1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-26 11:29:53 +03:00

Merge pull request #510 from dnobori/b3_loadlibrary

Preventing the Win32 API LoadLibrary() current directory DLL injection issue.
This commit is contained in:
Daiyuu Nobori 2018-05-24 18:07:53 +09:00 committed by GitHub
commit b59697fbd4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 72 additions and 0 deletions

View File

@ -154,7 +154,19 @@ static UINT64 probe_start = 0;
static UINT64 probe_last = 0; static UINT64 probe_last = 0;
static bool probe_enabled = false; static bool probe_enabled = false;
// The function which should be called once as soon as possible after the process is started
static bool init_proc_once_flag = false;
void InitProcessCallOnce()
{
if (init_proc_once_flag == false)
{
init_proc_once_flag = true;
#ifdef OS_WIN32
MsInitProcessCallOnce();
#endif // OS_WIN32
}
}
// Calculate the checksum // Calculate the checksum
USHORT CalcChecksum16(void *buf, UINT size) USHORT CalcChecksum16(void *buf, UINT size)
@ -490,6 +502,8 @@ void InitMayaqua(bool memcheck, bool debug, int argc, char **argv)
return; return;
} }
InitProcessCallOnce();
g_memcheck = memcheck; g_memcheck = memcheck;
g_debug = debug; g_debug = debug;
cmdline = NULL; cmdline = NULL;

View File

@ -133,6 +133,8 @@
#endif // VPN_SPEED #endif // VPN_SPEED
void InitProcessCallOnce();
#ifdef VPN_EXE #ifdef VPN_EXE
// To build the executable file // To build the executable file
#ifdef WIN32 #ifdef WIN32
@ -142,6 +144,7 @@ int main(int argc, char *argv[]);
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow) int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
{ {
char *argv[] = { CmdLine, }; char *argv[] = { CmdLine, };
InitProcessCallOnce();
return main(1, argv); return main(1, argv);
} }
#endif // WIN32 #endif // WIN32

View File

@ -273,6 +273,43 @@ typedef struct MS_MSCHAPV2_PARAMS
UCHAR ResponseBuffer[MAX_SIZE]; UCHAR ResponseBuffer[MAX_SIZE];
} MS_MSCHAPV2_PARAMS; } MS_MSCHAPV2_PARAMS;
// The function which should be called once as soon as possible after the process is started
void MsInitProcessCallOnce()
{
// Mitigate the DLL injection attack
char system_dir[MAX_PATH];
char kernel32_path[MAX_PATH];
UINT len;
HINSTANCE hKernel32;
// Get the full path of kernel32.dll
memset(system_dir, 0, sizeof(system_dir));
GetSystemDirectory(system_dir, sizeof(system_dir));
len = lstrlenA(system_dir);
if (system_dir[len] == '\\')
{
system_dir[len] = 0;
}
wsprintfA(kernel32_path, "%s\\kernel32.dll", system_dir);
// Load kernel32.dll
hKernel32 = LoadLibraryA(kernel32_path);
if (hKernel32 != NULL)
{
BOOL (WINAPI *_SetDllDirectoryA)(LPCTSTR);
_SetDllDirectoryA = (BOOL (WINAPI *)(LPCTSTR))
GetProcAddress(hKernel32, "SetDllDirectoryA");
if (_SetDllDirectoryA != NULL)
{
_SetDllDirectoryA("");
}
FreeLibrary(hKernel32);
}
}
// Collect the information of the VPN software // Collect the information of the VPN software
bool MsCollectVpnInfo(BUF *bat, char *tmpdir, char *svc_name, wchar_t *config_name, wchar_t *logdir_name) bool MsCollectVpnInfo(BUF *bat, char *tmpdir, char *svc_name, wchar_t *config_name, wchar_t *logdir_name)
{ {

View File

@ -1160,6 +1160,7 @@ void MsTest();
bool MsSaveSystemInfo(wchar_t *dst_filename); bool MsSaveSystemInfo(wchar_t *dst_filename);
bool MsCollectVpnInfo(BUF *bat, char *tmpdir, char *svc_name, wchar_t *config_name, wchar_t *logdir_name); bool MsCollectVpnInfo(BUF *bat, char *tmpdir, char *svc_name, wchar_t *config_name, wchar_t *logdir_name);
void MsInitProcessCallOnce();
MS_SUSPEND_HANDLER *MsNewSuspendHandler(); MS_SUSPEND_HANDLER *MsNewSuspendHandler();
void MsFreeSuspendHandler(MS_SUSPEND_HANDLER *h); void MsFreeSuspendHandler(MS_SUSPEND_HANDLER *h);

View File

@ -155,6 +155,8 @@ void StopProcess()
// WinMain function // WinMain function
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
InitProcessCallOnce();
VgUseStaticLink(); VgUseStaticLink();
#ifdef OS_WIN32 #ifdef OS_WIN32

View File

@ -143,6 +143,8 @@ void StopProcess()
// WinMain function // WinMain function
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
InitProcessCallOnce();
#ifdef OS_WIN32 #ifdef OS_WIN32
return MsService(GC_SVC_NAME_VPNCLIENT, StartProcess, StopProcess, ICO_MACHINE, argv[0]); return MsService(GC_SVC_NAME_VPNCLIENT, StartProcess, StopProcess, ICO_MACHINE, argv[0]);

View File

@ -137,6 +137,8 @@ int main(int argc, char *argv[])
wchar_t *s; wchar_t *s;
UINT ret = 0; UINT ret = 0;
InitProcessCallOnce();
#ifdef OS_WIN32 #ifdef OS_WIN32
SetConsoleTitleA(CEDAR_PRODUCT_STR " VPN Command Line Utility"); SetConsoleTitleA(CEDAR_PRODUCT_STR " VPN Command Line Utility");
#endif // OS_WIN32 #endif // OS_WIN32

View File

@ -134,6 +134,8 @@
// WinMain function // WinMain function
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow) int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
{ {
InitProcessCallOnce();
InitMayaqua(false, false, 0, NULL); InitMayaqua(false, false, 0, NULL);
InitCedar(); InitCedar();

View File

@ -353,6 +353,8 @@ void MainFunction(char *cmd)
// winmain function // winmain function
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow) int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
{ {
InitProcessCallOnce();
InitMayaqua(false, false, 0, NULL); InitMayaqua(false, false, 0, NULL);
EnableProbe(false); EnableProbe(false);
InitCedar(); InitCedar();

View File

@ -1634,6 +1634,7 @@ void ViFreeStringTables()
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow) int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
{ {
INSTANCE *instance; INSTANCE *instance;
InitProcessCallOnce();
is_debug = false; is_debug = false;
MayaquaMinimalMode(); MayaquaMinimalMode();
InitMayaqua(false, is_debug, 0, NULL); InitMayaqua(false, is_debug, 0, NULL);

View File

@ -155,6 +155,8 @@ void StopProcess()
// WinMain function // WinMain function
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
InitProcessCallOnce();
VgUseStaticLink(); VgUseStaticLink();
#ifdef OS_WIN32 #ifdef OS_WIN32

View File

@ -134,6 +134,8 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
{ {
UINT ret; UINT ret;
InitProcessCallOnce();
VgUseStaticLink(); VgUseStaticLink();
ret = SWExec(); ret = SWExec();

View File

@ -132,6 +132,8 @@
// WinMain function // WinMain function
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow) int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
{ {
InitProcessCallOnce();
InitMayaqua(false, false, 0, NULL); InitMayaqua(false, false, 0, NULL);
InitCedar(); InitCedar();
SMExec(); SMExec();