1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Commit graph

2100 commits

Author SHA1 Message Date
Pete Batard
4eda8d9d5c
[process] add extra exception handling on NtClose()
* Also fix a typo in Norwegian translation (Closes #2453).
2024-04-04 17:40:20 +01:00
Pete Batard
5061af2b7c
[md5sum] compute and add md5sum_totalbytes to pre-existing md5sum.txt 2024-04-04 17:28:00 +01:00
Pete Batard
dd8314b2f0
[ui] add runtime UEFI media validation as a selectable advanced option
* Also add Ctrl-A as a new cheat-mode to toggle the use of Rufus MBR (which is enabled by default)
  which replaces the previous UI checkbox. The Disk ID field is now completely removed as we now
  use the default values for XP and non XP installs, and will expect people with multiple disks to
  disconnect all except the one where they plan to install Windows.
2024-04-02 17:18:06 +01:00
Pete Batard
6dac531552
[misc] don't pass an output size in DeviceIoControl() when not needed
* Also improve partition creation and address 2 Coverity warnings.
2024-04-01 14:56:06 +01:00
Pete Batard
8a5a5a318a
[misc] improve readability of error code handling
* Also don't pass a read size value in WriteFileWithRetry() if we don't use it.
2024-04-01 02:16:41 +01:00
Pete Batard
52ca79816f
[md5sum] Add md5sum.txt creation and runtime UEFI validation
* This allows *runtime* validation of UEFI bootable media, such as Windows
  or Linux installers, which, considering the unreliability of USB flash
  drives, we assert is a a much better proposal than write-time validation
  that utilities like balenaEcther (and to a lesser extent MCT) provide.
* Based on uefi-md5sum (https://github.com/pbatard/uefi-md5sum).
* Unconditionally activated on ISO extraction for GPT targets for now.
  This will be changed to a user selectable option later.
2024-03-29 00:48:05 +00:00
Pete Batard
b7568ab30a
[uefi] add the uefi-md5sum resources
* See https://github.com/pbatard/uefi-md5sum.
* The ia32, x64 and aa64 have been Secure Boot signed by Microsoft.
2024-03-28 23:50:41 +00:00
Pete Batard
a59389e1e1
[misc] move hash definitions to rufus.h
* Also always add an extra NUL to read_file(), some additional macros in missing.h
  and fix some warnings in process.c.
2024-03-27 19:02:24 +00:00
Pete Batard
d3f78c4e01
[efi] update UEFI:NTFS to latest
* Also fix missing original translator for Korean and remove an unwanted warning message.
2024-03-25 18:56:23 +00:00
Pete Batard
5eae8a6441
[cmp] Enable extraction of zip archives outside of ISO copy mode
* This enables the use of Ctrl-SELECT to also extract files from a .zip
  when using non-bootable, DOS, UEFI-NTFS, etc.
* Also clean up some uprintf line terminations and some additional code.
* Also fix some Coverity and MinGW warnings.
2024-03-12 17:41:27 +00:00
Pete Batard
abc33122a0
[iso] increase write buffer size to work around a bug in the AMI UEFI NTFS driver
* The AMI UEFI NTFS driver (version 0x10000), which is used in many modern systems from
  ASUS, Gigabyte, intel and so on, has a major bug whereas depending on the size of the
  buffers that are used to write the data onto the NTFS volume from Windows, as well as
  read the data from the NTFS volume from UEFI, the data being read may be incorrect
  (for details on this, see https://github.com/pbatard/AmiNtfsBug).
* Especially, it appears that if the size of the buffer used to write data on Windows is
  smaller than the NTFS cluster size, the bug may be triggered.
* Because of this, we increase the size of ISO write buffer to 64 KB since, per
  https://support.microsoft.com/en-gb/topic/default-cluster-size-for-ntfs-fat-and-exfat-9772e6f1-e31a-00d7-e18f-73169155af95
  this is the maximum cluster size that can be used for NTFS volumes.
* This increase in size should also help with performance somewhat.
* Also add support for C11's _Static_assert() which may come handy.
2024-03-12 12:53:30 +00:00
Pete Batard
8738e7a7de
[vhd] fix truncated write operation when using a VHDX image as source
* The legacy code we used for writing disk images used the size of the source image as
  the maximum number of bytes we should copy, which is fine for uncompressed DD or VHD
  images, but not so much for compressed VHDX ones. So we now make sure to use the
  actual size of the virtual disk, which we obtain when mounting the VHD/VHDX.
