1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Commit graph

575 commits

Author SHA1 Message Date
Pete Batard
a47072c3c6
[ui] produce a more explicit error message when an image can't be opened/read
* Closes #1843
* Also publish Coverity artifacts since upload to Coverity seems to be broken atm.
2022-01-07 13:27:15 +00:00
Austin Wise
ef2ff7179d
[msvc] add provision to prevent DLL search order hijacking through delay loading
* Hypothetically if the user's current directory contains a malicious DLL that DLL
  could be loaded instead of the one in System32.
* Whereas the previous patch should have taken care of the one DLL referenced by
  Rufus that may be vulnerable to this attack (version.dll), we nonetheless add
  delay loading for all the libraries we reference as a precautionary measure.
* One can confirm that this works by using dumpbin.exe /IMPORTS to make sure
  a specific DLL is delay loaded. Then putting a breakpoint in the delay load
  hook should also confirm that the hook is used.
* Closes #1838
2022-01-05 18:33:59 +00:00
Pete Batard
c28f9bc491
[misc] fix PVS-Studio warnings 2022-01-05 12:57:26 +01:00
Pete Batard
eeca1f279c
[iso] add 'inst.repo' Red-Hat workaround for CentOS Stream
* Since CentOS Stream does not use the 'CentOS-8.*' labelling scheme.
* This is a follow up to #1777.
* Also fix Windows Kit location for signing scripts.
2021-11-22 20:11:47 +00:00
Dimitri Papadopoulos
d840083a32
[misc] fix typos found by codespell
* 3rd party software was left out.
* Most changes are in code comments, but one user-visible string has also been fixed.
* Closes #1817
2021-11-16 18:53:52 +00:00
Pete Batard
a519e3b03b
[misc] fix console hogger not being deleted on exit
* Also update hash DB and readme for latest Grub4DOS
2021-10-23 15:14:46 +01:00
Pete Batard
b30e3b387a
[efi] update UEFI:NTFS to latest
* Also remove Secure Boot notice since (outside of 32-bit ARM and exFAT)
  our bootloaders and NTFS drivers are now Secure Boot signed.
2021-10-23 02:49:15 +01:00
Pete Batard
05382d8c7d
[core] ReFS improvements
* Allow 4K/64K cluster size selection
* Only enable ReFS on relevant platforms
* Also recognize a few more Windows editions
2021-10-21 02:02:17 +01:00
Pete Batard
32b083e535
[misc] improve path display for Sylinux/GRUB resources 2021-10-21 01:59:03 +01:00
Pete Batard
1c2884ceba
[misc] fallback to using LoadLibrary() when LoadLibraryEx() fails or doesn't apply
* Per 2a3e82fa96, it looks like some Windows 7 system have trouble with
  LoadLibraryEx() if they don't have KB2533623 installed (which fixes a MAJOR Windows
  vulnerability. Some people sure want to leave their system open to hackers...).
* Work around this by adding a fallback to LoadLibrary() in GetLibraryHandle()
* Also switch to using GetLibraryHandle() in dos.c and using LoadLibrary() in sections
  where we have the full path (since these calls are not vulnerable).
2021-10-18 13:15:41 +01:00
Pete Batard
56a99e6394
[misc] use application dir for storage in portable mode
* Also improve path reporting in the log.
* Also fix MinGW warnings
2021-10-11 20:11:06 +01:00
Pete Batard
9cd7adaaaa
[iso] finalize workaround for Red Hat 8 derivatives
* See #1777
2021-10-11 17:55:46 +01:00
Pete Batard
957ec183c9
[ui] improve progress report when disabling Windows 11 installation restrictions
* Also fix Image Options content being lost when switching language.
2021-10-09 16:18:45 +01:00
Pete Batard
b043db33e6
[core] add option to bypass TPM 2.0/Secure Boot/RAM requirements for Windows 11 ISOs
* If 'Extended Windows 11 Installation' mode is selected, the system registry hive of
  'sources\boot.wim' is patched to add the Setup\LabConfig registry keys that bypass
  the TPM 2.0/Secure Boot/8GB+ RAM Windows 11 system requirements.
2021-10-08 19:24:10 +01:00
Pete Batard
a10b8e8c54
[iso] add Windows ISO version report
* Use sources/compatresources.dll, when available, to try to detect the Windows ISO version and build.
* Also report what facility we use for formatting.
2021-10-08 19:24:07 +01:00
Pete Batard
ce8aaa99f7
[core] add VDS detection and print a notice if VDS is unavailable 2021-10-04 14:29:09 +02:00
Pete Batard
c09ede16b3
[iso] add kernel options update for Red Hat derivatives
* Since version 8.2, and rhinstaller/anaconda@a766101954,
  Red Hat derivatives have changed their CD-ROM detection policy which leads to
  the installation source not being found when writing the media in ISO mode.
* Replace 'inst.stage2' by 'inst.repo' in the kernel options.
* Closes #1777 (See also rhinstaller/anaconda#rhinstaller/anaconda#3529).
* Note that this reverts part of 9c8fa40995.
2021-10-03 16:04:34 +02:00
Pete Batard
deee38d4e5
[misc] fix log potentially not being saved on exit
* Also ensures that if the user deleted the directory we don't recreate it for the log.
* Also fix typos and Coverity warnings.
2021-09-19 21:01:45 +01:00
Pete Batard
