nerd
/
rufus
mirror of https://github.com/pbatard/rufus.git
1
1
Fork 0
Code Issues 1 Projects Releases Wiki Activity

[uefi] warn about revoked UEFI bootloaders when creating Windows To Go drives 

* Also move the warning after the WUE dialog.
* Also work around another possible access violation in process.c.
This commit is contained in:
Pete Batard 2023-06-19 10:38:30 +02:00
parent c59e9209eb
commit 16570f8662
No known key found for this signature in database
GPG Key ID: 38E0CF5E69EDD671
3 changed files with 43 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/process.c
View File

@ -473,8 +473,16 @@ static DWORD WINAPI SearchProcessThread(LPVOID param)
for (i = 0; ; i++) {
ULONG attempts = 8;
PSYSTEM_HANDLE_TABLE_ENTRY_INFO_EX handleInfo =
(i < handles->NumberOfHandles) ? &handles->Handles[i] : NULL;
PSYSTEM_HANDLE_TABLE_ENTRY_INFO_EX handleInfo = NULL;
// We are seeing reports of application crashes due to access
// violation exceptions here, so, since this is not critical code,
// we add an exception handler to ignore them.
TRY_AND_HANDLE(
EXCEPTION_ACCESS_VIOLATION,
{ handleInfo = (i < handles->NumberOfHandles) ? &handles->Handles[i] : NULL; },
{ continue; }
);
if ((dupHandle != NULL) && (processHandle != NtCurrentProcess())) {
pfNtClose(dupHandle);
@ -483,9 +491,6 @@ static DWORD WINAPI SearchProcessThread(LPVOID param)
// Update the current handle's process PID and compare against last
// Note: Be careful about not trying to overflow our list!
// Also, we are seeing reports of application crashes due to access
// violation exceptions here, so, since this is not critical code,
// we add an exception handler to ignore them.
TRY_AND_HANDLE(
EXCEPTION_ACCESS_VIOLATION,
{ pid[cur_pid] = (handleInfo != NULL) ? handleInfo->UniqueProcessId : -1; },

54
src/rufus.c
View File

@ -1430,7 +1430,7 @@ static DWORD WINAPI BootCheckThread(LPVOID param)
const char* ldlinux = "ldlinux";
const char* syslinux = "syslinux";
const char* ldlinux_ext[3] = { "sys", "bss", "c32" };
char tmp[MAX_PATH], tmp2[MAX_PATH], c;
char tmp[MAX_PATH], tmp2[MAX_PATH], efi[MAX_PATH], c;
syslinux_ldlinux_len[0] = 0; syslinux_ldlinux_len[1] = 0;
safe_free(grub2_buf);
@ -1544,36 +1544,11 @@ static DWORD WINAPI BootCheckThread(LPVOID param)
WriteSetting32(SETTING_WUE_OPTIONS, (UNATTEND_DEFAULT_MASK << 16) | unattend_xml_mask);
}
} else if (target_type == TT_UEFI) {
char efi_path[MAX_PATH], tmp_path[MAX_PATH];
if (!IS_EFI_BOOTABLE(img_report)) {
// Unsupported ISO
MessageBoxExU(hMainDialog, lmprintf(MSG_091), lmprintf(MSG_090), MB_OK | MB_ICONERROR | MB_IS_RTL, selected_langid);
goto out;
}
// coverity[swapped_arguments]
if (GetTempFileNameU(temp_dir, APPLICATION_NAME, 0, tmp_path) != 0) {
int i, j;
for (i = 0; i < ARRAYSIZE(efi_bootname) + 1; i++) {
if ((img_report.has_efi & (1 << i)) == 0)
continue;
if (i == 0)
static_strcpy(efi_path, bootmgr_efi_name);
else
static_sprintf(efi_path, "%s/%s", efi_dirname, efi_bootname[i - 1]);
if (ExtractISOFile(image_path, efi_path, tmp_path, FILE_ATTRIBUTE_NORMAL) == 0) {
uprintf("Warning: Failed to extract '%s' to check for UEFI revocation", efi_path);
continue;
}
j = IsUefiBootloaderRevoked(tmp_path);
if (j > 0) {
MessageBoxExU(hMainDialog, lmprintf(MSG_339,
(j == 1) ? lmprintf(MSG_340) : lmprintf(MSG_341, "Error code: 0xc0000428")),
lmprintf(MSG_338), MB_ICONWARNING | MB_IS_RTL, selected_langid);
break;
}
}
DeleteFileU(tmp_path);
}
if (HAS_WIN7_EFI(img_report) && (!WimExtractCheck(FALSE))) {
// Your platform cannot extract files from WIM archives => download 7-zip?
if (MessageBoxExU(hMainDialog, lmprintf(MSG_102), lmprintf(MSG_101), MB_YESNO | MB_ICONERROR | MB_IS_RTL, selected_langid) == IDYES)
@ -1645,6 +1620,33 @@ static DWORD WINAPI BootCheckThread(LPVOID param)
write_as_esp = (i & 2);
}
// Check UEFI bootloaders for revocation
if (target_type == TT_UEFI) {
// coverity[swapped_arguments]
if (GetTempFileNameU(temp_dir, APPLICATION_NAME, 0, tmp) != 0) {
for (i = 0; i < ARRAYSIZE(efi_bootname) + 1; i++) {
if ((img_report.has_efi & (1 << i)) == 0)
continue;
if (i == 0)
static_strcpy(efi, bootmgr_efi_name);
else
static_sprintf(efi, "%s/%s", efi_dirname, efi_bootname[i - 1]);
if (ExtractISOFile(image_path, efi, tmp, FILE_ATTRIBUTE_NORMAL) == 0) {
uprintf("Warning: Failed to extract '%s' to check for UEFI revocation", efi);
continue;
}
r = IsUefiBootloaderRevoked(tmp);
if (r > 0) {
MessageBoxExU(hMainDialog, lmprintf(MSG_339,
(r == 1) ? lmprintf(MSG_340) : lmprintf(MSG_341, "Error code: 0xc0000428")),
lmprintf(MSG_338), MB_ICONWARNING | MB_IS_RTL, selected_langid);
break;
}
}
DeleteFileU(tmp);
}
}
// If the selected target doesn't include BIOS, skip file downloads for GRUB/Syslinux
if (target_type != TT_BIOS)
goto uefi_target;

10
src/rufus.rc
View File

@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
IDD_DIALOG DIALOGEX 12, 12, 232, 326
STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
EXSTYLE WS_EX_ACCEPTFILES
CAPTION "Rufus 4.2.2053"
CAPTION "Rufus 4.2.2054"
FONT 9, "Segoe UI Symbol", 400, 0, 0x0
BEGIN
LTEXT "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP
@ -392,8 +392,8 @@ END
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 4,2,2053,0
PRODUCTVERSION 4,2,2053,0
FILEVERSION 4,2,2054,0
PRODUCTVERSION 4,2,2054,0
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -411,13 +411,13 @@ BEGIN
VALUE "Comments", "https://rufus.ie"
VALUE "CompanyName", "Akeo Consulting"
VALUE "FileDescription", "Rufus"
VALUE "FileVersion", "4.2.2053"
VALUE "FileVersion", "4.2.2054"
VALUE "InternalName", "Rufus"
VALUE "LegalCopyright", "© 2011-2023 Pete Batard (GPL v3)"
VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html"
VALUE "OriginalFilename", "rufus-4.2.exe"
VALUE "ProductName", "Rufus"
VALUE "ProductVersion", "4.2.2053"
VALUE "ProductVersion", "4.2.2054"
END
END
BLOCK "VarFileInfo"