* Also fix log progress update as well as a MinGW warning.
2024-03-04 00:49:57 +00:00
Bella Zhang
026afa7e3d
[iso] add Circle Linux to the list of Red-Hat derivatives
* Closes #2414.
2024-02-09 17:04:40 +00:00
Pete Batard
172888ac32
[dos] fix a CodeQL warning and harmonize code 2024-02-09 17:00:42 +00:00
Pete Batard
15e3886499
[iso] enable persistence support for Linux Mint
* Mint users sure are lucky that one of them *lied their way through* pretending that
  persistence actually used to work with previous version of Mint, when it never did,
  because they got us going through a whole refactor of the partition creation process
  just so we could make Mint persistence work.
* Closes #2428.
* Also fix a Coverity warning.
2024-02-09 16:59:28 +00:00
Pete Batard
0f23c47184
[misc] refactor partition creation 2024-02-08 14:17:03 +00:00
Pete Batard
164d4b0ab0
[misc] update workflows to use upload-artifact@v4
* See actions/upload-artifact#483, actions/upload-artifact#472#issuecomment-1861571655
  and ultimately https://github.com/actions/upload-artifact/blob/main/merge/README.md.
2024-02-07 20:11:09 +00:00
Pete Batard
1be7eaf306
[net] fix Fido script not being able to be launched again on user cancel
* Also update workflows to latest setup-msbuild
* Closes #2419
2024-02-07 19:24:17 +00:00
Pete Batard
ac9a3f42d8
[misc] fix revoked bootloaders message does not display when using MBR
* Also update version to rufus-next
2024-02-06 20:02:36 +00:00
Pete Batard
c2b2624b62
[vhd] improve handing of user selected filename on save to VHD/FFU
* Use of '*.*' as pattern in file save dialog could lead to assert and crash, so
  we now try to derive the type of image to be saved from the file extension. We
  also did not properly handle user cancellation in the file save dialog.
* Also update iso9660/iso9660_fs.c to latest proposal of El Torito image handling.
* Also add a couple asserts in the hash table functions so that, if these ever get
  triggered we will pick them from Windows Store reports, and clean up code.
2024-02-03 18:39:44 +00:00
Pete Batard
018ed3414b
[iso] improve El Torito image handling
* Update to latest libcdio proposal and fix incorrect image size.
* Also remove unnecessary calls in packme.cmd.
2024-01-24 17:51:40 +00:00
Pete Batard
f6fd520d2a
[appstore] prevent packaging of ALPHA or BETA versions
* Also add package version override
2024-01-18 14:24:53 +00:00
Pete Batard
b63f9ae93c
Rufus 4.4 (Build 2103) 2024-01-17 14:11:50 +00:00
Pete Batard
fff39c56e8
[misc] fix UEFI:NTFS partition not being added when needed in MBR mode
* Also add support for SD card readers identifying themselves as SDXC.
2024-01-17 14:10:46 +00:00
Pete Batard
710bfe7f4d
[iso] work around ISOs that use broken symbolic links for UEFI bootloaders
* Per linuxmint/linuxmint#622 some ISOs may have a /EFI/boot/bootx64.efi that
  is a symbolic to a nonexisting file.
* This is originally due to a Debian bug that was fixed in:
  5bff71fea2
* Work around this by trying to extract a working bootx64.efi from the El-Torito image.
* Also improve DumpFatDir() to not replace already existing files.
2024-01-16 17:27:37 +00:00
Pete Batard
ae6732c07b
[iso] add basic El-Torito image parsing to libcdio
* Based on El-Torito specs found at https://pdos.csail.mit.edu/6.828/2014/readings/boot-cdrom.pdf.
* Follows 7-zip's virtual '[BOOT]/#...' naming conventions (though we don't check for the full name).
* Limited to 8 NoEmul images.
2024-01-16 17:21:32 +00:00
Fred
2cebf914fd
[fat] align start of data region to MB
* Closes #2387
2024-01-10 13:36:50 +00:00
Pete Batard
70e87482c1
[misc] add some more Windows edition names
* Closes #2380
* Also fix a typo in the Norwegian translation, with thanks to @Legendarion
* Closes #2397
2024-01-10 12:53:07 +00:00
Pete Batard
ebe01cc7b6
[dev] filter out Microsoft Dev Drives
* Microsoft Dev Drives are VHDs consisting of a small MSR followed by a large (50 GB or more)
  ReFS partition. See https://learn.microsoft.com/en-us/windows/dev-drive/.