8538ce0590
[misc] fix some Coverity warnings 2021-08-02 13:22:49 +01:00
Pete Batard
436584fcc0
[appstore] revert AppStore version detection to rufus.app presence check
* This basically reverts the changes from 9dfa31db03.
2021-08-01 21:50:11 +01:00
Pete Batard
41a9436649
[core] automatically save log to %LocalAppData%\Rufus\rufus.log on exit 2021-07-28 16:37:45 +01:00
Pete Batard
8ceb0045fa
[grub] update embedded GRUB to 2.06
* Also enable NTFS and ext# as GRUB2 compatible file systems.
2021-07-27 18:10:29 +01:00
longpanda
49eefa2e03
[cmp] add support for Ventoy Sparse Image (.vtsi) 2021-06-22 19:08:33 +01:00
Pete Batard
4f97cdfdc3
[ui] increase projected size to prevent persistence overflow
* If users set the persistent size to max, we may run into a situation
  where projected size (which is always a rough estimation) is too low.
* When persistence is in use, we increase the projected size by 10%, to
  ensure that the above scenario cannot happen.
* Also work around potential issues with Windows APIs when the application
  is launched from the root of a drive.
2021-06-10 17:18:40 +01:00
Pete Batard
9d7e96e293
[core] move downloads from <app_location>\rufus_files\ to %LOCALAPPDATA%\Rufus\
* While this is intended to solve the issue of saving GRUB/Syslinux files for the
  App Store version, we apply this change globally, as it allows the user to move
  the Rufus executable around while preserving access to existing downloads.
* Closes #1744
2021-05-31 16:54:11 +01:00
Pete Batard
f26fd2fbe3
[fido] add additional Authenticode validation before running the script
* This basically means that the script is validate *TWICE*, using two
  completely independent signatures, before it is allowed to run, which
  should add another mitigation layer against TOCTOU (which we already
  friggin' mitigated against anyway) and other potential vectors of
  attack.
* Also remove -DisableFirstRunCustomize option and the associated cookie
  prompt monitoring, which the latest version of Fido no longer requires.
* Also update WDK version for signtool and flesh out PKI error messages.
2021-05-27 00:19:25 +01:00
Pete Batard
9c8fa40995
[ui] add forced DD mode exceptions for Red Hat based distros
* Anaconda broke ISO compatibility, most likely with the following commit:
  84529204fe
* However, Ret Hat, and its followers, have drunk the "DD only" kool aid, and
  appear to be blissfully unaware of the very real drawbacks that enforcing a
  "DD only" mode for ISOHybrid can actually place on distro users.
* Rather than spend another wasted effort trying get people, who appear to be
  impervious to even remotely consider the idea that DD imaging can have flaws,
  to look into the possibility that Red Hat might indeed have introduced a
  regression, and given the downright hostility I have been subjected to from
  trying to state this *very verifiable* fact, we'll just force DD mode for the
  affected Red Hat and derivatives, whilst trusting that users will be smart
  enough to compare their more limited installation experience against the ones
  from other distros (such as Arch, Debian or Ubuntu, which, unlike Red Hat and
  co., appear to fully understand that the whole ISOHybrid vs DD mode situation
  is not all black and white), and see for themselves which distros do actually
  place *their* interests first, rather than just the interests of the distro
  maintainers...
2021-04-23 17:04:55 +01:00
Pete Batard
2e1833e91e
[misc] improve CoInitialize calls
* Balance with CoUninitialize and add COINIT_DISABLE_OLE1DDE
* Also add /BREPRO linker flag for reproducible VS2019 release builds
2021-04-09 12:36:30 +01:00
Pete Batard
2a3e82fa96
[misc] switch to using LoadLibraryEx everywhere
* This allows us to further mitigate DLL side loading by enforcing
  LOAD_LIBRARY_SEARCH_SYSTEM32 / LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR.
2021-04-09 11:31:52 +01:00
Pete Batard
c9e71de898
[ui] disable drag and drop during drive creation
* Closes #1672
* Also fix Rufus MBR not being selected when switching partition scheme to MBR
* Also fix users being prompted twice for ISO → ESP
2021-04-08 17:29:13 +01:00
Pete Batard
b3eca3451d
[loc] update for new translation round 2021-03-31 13:21:57 +01:00
Pete Batard
9dfa31db03
[appstore] improve AppStore version detection
* Also fix ESP prompt no longer appearing
2021-03-31 13:21:52 +01:00
Pete Batard
480214bbb6
[ui] add a message for ISOHybrids that don't allow for ISO mode
* Also limit VDS refresh to DD image writing
* Also increase the number of loc messages
2021-03-25 20:49:45 +00:00
Pete Batard
a3df3b0fb3
[ui] move Syslinux/GRUB downloads after the ISO vs DD mode selection 2021-03-25 19:52:33 +00:00
Pete Batard
bb291df342
[appstore] disable update related elements and enable Fido always
* The check for update is not necessary or even desirable for the AppStore
