VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2023-07-16 11:08:24 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2023-07-16 11:08:24 +0200
commit6267b91931af87db2b95172389a6fbaac206e42e (patch)
treebcee2266f1c5d9c5311d90fabe3fcb8aa79f8e93 /src
parentc759c2230b2e4df1faabea934313b8046e9420d1 (diff)
downloadVeraCrypt-6267b91931af87db2b95172389a6fbaac206e42e.tar.gz
VeraCrypt-6267b91931af87db2b95172389a6fbaac206e42e.zip
Windows: fix issue with fastCreate by requesting SE_MANAGE_VOLUME_NAME privilege before calling CreateFile
This ensures that the returned handle inherits the privilege
Diffstat (limited to 'src')
-rw-r--r--src/Common/Format.c54
1 files changed, 28 insertions, 26 deletions
diff --git a/src/Common/Format.c b/src/Common/Format.c
index bcbb94a1..a34b227d 100644
--- a/src/Common/Format.c
+++ b/src/Common/Format.c
@@ -344,6 +344,26 @@ begin_format:
else
{
/* File-hosted volume */
+ BOOL speedupFileCreation = FALSE;
+ // speedup for file creation only makes sens when using quick format for non hidden volumes
+ if (!volParams->hiddenVol && !bInstantRetryOtherFilesys && volParams->quickFormat && volParams->fastCreateFile)
+ {
+ // we set required privileges to speedup file creation before we create the file so that the file handle inherits the privileges
+ if (!SetPrivilege(SE_MANAGE_VOLUME_NAME, TRUE))
+ {
+ DWORD dwLastError = GetLastError();
+ if (Silent || (MessageBoxW(hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_MANAGE_VOLUME"), lpszTitle, MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2) == IDNO))
+ {
+ SetLastError(dwLastError);
+ nStatus = ERR_OS_ERROR;
+ goto error;
+ }
+ }
+ else
+ {
+ speedupFileCreation = TRUE;
+ }
+ }
dev = CreateFile (volParams->volumePath, GENERIC_READ | GENERIC_WRITE,
(volParams->hiddenVol || bInstantRetryOtherFilesys) ? (FILE_SHARE_READ | FILE_SHARE_WRITE) : 0,
@@ -373,13 +393,8 @@ begin_format:
if (!volParams->hiddenVol && !bInstantRetryOtherFilesys)
{
LARGE_INTEGER volumeSize;
- BOOL speedupFileCreation = FALSE;
volumeSize.QuadPart = dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE;
- // speedup for file creation only makes sens when using quick format
- if (volParams->quickFormat && volParams->fastCreateFile)
- speedupFileCreation = TRUE;
-
if (volParams->sparseFileSwitch && volParams->quickFormat)
{
// Create as sparse file container
@@ -401,28 +416,15 @@ begin_format:
if (speedupFileCreation)
{
- if (!SetPrivilege(SE_MANAGE_VOLUME_NAME, TRUE))
- {
- DWORD dwLastError = GetLastError();
- if (Silent || (MessageBoxW(hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_MANAGE_VOLUME"), lpszTitle, MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2) == IDNO))
- {
- SetLastError(dwLastError);
- nStatus = ERR_OS_ERROR;
- goto error;
- }
- }
- else
+ // accelerate file creation by telling Windows not to fill all file content with zeros
+ // this has security issues since it will put existing disk content into file container
+ // We use this mechanism only when switch /fastCreateFile specific and when quick format
+ // also specified and which is documented to have security issues.
+ // we don't check returned status because failure is not issue for us
+ if (!SetFileValidData (dev, volumeSize.QuadPart))
{
- // accelerate file creation by telling Windows not to fill all file content with zeros
- // this has security issues since it will put existing disk content into file container
- // We use this mechanism only when switch /fastCreateFile specific and when quick format
- // also specified and which is documented to have security issues.
- // we don't check returned status because failure is not issue for us
- if (!SetFileValidData (dev, volumeSize.QuadPart))
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
+ nStatus = ERR_OS_ERROR;
+ goto error;
}
}