nerd/rufus
1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Code Issues 1 Projects Releases Wiki Activity

[uefi] warn about revoked UEFI bootloaders when creating Windows To Go drives

Browse source 
* Also move the warning after the WUE dialog.
* Also work around another possible access violation in process.c.
This commit is contained in:
Pete Batard 2023-06-19 10:38:30 +02:00
parent c59e9209eb
commit 16570f8662
No known key found for this signature in database
GPG key ID: 38E0CF5E69EDD671
3 changed files with 43 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
src/process.c
View file

@ -473,8 +473,16 @@ static DWORD WINAPI SearchProcessThread(LPVOID param)
for (i = 0; ; i++) { for (i = 0; ; i++) {
ULONG attempts = 8; ULONG attempts = 8;
PSYSTEM_HANDLE_TABLE_ENTRY_INFO_EX handleInfo = PSYSTEM_HANDLE_TABLE_ENTRY_INFO_EX handleInfo = NULL;
(i < handles->NumberOfHandles) ? &handles->Handles[i] : NULL;
// We are seeing reports of application crashes due to access
// violation exceptions here, so, since this is not critical code,
// we add an exception handler to ignore them.
TRY_AND_HANDLE(
EXCEPTION_ACCESS_VIOLATION,
{ handleInfo = (i < handles->NumberOfHandles) ? &handles->Handles[i] : NULL; },
{ continue; }
);
if ((dupHandle != NULL) && (processHandle != NtCurrentProcess())) { if ((dupHandle != NULL) && (processHandle != NtCurrentProcess())) {
pfNtClose(dupHandle); pfNtClose(dupHandle);
@ -483,9 +491,6 @@ static DWORD WINAPI SearchProcessThread(LPVOID param)
// Update the current handle's process PID and compare against last // Update the current handle's process PID and compare against last
// Note: Be careful about not trying to overflow our list! // Note: Be careful about not trying to overflow our list!
// Also, we are seeing reports of application crashes due to access
// violation exceptions here, so, since this is not critical code,
// we add an exception handler to ignore them.
TRY_AND_HANDLE( TRY_AND_HANDLE(
EXCEPTION_ACCESS_VIOLATION, EXCEPTION_ACCESS_VIOLATION,
{ pid[cur_pid] = (handleInfo != NULL) ? handleInfo->UniqueProcessId : -1; }, { pid[cur_pid] = (handleInfo != NULL) ? handleInfo->UniqueProcessId : -1; },