* Closes #2395.
2024-01-08 16:43:52 +00:00
Pete Batard
51569d9e13
[misc] silence Coverity warnings
* Also update copyright year and improve uprintf error handling
* Also bump GitHub Actions dependencies. Note that we do NOT want to update to
  upload-artifact v4 because it BREAKS the creation of artifacts from matrix.
  See: https://github.com/actions/upload-artifact#v4---whats-new
* Closes #2382
* Closes #2383
2024-01-08 14:34:57 +00:00
johnloopi
b6d14d46df
[loc] Fixed typo in Norwegian translation
* Closes #2351
2023-11-14 12:13:49 +00:00
Pete Batard
89c1f8a72c
[iso] add BIOS support for Artix Linux
* Unfortunately, the Artix maintainers decided *NOT* to include the fat
  GRUB module for UEFI, so this will only work for BIOS boot...
2023-11-09 18:06:06 +00:00
Pete Batard
e0b5c6d96f
[misc] improve the code related to the commandline hogger deletion
* Also small additional code improvements
2023-11-09 17:39:38 +00:00
Pete Batard
58c56eb398
[vhd] fix a crash when saving .ffu images with release version
* Also update Rufus next to 4.4
2023-10-27 22:45:24 +02:00
Pete Batard
020e0b7c3a
Rufus 4.3 (Build 2090)
* Also fix a CodeQL warning in process.c
2023-10-19 10:31:19 +01:00
Pete Batard
8edb487ac9
[misc] update ChangeLog for 4.3 BETA
* Also minor code cleanups and improvements.
2023-10-12 19:46:10 +01:00
Pete Batard
1630e912d4
[iso] add exception for Mint's LMDE
* Mint have decided to make their installation rely on a working /live/ ➔ /casper/ symlink for LMDE
  thereby breaking the promise of File System Transposition that all Debian derivatives should have.
* Because of this, trying to use FAT32 with LMDE will fail, as reported in linuxmint/live-installer#152.
* Therefore, now that we can replicate symlinks on NTFS, we add an exception to always enforce the use
  of NTFS for LMDE.
2023-10-12 18:28:56 +01:00
Pete Batard
e9d588a6e0
[iso] add symlink support for target file systems that support it
* For now that means only NTFS. And we only do that for ISO-9660/Rock Ridge images.
2023-10-12 17:32:20 +01:00
Pete Batard
0bd38abd4e
[syslinux] improve support for Syslinux based Slax ISOs
* For some weird reason appending the base directory to the root syslinux.cfg
  we create does not appear to work with Slax. So we now always patch ldlinux.sys
  to include the base directory.
* Also add an exception to move the /slax/boot/EFI directory to /EFI.
* It should be noted that, as of slax-64bit-slackware-15.0.3.iso, the Slax UEFI
  Syslinux bootloaders appear to be broken (since creating a media without using
  Rufus at all per the Slax documentation does *not* produce a USB drive that was
  bootable in UEFI mode on 2 of the machines I tried).
* Also clean up some iso.c code and fix some unreachable code in ntfssect.c.
* Closes #2336.
* Closes #2338.
2023-10-11 20:46:46 +01:00
Pete Batard
45a5f22d43
[process] move the search for conflicting process to a background thread
* Removes the annoyance of having to wait for the process search to complete before media creation can start.
* Also update the "Process Hacker" references to its new "System Informer" name.
2023-10-10 22:22:45 +01:00
Pete Batard
8859c59548
[iso] count Rock Ridge duplicated files into the total size to process
* Duplicated symlinked Rock Ridge files were not counted into the total size needed
  to process the image and as a result, progress could go over 100% when extracting
  data (e.g. debian-live-12.1.0-amd64-lxqt.iso).
* Fix this by adding the duplicated files twice in the total block size.
2023-09-23 17:07:55 +01:00
Pete Batard
1fc790295c
[efi] update UEFI:NTFS to latest
* Add Windows bootmgr detection to report a more explicit error on security issues.
2023-09-08 17:33:25 +01:00
Pete Batard
99bffe8364
[misc] add '.wic' to the list of default image extensions
* '.wic' are DD images used by the Yocto project.
* Why Yocto chose to use their own extension instead of using the de-facto '.img' is beyond me but hey...
* Also update GitHub Actions dependencies to latest.
* Closes #2319.
