Platform Information",IDC_SHOW_PLATFORMINFO,16,126,154,14
+ PUSHBUTTON "Edit Boot Loader Configuration",IDC_EDIT_DCSPROP,16,105,154,14
END
IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 370, 248
@@ -418,7 +418,7 @@ END
//
#ifdef APSTUDIO_INVOKED
-GUIDELINES DESIGNINFO
+GUIDELINES DESIGNINFO
BEGIN
IDD_PREFERENCES_DLG, DIALOG
BEGIN
@@ -483,9 +483,9 @@ BEGIN
IDD_EFI_SYSENC_SETTINGS, DIALOG
BEGIN
LEFTMARGIN, 7
- RIGHTMARGIN, 360
+ RIGHTMARGIN, 367
TOPMARGIN, 7
- BOTTOMMARGIN, 124
+ BOTTOMMARGIN, 146
END
IDD_PERFORMANCE_SETTINGS, DIALOG
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index c3a61c6e..62d7ea1a 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -184,8 +184,8 @@
#define IDC_HIDE_WAITING_DIALOG 1161
#define IDC_DISABLE_BOOT_LOADER_HASH_PROMPT 1162
#define IDC_SECURE_DESKTOP_PASSWORD_ENTRY 1163
-#define IDB_SHOW_PLATFORMINFO 1164
-#define IDB_EDIT_DCSPROP 1165
+#define IDC_SHOW_PLATFORMINFO 1164
+#define IDC_EDIT_DCSPROP 1165
#define IDM_HELP 40001
#define IDM_ABOUT 40002
#define IDM_UNMOUNT_VOLUME 40003