From c94f8c9b63edc756aa05ec85ed8da84ab799205c Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Mon, 5 Oct 2015 03:22:11 +0200 Subject: Windows Driver: Modify fix for CVE-2015-7358 to solve side effects on Windows mount manager while still making it hard to abuse drive letter handling. --- src/Common/Apidrvr.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/Common') diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h index 4fc15767..79cf2377 100644 --- a/src/Common/Apidrvr.h +++ b/src/Common/Apidrvr.h @@ -322,7 +322,8 @@ typedef struct #define NT_MOUNT_PREFIX DRIVER_STR("\\Device\\VeraCryptVolume") #define NT_ROOT_PREFIX DRIVER_STR("\\Device\\VeraCrypt") -#define DOS_MOUNT_PREFIX DRIVER_STR("\\GLOBAL??\\") // Explicitely use Global MS-DOS device names to avoid security issues +#define DOS_MOUNT_PREFIX_DEFAULT DRIVER_STR("\\DosDevices\\") +#define DOS_MOUNT_PREFIX_GLOBAL DRIVER_STR("\\GLOBAL??\\") // Use Global MS-DOS device names for sanity checks on drive letters #define DOS_ROOT_PREFIX DRIVER_STR("\\DosDevices\\VeraCrypt") #define WIN32_ROOT_PREFIX DRIVER_STR("\\\\.\\VeraCrypt") -- cgit v1.2.3