2023-09-08 17:14:09 +01:00
Pete Batard
98725a0d5f
[misc] fix improper processing of net related errors
* With thanks to @Wack0
* Also silence a Coverity warning
2023-09-08 16:58:41 +01:00
Pete Batard
94ecf74c5f
[misc] use FORMAT_MESSAGE_FROM_HMODULE where possible and drop our custom message tables 2023-09-04 11:41:35 +01:00
Pete Batard
d5bf53054b
[misc] improve retrieval of core directories
* This *might* help with the issue reported in #2296.
2023-08-28 11:08:03 +01:00
Pete Batard
866aa22a8b
[iso] fix Debian 12 Live not using persistence in BIOS mode
* The Isolinux/Syslinux append line has been moved to /isolinux/live.cfg
  so make sure we patch that file when persistence is enabled.
2023-08-27 23:03:43 +01:00
Pete Batard
9c6b1ad977
[vhd] fix Rufus being unable to open .vhd images
* Due to a typo in vhd.c where the second safe_stricmp() should be against ".vhd" and not ".vhdx" again.
* Also enable the ignore boot marker bypass for VHD/VHDX/FFU and don't misreport those images as
  "compressed disk images".
* Closes #2309.
2023-08-20 13:12:38 +01:00
Pete Batard
5b6574d6f6
[misc] add S Mode detection to Windows version reporting
* With thanks to @Wack0
2023-08-18 17:38:12 +01:00
Pete Batard
c5ad16fdeb
[wue] add an expert feature to restrict a Windows installation to S Mode
* This is placed behind an expert wall (Ctrl-Alt-E) on account that:
  - If you happen to boot a Windows To Go drive in S Mode on a computer, it may set any
    existing Windows installation there to S Mode as well, *even if their disk is offline!*
  - It can be *exceedingly* tricky to get out of S Mode, as the SkuPolicyRequired registry
    trick alone may not be enough (i.e. You can have very much a Windows install in S Mode
    *without* SkuPolicyRequired being set anywhere).
* Also set version to rufus-next and fix a ChangeLog typo.
2023-08-15 11:15:16 +01:00
Pete Batard
5084317dd7
Rufus 4.2 (Build 2074)
* Also update UEFI:NTFS's NTFS driver to v1.7
2023-07-26 12:54:49 +01:00
AJIOB
b81b440a20
[uefi] fix search for bootloaders in FAT images that have an 'EFI' volume label
* Per https://en.wikipedia.org/wiki/Design_of_the_FAT_file_system#Directory_entry it
  is possible to have a FAT directory entry with a 'EFI' volume label alongside with
  a 'EFI' subdirectory.
* If that happens, then the current Syslinux libfat_searchdir() code may treat the
  'EFI' volume label as an empty subdirectory and say that there are no bootloaders,
  even if the 'EFI\Boot\Boot###.efi' binaries really do exist.
* Fix this by filtering out entries with the 'volume label' attribute (0x08).
* For good measure, also filter out entries with the 'device' attribute (0x40), as
  it is technically possible to create a 'EFI' device leading to the same issue.
* Closes #2288.
* Closes #2289.
2023-07-24 23:55:47 +01:00
Pete Batard
64e85ed09a
[uefi] don't revoke Windows 11 or post Windows 10 20H1 boot media yet
* As opposed to what we originally asserted, Microsoft did enact a blanket revocation
  in SkuSiPolicy.p7b for all post 1703 up to 2305 Windows UEFI bootloaders.
* As a result, unconditionally copying SkuSiPolicy.p7b will result in media as recent
  as Windows 11 22H2 (v1) being flagged as revoked, which we don't want to enforce as
  long as Microsoft themselves haven't entered the enforcing phase of their Black
  Lotus mitigation (currently planned for early 2024).
* Because of this, while we add some revocation detection for post 1703 bootloaders,
  we set it to only go as far as 20H1 for now, which means that all post 20H1 Windows
  10 media and all Windows 11 media will not yet be flagged by Rufus as revoked and
  will still boot in a Secure Boot environment due to lack of an SkuSiPolicy.p7b.
* Ultimately, per #2244 we may look for a BOOTMGRSECURITYVERSIONNUMBER resource to
  blanket revoke all post 1703 - pre 2305 Windows UEFI bootloaders.
* Also remove the now unused comdlg32 library from the linker.
2023-07-15 23:20:59 +02:00
Pete Batard
3329304e67
[grub] update DB for GRUB 2.12~rc1
* Also fix some Coverity warnings in stdlg.c.