  version, since the Windows Store takes care of updating the app.
2021-02-08 21:02:01 +00:00
Pete Batard
1062dde076
[appstore] add AppStore version detection
* Also make sure we don't include appstore.listing.csv in the app
  and remove unneeded call to GetModuleHandle() in pki.c.
2021-02-07 20:25:21 +00:00
Pete Batard
b2492908be
[net] switch to INetworkListManager::GetConnectivity to detect connectivity
* InternetGetConnectedState() is next to useless and doesn't provide
  coherent outcome on the ARM64 platform I'm testing with. This results
  in Rufus declaring that Internet is unavailable on platforms that do
  have actual Internet connectivity.
* Swicth to using INetworkListManager::GetConnectivity(), which actually
  reports a dependable result.
* Closes #1691
* Also remove the mutex for uprintf(), which may produce thread lockout
  and remove an unwanted double GetSignatureName() call on startup.
2021-02-06 18:58:42 +00:00
Pete Batard
e4372a9f57
[appstore] don't exit on unhandled parameters
* Looks like executables installed from the Windows Store launch with a "/InvokerPRAID"
  added parameter, which of course BREAKS apps that have a defined set of parameters
  and don't except that Microsoft would gingerly add random unwanted stuff there...
* The provision of this extra parameter also appears to be tied to using one of:
  - <TargetDeviceFamily Name="Windows.Universal" ...>
  - <uap:SplashScreen ...>
  - <Application EntryPoint="$targetentrypoint$" ...>
  in the appxmanifest.
* This resulted in our argument processing loop to cause early exit on account that an
  unexpected option was provided.
* Fix this by adding an explicit check for /InvokerPRAID and not exiting on unhandled
  params and removing or altering the 3 appxmanifest options listed above.
* Also set an explicit Windows.FullTrustApplication and remove splash screen.
* Also update _pre-commit.sh to update appstore build number automatically.
* Also remove splash screen images, add store listing CSV and toggle App builds to manual.
* Closes #1690
2021-02-05 17:47:48 +00:00
Pete Batard
fce645543f
[dev] add exception for Realtek card readers
* Also update copyright year to 2021
* Also update version for rufus-next
* Also set Win32 "A" APIs to UTF-8 and enable long paths in manifest
2021-01-06 19:27:31 +00:00
Pete Batard
35b0ab2470
[ui] add cheat mode (Alt-M) to ignore Boot Marker 2020-11-12 17:38:20 +00:00
Pete Batard
77b0d1d366
[ui] display marquee operations on taskbar 2020-11-10 19:46:53 +00:00
Pete Batard
e8c717c394
[ui] always use fake units for proposed labels
* Also improve log messages
2020-11-03 12:49:08 +00:00
Pete Batard
3758f84b17
[vds] improve VDS calls
* Make sure that instantiated objects are released.
* Factorize the instantiating of disk interfaces.
* Allow the provision of an offset to delete a single partition.
* Add a ListVdsVolumes() call (which is pointless since Microsoft *CRIPPLED* its VDS implementation).
2020-10-25 13:09:32 +00:00
Pete Batard
318d5ed16d
[iso] fix "ISO has not been properly scanned" error for some ISOs
* Make sure that if we skip a deep directory during scan, we count at
  least one block of data.
* Also produce a note about deep directory long scan times and improve
  the formatting of some messages.
2020-10-12 19:33:54 +01:00
Pete Batard
e6ac3782fe
[ext2fs] set a minimum ext partition size of 256 MB
* Not gonna bother with computing the effective minimum size so 256 MB will have to do.
* Closes #1576
2020-10-02 13:58:15 +01:00
Pete Batard
68a5a26956
[core] fix FAT32 not proposed for Win ISOs with <4 GB install.wim 2020-09-23 16:06:15 +02:00
Pete Batard
1bb2b3b126
[syslinux] disable MBR install for images using SysLinux 4.x with a >4 GB file
* The presence of a > 4 GB file forces the use of NTFS which is incompatible with
  SysLinux 4.x or earlier. As such, if an image uses SysLinux only, there's no
  point in enabling MBR as SysLinux won't boot.
* Required for ISOs such as securityonion-2.0.1-rc1.iso.
2020-09-15 21:02:08 +01:00
Pete Batard
b3caf638b6
[misc] miscellaneous code cleanup and fixes
* Don't use hDrive handle for longer than necessary
* Move all the popcount() function calls into missing.h
* Ensure that the thread_affinity[] array is properly sized
* Improve timeouts for conflicting process search
2020-09-09 17:00:39 +01:00
Pete Batard
3f0d574657
[misc] improve ToggleEsp() call to take an offset
* Also fix a MinGW warning
2020-08-15 14:58:55 +01:00
Pete Batard
ba406843f4
[core] work around a Windows bug where GetVolumePathNamesForVolumeName() can return the wrong drive letter
* A user is reporting that, on one of their platforms, Rufus is writing to the wrong target during the file-copy
  phase and using their existing Y: local drive instead of the drive associated to the USB, despite the fact
  that Rufus is passing the right volume name to GetVolumePathNamesForVolumeName().