54
src/rufus.c
View file

@ -1430,7 +1430,7 @@ static DWORD WINAPI BootCheckThread(LPVOID param)
const char* ldlinux = "ldlinux"; const char* ldlinux = "ldlinux";
const char* syslinux = "syslinux"; const char* syslinux = "syslinux";
const char* ldlinux_ext[3] = { "sys", "bss", "c32" }; const char* ldlinux_ext[3] = { "sys", "bss", "c32" };
char tmp[MAX_PATH], tmp2[MAX_PATH], c; char tmp[MAX_PATH], tmp2[MAX_PATH], efi[MAX_PATH], c;
syslinux_ldlinux_len[0] = 0; syslinux_ldlinux_len[1] = 0; syslinux_ldlinux_len[0] = 0; syslinux_ldlinux_len[1] = 0;
safe_free(grub2_buf); safe_free(grub2_buf);
@ -1544,36 +1544,11 @@ static DWORD WINAPI BootCheckThread(LPVOID param)
WriteSetting32(SETTING_WUE_OPTIONS, (UNATTEND_DEFAULT_MASK << 16) | unattend_xml_mask); WriteSetting32(SETTING_WUE_OPTIONS, (UNATTEND_DEFAULT_MASK << 16) | unattend_xml_mask);
} }
} else if (target_type == TT_UEFI) { } else if (target_type == TT_UEFI) {
char efi_path[MAX_PATH], tmp_path[MAX_PATH];
if (!IS_EFI_BOOTABLE(img_report)) { if (!IS_EFI_BOOTABLE(img_report)) {
// Unsupported ISO // Unsupported ISO
MessageBoxExU(hMainDialog, lmprintf(MSG_091), lmprintf(MSG_090), MB_OK | MB_ICONERROR | MB_IS_RTL, selected_langid); MessageBoxExU(hMainDialog, lmprintf(MSG_091), lmprintf(MSG_090), MB_OK | MB_ICONERROR | MB_IS_RTL, selected_langid);
goto out; goto out;
} }
// coverity[swapped_arguments]
if (GetTempFileNameU(temp_dir, APPLICATION_NAME, 0, tmp_path) != 0) {
int i, j;
for (i = 0; i < ARRAYSIZE(efi_bootname) + 1; i++) {
if ((img_report.has_efi & (1 << i)) == 0)
continue;
if (i == 0)
static_strcpy(efi_path, bootmgr_efi_name);
else
static_sprintf(efi_path, "%s/%s", efi_dirname, efi_bootname[i - 1]);
if (ExtractISOFile(image_path, efi_path, tmp_path, FILE_ATTRIBUTE_NORMAL) == 0) {
uprintf("Warning: Failed to extract '%s' to check for UEFI revocation", efi_path);
continue;
}
j = IsUefiBootloaderRevoked(tmp_path);
if (j > 0) {
MessageBoxExU(hMainDialog, lmprintf(MSG_339,
(j == 1) ? lmprintf(MSG_340) : lmprintf(MSG_341, "Error code: 0xc0000428")),
lmprintf(MSG_338), MB_ICONWARNING | MB_IS_RTL, selected_langid);
break;
}
}
DeleteFileU(tmp_path);
}
if (HAS_WIN7_EFI(img_report) && (!WimExtractCheck(FALSE))) { if (HAS_WIN7_EFI(img_report) && (!WimExtractCheck(FALSE))) {
// Your platform cannot extract files from WIM archives => download 7-zip? // Your platform cannot extract files from WIM archives => download 7-zip?
if (MessageBoxExU(hMainDialog, lmprintf(MSG_102), lmprintf(MSG_101), MB_YESNO | MB_ICONERROR | MB_IS_RTL, selected_langid) == IDYES) if (MessageBoxExU(hMainDialog, lmprintf(MSG_102), lmprintf(MSG_101), MB_YESNO | MB_ICONERROR | MB_IS_RTL, selected_langid) == IDYES)
@ -1645,6 +1620,33 @@ static DWORD WINAPI BootCheckThread(LPVOID param)
write_as_esp = (i & 2); write_as_esp = (i & 2);
} }
// Check UEFI bootloaders for revocation
if (target_type == TT_UEFI) {
// coverity[swapped_arguments]
if (GetTempFileNameU(temp_dir, APPLICATION_NAME, 0, tmp) != 0) {
for (i = 0; i < ARRAYSIZE(efi_bootname) + 1; i++) {
if ((img_report.has_efi & (1 << i)) == 0)
continue;
if (i == 0)
static_strcpy(efi, bootmgr_efi_name);
else
static_sprintf(efi, "%s/%s", efi_dirname, efi_bootname[i - 1]);
if (ExtractISOFile(image_path, efi, tmp, FILE_ATTRIBUTE_NORMAL) == 0) {
uprintf("Warning: Failed to extract '%s' to check for UEFI revocation", efi);
continue;
}
r = IsUefiBootloaderRevoked(tmp);
if (r > 0) {
MessageBoxExU(hMainDialog, lmprintf(MSG_339,
(r == 1) ? lmprintf(MSG_340) : lmprintf(MSG_341, "Error code: 0xc0000428")),
lmprintf(MSG_338), MB_ICONWARNING | MB_IS_RTL, selected_langid);
break;
}
}
DeleteFileU(tmp);
}
}
// If the selected target doesn't include BIOS, skip file downloads for GRUB/Syslinux // If the selected target doesn't include BIOS, skip file downloads for GRUB/Syslinux
if (target_type != TT_BIOS) if (target_type != TT_BIOS)
goto uefi_target; goto uefi_target;

10
src/rufus.rc
View file

@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
IDD_DIALOG DIALOGEX 12, 12, 232, 326 IDD_DIALOG DIALOGEX 12, 12, 232, 326
STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
EXSTYLE WS_EX_ACCEPTFILES EXSTYLE WS_EX_ACCEPTFILES
CAPTION "Rufus 4.2.2053" CAPTION "Rufus 4.2.2054"
FONT 9, "Segoe UI Symbol", 400, 0, 0x0 FONT 9, "Segoe UI Symbol", 400, 0, 0x0
BEGIN BEGIN
LTEXT "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP LTEXT "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP
@ -392,8 +392,8 @@ END
// //
VS_VERSION_INFO VERSIONINFO VS_VERSION_INFO VERSIONINFO
FILEVERSION 4,2,2053,0 FILEVERSION 4,2,2054,0
PRODUCTVERSION 4,2,2053,0 PRODUCTVERSION 4,2,2054,0
FILEFLAGSMASK 0x3fL FILEFLAGSMASK 0x3fL
#ifdef _DEBUG #ifdef _DEBUG
FILEFLAGS 0x1L FILEFLAGS 0x1L
@ -411,13 +411,13 @@ BEGIN
VALUE "Comments", "https://rufus.ie" VALUE "Comments", "https://rufus.ie"
VALUE "CompanyName", "Akeo Consulting" VALUE "CompanyName", "Akeo Consulting"
VALUE "FileDescription", "Rufus" VALUE "FileDescription", "Rufus"
VALUE "FileVersion", "4.2.2053" VALUE "FileVersion", "4.2.2054"
VALUE "InternalName", "Rufus" VALUE "InternalName", "Rufus"
VALUE "LegalCopyright", "© 2011-2023 Pete Batard (GPL v3)" VALUE "LegalCopyright", "© 2011-2023 Pete Batard (GPL v3)"
VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html" VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html"
VALUE "OriginalFilename", "rufus-4.2.exe" VALUE "OriginalFilename", "rufus-4.2.exe"
VALUE "ProductName", "Rufus" VALUE "ProductName", "Rufus"
VALUE "ProductVersion", "4.2.2053" VALUE "ProductVersion", "4.2.2054"
END END
END END
BLOCK "VarFileInfo" BLOCK "VarFileInfo"