2023-07-13 10:11:52 +02:00
Pete Batard
65b84ea99d
[loc] update French translation 2023-07-10 12:40:55 +02:00
Pete Batard
5191c68337
[ui] keep user preferred image type when saving drive to VHD
* Also fix a Coverity warning and use a better description for SELECT image types.
2023-07-10 11:34:50 +02:00
Pete Batard
5bbcba8534
[vhd] add write support for .vhdx and .ffu images
* Also move VHD mounting function calls from iso.c to vhd.c and remove unused VHD footer elements.
2023-07-06 19:47:26 +01:00
Pete Batard
f411d526d6
[misc] attempt to fix DLL address resolver for ARM64
* SymLoadModuleEx() on the DLL fails (with ERROR_SUCCESS, sic) on ARM64, so we have to resort
  to loading the DLL in memory and look for the "RSDS" section to access the GUID and Age.
* Except that, once you sort that, you end up with SymEnumSymbols() producing two separate
  addresses for each symbol, on account that the Windows 11 ARM64 DLLs are actually an
  unholy union of X64 and ARM64 *in the same binary*, under an abomination that Microsoft
  calls ARM64X (See https://learn.microsoft.com/en-us/windows/arm/arm64x-pe for details).
* And, of course, Microsoft did not provide any means during PDB enumeration to tell which
  address is for which arch. Especially, the bloody pSymInfo->TypeIndex, that they could
  easily have used for this, is utterly pointless as it remains set to 0...
* This means that, even after all this effort, we're still nowhere close to have a solution
  that can make DLL address resolution work on Windows 11 ARM64.
2023-07-05 22:25:25 +01:00
Pete Batard
0363bfe503
[misc] add an address resolver for internal DLL function calls
* Not sure if we'll use this to hook into FfuCaptureImage()/FfuApplyImage()/FfuMountImage()
  directly. But at least, if we ever need it, it's there...
2023-07-05 18:36:58 +01:00
Pete Batard
ef345bf106
[uefi] fix UEFI bootloader extraction when case doesn't match
* With ISO-9660 being case sensitive, we could end up in situations where trying to extract
  '/efi/boot/bootx64.efi' for revocation validation would fail if the file on the image was
  stored as '/EFI/boot/bootx64.efi' (e.g. Debian 12).
* Fox this by storing the exact UEFI bootloader path we detected during ISO scan, and using
  this path for file extraction.
* Also add a Cancel choice to the revocation dialog and harmonize whitespaces.
2023-07-04 18:05:30 +01:00
ИEØ_ΙΙØZ
bb66dfc492
[loc] update Traditional Chinese translation
* Closes #2274.
2023-07-04 13:29:27 +01:00
Pete Batard
10dbfdd7e1
[core] make sure the main partition size is aligned to the cluster size
* Having NTFS partitions properly aligned to the cluster size can drastically
  improve the speed of capturing a disk to an FFU image, as, when the size
  is aligned, the FFU capture uses the actual NTFS allocation map to only read
  and capture the clusters that are actually in use, whereas, if no aligned,
  FFU capture falls back to a sector by sector copy that is both much slower
  and also includes unwanted leftover garbage.
* Also only enable FFU when we detect FFUProvider.dll as a system library.
2023-07-04 13:26:04 +01:00
Pete Batard
0b1c68635a
[vhd] add experimental save to Full Flash Update (FFU) image support
* Full Flash Update (FFU) image support was added to dism with Windows 10 1709
  and is an alternate way to save a virtual hard disk for restoration.
* While more modern than VHD/VHDX, FFU creation only works for drives with file
  systems that Windows natively recognizes (FAT, NTFS) and that look like Windows
  installation media, so you can forget about FFU'ing a Linux disk.
* The other *intentional* drawback that Microsoft added is that they don't want
  anybody but themselves being able to create and restore FFU images, so, even
  as they have nice FfuApplyImage()/FfuCaptureImage() calls in FfuProvider.dll
  they have decided not to make these public.
* This means that, since we don't have time to spend on figuring and direct
  hooking internal DLL calls for x86_32, x86_64, ARM and ARM64 (and worrying
  that Microsoft may ever so slightly change their DLL between revs to break
  our hooks), we just call on dism.exe behind the scenes to create the FFU.
2023-07-03 23:57:04 +01:00
Pete Batard
f9370e002e
[iso] fix a crash when parsing Windows ISOs with MinGW x86_32
* MinGW32's delay loading functionality is not yet up to par with MSVC's and especially, for
  some libraries (wininet, virtdisk) attempting to delay load them simply crashes the runtime.