* Here's the PowerShell wmic output, confirming that the volume GUID obtained by Rufus is the right one:

  DriveLetter : Y:
  DeviceId    : \\?\Volume{000349b1-17d0-69f6-c13f-f31162930600}\
  Capacity    : 118540464128
  FileSystem  : NTFS
  Label       : Y-DISK

  DriveLetter : H:
  DeviceId    : \\?\Volume{b150ff4a-d62b-11ea-86e3-f49634660e54}\
  Capacity    : 15791824896
  FileSystem  : FAT32
  Label       : ADATA16GB

* And here's the Rufus log demonstrating that GetVolumePathNamesForVolumeName() is returning the *WRONG* letter:

  Found volume \\?\Volume{b150ff4a-d62b-11ea-86e3-f49634660e54}\
  \\?\Volume{b150ff4a-d62b-11ea-86e3-f49634660e54}\ is already mounted as Y: instead of H: - Will now use this target instead...

* The last line shows, without the shadow of a doubt, that we did feed "\\?\Volume{b150ff4a-d62b-11ea-86e3-f49634660e54}\" to
  GetVolumePathNamesForVolumeName() and that this API call was successful (returned a non zero size) but ultimately returned
  the wrong letter (Y: instead of H:)...

* Therefore, Windows is BUGGY and the use of GetVolumePathNamesForVolumeName() must be avoided.
2020-08-13 14:49:34 +01:00