* This results in the MinGW32 version of the app crashing when selecting a Windows ISO, as we
  will then try to mount the ISO using virtdisk to poke the build version. Note that this crash
  does not happen with the MinGW64 version or with MSVC.
* Closes #2272.
* Also fix a Coverity warning in SaveImageThread() and improve the VHD saving code.
2023-07-02 13:15:51 +01:00
Pete Batard
d4c9f2dfa1
[vhd] enable saving device to compressed VHDX
* Now that we don't have to deal with Windows 7, we can use CreateVirtualDisk() to
  automatically dump a physical disk to VHD/VHDX, so do just that
* Also move the relevant VHD/ISO imaging call to the appropriate source.
2023-07-01 20:43:26 +01:00
Pete Batard
1476e9cd8b
[uefi] fix path of SKUSiPolicy.p7b for WOW
* 32-bit x86 running on 64-bit x86 Windows needs to get SKUSiPolicy.p7b from sysnative.
* Also fix automatic extension switching in file dialog and a small MinGW warning in Bled.
2023-07-01 20:22:10 +01:00
Pete Batard
c47ee4c435
[cmp] update Bled to latest
* Adds the provision of default buffer size in bled_init()
2023-06-30 13:05:42 +01:00
Pete Batard
c717c7789b
[cmp] further ZIP64 and overall Bled improvements
* The ZIP64 extra record may not be the first one, so add processing for all extra zip records.
* Also add extra sanity checks to try to appease Coverity and properly detect short writes.
2023-06-29 21:15:35 +01:00
Pete Batard
f233191d54
[cmp] update Bled to latest
* This adds ZIP64 support, which is required to extract zip archives that are larger than 4GB.
* Closes #2264
* Also fix a MinGW warning in pki.c and improve the UEFI revocation messages.
2023-06-28 17:40:11 +01:00
Pete Batard
52a5551749
[uefi] improve revoked UEFI bootloader reporting
* Remove duplicates from Microsoft's SKUSiPolicy.p7b
* Also display the number of revoked from embedded
* Also use Microsoft's official capitalization for SKUSiPolicy.p7b's target path
2023-06-22 11:18:49 +01:00
Pete Batard
16570f8662
[uefi] warn about revoked UEFI bootloaders when creating Windows To Go drives
* Also move the warning after the WUE dialog.
* Also work around another possible access violation in process.c.
2023-06-19 10:38:30 +02:00
Pete Batard
c59e9209eb
[uefi] factorize SkuSiPolicy.p7b copying code and apply it for Windows To Go
* Also don't forget to credit the original authors of the PowerShell gist we derived our code from!
2023-06-19 00:04:08 +02:00
Pete Batard
7eb9a6f16b
[misc] fix some benign Coverity warnings 2023-06-18 19:09:15 +02:00
Pete Batard
be5b590cfb
[uefi] add parsing and copying of the system's SkuSiPolicy.p7b
* Instead of embedding the content of the most recent revoked bootloader hashes in db.h
  we now parse the system's SkuSiPolicy.p7b to do so. This has the drawback of not alerting
  users running Rufus on systems where SkuSiPolicy.p7b is not up to date, but I believe the
  trade-off is worth it.
* We now also copy the system's SkuSiPolicy.p7b to the created media when possible (for
  Windows 10 or later), so that Microsoft's WDAC UEFI revocations can apply during boot.
2023-06-18 19:07:45 +02:00
Pete Batard
43764268de
[uefi] add detection and warning for revoked bootloaders
* Considering that alerting users to potential security breaches that may be
  exploited by boot media should also be performed by application that create
  them, we add detection for all the currently known revoked UEFI bootloaders,
  be it the ones from the official UEFI DBX as well as the ones from Windows'
  SkuSiPolicy.p7b, and warn the user when one such bootloader is detected on
  their source media.
* Note that, to actually be revoked, the bootloaders flagged through SkuSiPolicy
  require the copying of the .p7b to the boot media, which we are currently
  not enacting but will perform in a subsequent commit.
* Also fix a Coverity warning in hash.c.
2023-06-16 20:36:50 +02:00
Pete Batard
c4b1b23832
[hash] add PE256 hash functions
* Mostly copied from U-Boot's https://github.com/u-boot/u-boot/blob/master/lib/efi_loader/efi_image_loader.c
2023-06-13 17:57:34 +02:00
Pete Batard
090bfb9770
[misc] rename checksum.c to hash.c 2023-06-11 16:18:26 +01:00
Pete Batard
3e81b38c2d
[misc] try to support folks who use a symlink for their temp dir
* Microsoft's WIM mounting APIs can't use symlinked directories and
  some folks want to use a symlinked temp dir...
* Closes #2084
2023-06-05 14:08:25 +01:00
Pete Batard
71e99add76
[iso] increase ISO → ESP limit for Debian 12
* Debian 12 ARM64 netinst ISOs have doubled in size to be larger than 512 MB,
  so we need to increase MAX_ISO_TO_ESP_SIZE as a result.
* Also add extra NULL checks in process.c as some people seem to run into
  NULL deref issues.
* Also set version to rufus-next and update some URLs/text files.
2023-06-05 13:29:18 +01:00
Pete Batard
beb847511b
Rufus 4.1 (Build 2045)
* Also revert GRUB 2 core.img to vanilla 2.06, with the hope that GRUB will
  *ACTUALLY* bother to release in 2023 and we will be able to update to
  GRUB 2.12 (or whatever non-sequential version they decide to go with) to
  say a most welcome goodbye to this whole 2.06 incompatibility crap!
2023-05-31 18:24:46 +01:00
Pete Batard
30ccf24ca4
[wue] add TCGSecurityActivationDisabled when BitLocker is disabled
* Closes #2253
2023-05-30 14:42:07 +01:00
Pete Batard
109df708b4
[misc] add an exception for 23A9:EF18 UFDs
* Closes #2247
2023-05-29 18:04:42 +01:00
Pete Batard
4d89e83b5d
[ui] change the log icon to something more explicit
* Hopefully a notepad/logbook icon will be more intuitive.
* Also tweak the new message for diskcopy.dll download and add French translation.
2023-05-27 16:18:22 +01:00
Pete Batard
600b8fc787
[efi] update UEFI:NTFS's NTFS drivers to latest
* Plus small updates to .gitignore and README and update rufus-next to 4.1.
2023-05-26 12:17:52 +01:00
Pete Batard
3afa139d7a
[dos] reinstate MS-DOS boot disk creation for Windows 10 and later platforms
* The BlackLotus malware shows that it is possible to download individual
  executables and DLLs straight from Microsoft's symbol servers, so we use
  that capability to download the missing Windows 8.1 'diskcopy.dll', that
  contains the flat floppy disk image with MS-DOS files we need. See:
  https://randomascii.wordpress.com/2013/03/09/symbols-the-microsoft-way/
* Also reorder entries in the "Boot selection" dropdown.
* Also use CreateFileWithTimeout() in GetLogicalName().
2023-05-24 17:55:25 +01:00
Pete Batard
3a0f7d3813
[iso] attempt to fix the clusterfuck of GRUB 2.06 incompatible versions
* As was *ENTIRELY PREDICTIBLE*, the lack of timely releases from the GRUB
  project has resulted in distro maintainers (Ubuntu, Fedora, etc.) taking
  matters in their own hand and applying patches on top of their 2.06 version.
  However, these patches result in 2.06 bootloaders that are incompatible
  with 2.06 modules that don't have the same patches applied. Especially this
  now results in the infamous "452: out of range pointer" error message when
  using patched modules with unpatched bootloader or unpatched modules with
  patched bootloaders.
* Making this issue worse, we also have distro maintainers who won't add a
  suffix to their GRUB version, AS ONE SHOULD DO WHEN ONE APPLIES TONS OF
  PATCHES ON TOP OF A PROJECT'S SOURCE, and MISreport their non 2.06 GRUB as
  "2.06", and, because we can't detect what patches are needed from modules
  themselves (unlike what is the case for grub_debug_is_enabled), we have no
  way of telling incompatible GRUB 2.06 binaries from one another.
* As a result, we have no choice but to append a sanitized version of the ISO
  label to the GRUB version, as a means to differentiate between incompatible
  versions, and tweak our existing bootloader download mechanism to *ATTEMPT*
  to download a compatible 'core.img' from our server... where we will have
  to waste a lot of time adding new binaries and symlinks to try to make all
  these GRUB "2.06" based images work, and will probably miss quite few with
  the end results that users who are just trying to install Linux will be left
  stranded.
* Again, I have to point out how the end result of regular users wanting to
  try Linux and being unable to do so is the *DIRECT* result of the GRUB project
  maintainers having sat on a 2-year influx of CONTINUOUS patches, and thinking
  that "Release Early, Release Often" is only a gimmick, and not something that
  should apply to their project, even as they have been warned before, by yours
  truly, that *NOT* releasing on a timely basis is causing actual grievances...
  That's because, had the GRUB maintainers released on a timely basis (at least
  once a year) Fedora and Ubuntu would be using vanilla GRUB 2.07 with the memory
  patches, and we wouldn't be trying to mix that with old GRUB 2.06 binaries.
* For more on this, see #2233, noting that we will need to apply a compatibility
  breaking change during the 4.1 release, to revert the patches we applied to
  the default 2.06 'core.img' in pbatard/rufus-web@320b800592.
2023-05-16 14:05:28 +01:00
Pete Batard
23d89d9764
[misc] apply a timeout when querying drives for letters/type
* Some Windows Store reports suggest that the existing call might freeze
  on CreateFile() leading some users to kill the app. So switch to using
  a CreateFile() call that times out instead of waiting forever...
2023-05-03 16:26:54 +01:00
Pete Batard
0df68b6af9
[misc] further Windows 7 specifics removals
* Also remove some unused code in stdlg.c
* Note that virtdisk appears to be a vulnerable library, so we go
  through delay loading yet again...
2023-04-28 17:46:05 +01:00
Pete Batard
0bda98f0ed
[misc] update DB for newer GRUB core.img's
* See pbatard/rufus-web@320b800592
* Also fix © sign not displaying properly in executable details page
2023-04-28 17:34:06 +01:00
Pete Batard
0e14725de8
Rufus 4.0 (Build 2035)
* Also make sure we only upload the x86_64 MinGW binary to VirusTotal
  since the x86_32 will conflict with the MSVC one.
2023-04-26 00:00:03 +01:00
Pete Batard
18645c9e70
update internal GRUB2 bootloader for Ubuntu 23.04
* Yet another example in the long list of how not releasing your project IN A
  TIMELY MANNER is creating HUGE PROBLEMS downstream... Looking at you GRUB!!!
* Closes #2233
2023-04-25 18:18:26 +01:00
Pete Batard
e44cd90639
[loc] bring all remaining translations to latest
* Poedit Pro was used to machine-translate, and thus I make no guarantee
  of translation accuracy.
2023-04-25 13:51:49 +01:00
Abdulmajeed Almarzoqi
08ba77b0ea
[loc] update Arabic translation 2023-04-25 13:10:49 +01:00
Pete Batard
1e51385bed
[misc] revert to using the OS arch rather than app arch for the update download
* This means that someone running Rufus x64 or ARM64 should be
  proposed Rufus ARM64 rather than Rufus x64 as an upgrade.
* Also switch the BETA channel from x86 to x64.
* Also remove the _chdirU(app_dir) when using -i in commandline.
2023-04-24 20:50:53 +01:00
Pete Batard
a354178239
[cmd] fix the use of relative paths with option -i
* Closes #2232
2023-04-23 13:06:32 +01:00
Pete Batard
3177e70e25
[misc] fix CodeQL warnings 2023-04-22 16:36:27 +01:00
Pete Batard
d18260bec3
[misc] update version to 4.0
* With the removal of Windows 7 support, wrong platform archs in the check for updates
  (that has now been fixed) and switch to an x86_64 default MinGW binary, we have enough
  breaking changes to warrant a version bump for the major. So just do that.
* Also fix a couple Coverity warnings and update a URL.
2023-04-22 15:46:03 +01:00
Pete Batard
41ebb9d9ca
[iso] fix persistence support for Ubuntu 23.04
* Closes #2231
2023-04-22 12:46:45 +01:00
Pete Batard
fffd4d1160
[misc] harden usage of uprintf()
* Passing a non-formatting buffer as first parameter of uprintf() can lead
  to an exception if this buffer happens to contain a '%' character, so
  usage of uprintf() with string buffers that may contain '%' should be
  sanitized.
* Also drop the _uprintf/_uprintfs aliases as they are no longer required.
2023-04-20 17:43:24 +01:00
Pete Batard
1a3a155e8c
[dev] fix description of UAS devices
* Having Windows append "SCSI Disk Device" screws up the scoring regarding
  disks that are actually describing themselves as SCSI, so replace that
  with "UAS Device", as it should be.
* Closes #2221.
* Also fix a MinGW warning.
2023-04-19 13:38:19 +01:00