1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Commit graph

1983 commits

Author SHA1 Message Date
Pete Batard
3194a4dac4
[net] drop direct hooking into wininet DLL and use delay-loading instead
* Now that we can delay-load DLLs for both MinGW and MSVC, we can remove the
  cumbersome direct DLL hooks into wininet.dll (which is vulnerable to side
  loading when not delay-loaded) and revert to using direct API calls instead.
* This reverts part of e1d864f755.
* Also attempt to silence a Coverity warning.
2022-04-12 13:35:41 +01:00
Pete Batard
e7b66e7e4c
[mingw] use delay loading for DLLs that are subject to side loading
* This reverts much of commits f6ac559f4d and 1947266837
  so that we call the Windows APIs directly again, while ensuring that, by the time we load the DLLs,
  sideloading mitigation has already been applied by the application.
* This is a continuation of #1877, and should help prevent re-introducing side-loading issues when we
  link against new libraries, as well as allow us to drop some of the manual DLL hooking we've been
  doing to prevent it, to clean up the code.
* Note that this is a bit more complex than what the stackoverflow post suggests, because we need to
  create delayloaded libs for both 32-bit and 64-bit, which use a different calling convention and
  therefore need to use different .def files. So there's a lot of gymkhana involved, with Makefiles
  and whatnot, to get us there.
* Also simplify the use of CM_Get_DevNode_Registry_PropertyA() in dev.c since recent versions of
  MinGW now have support for it.
* Also fix 2 small issues in net.c (potential overflow) and format.c (memory leak).
2022-04-12 11:09:59 +01:00
Pete Batard
3528ca773d
[iso] add support for distros using a NONSTANDARD GRUB 2.0 prefix directory
* Looking at you, openSUSE Live and GeckoLinux!
2022-04-07 01:58:22 +01:00
Pete Batard
f669f05403
[iso] add ISOHybrid "CD" partition and ISO9660 file system detection
* Notably for openSUSE-Leap-15.3-XFCE-Live-x86_64-Build9.427-Media.iso
2022-04-05 18:31:03 +01:00
Dinis Medeiros
50d81af6cf
[loc] update Portuguese translation
* Add MSG_322, 323, 324
* Closes #1886
2022-04-01 13:03:59 +01:00
Pete Batard
8ec570570f
[core] reassign a letter for drives written in DD mode that don't have an ESP
* This should help with the CoreELEC usage case described in #1842
* Also add MBR handling for ESP ↔ FAT cheat mode (Alt-P)
* Also set rufus-next to 3.19
2022-03-24 17:24:39 +00:00
Pete Batard
0de209ee53
v3.18 (Build 1877)
* Formally disable Windows 11 bypass for Windows 7 and AppStore version since it can't be applied.
2022-03-11 16:51:59 +00:00
Pete Batard
1947266837
[pki] don't link with wintrust.lib
* WinTrust.lib is responsible for the MSASN1.dll sideloading issue described in #1877,
  so, since we only use it for WinVerifyTrustEx(), hook into that function manually.
* Closes #1877 for the MinGW side.
* Note that we will probably try to use the method suggested by @assarbad and documented at
  https://stackoverflow.com/questions/1851267/mingw-gcc-delay-loaded-dll-equivalent/70416894#70416894
  to try to put an end to the problem of DLL side loading.
2022-03-03 17:41:43 +00:00
Pete Batard
d07ec87b3a
[mingw] fix compilation breakage due to MinGW header screwup
* See https://github.com/pbatard/rufus/actions/runs/1900092904
* Guys, I know VDS is fundamentally broken... but that's no reason to break it further!
2022-02-28 22:00:41 +00:00
Pete Batard
cef651c52c
[msvc] actually apply DLL delay loading to the Release builds
* ef2ff7179d was supposed to apply delay loading to our DLLs, for all MSVC builds,
  thereby preventing sideloading attacks, but the patch actually only set the DelayLoadDLLs
  property for Debug builds and not Release builds, with the result that side loading could
  still be triggered for the Release executables, as demonstrated in #1877.
* This patch therefore properly sets the DelayLoadDLLs for all builds, which should take care
  of the side loading vulnerability at least for MSVC executables.
* A subsequent patch will still be needed for MinGW, since there is no equivalent to DelayLoadDLLs.
* This addresses part of #1877.
2022-02-25 18:05:49 +00:00
Pete Batard
42483d23ed
[dos] update FreeDOS to version 1.3
* FreeDOS 1.3 has just been released. Yay! :)
* Closes #1740
* Also addresses 2 warnings reported by Coverity.
2022-02-21 20:02:53 +00:00
Pete Batard
89db56acbc
[net] add fallback to InternetGetConnectedState() when INetworkListManager service dependencies are missing
* INetworkListManager appears to depend on specific services to be able to work,
  which one can actually disable while still getting full Internet connectivity.
* If that is the case, HRESULT_FROM_WIN32(ERROR_SERVICE_DEPENDENCY_FAIL) will be
  returned, therefore we add a fallback to using InternetGetConnectedState(), which
  does not have such dependencies (but has other limitations per b2492908be)
  when we detect a dependency error.
* Also take this opportunity to switch to using INetworkListManager::get_IsConnectedToInternet().
* Also fix Coverity breakage due to Synopsys having upgraded their toolchain.
* Closes #1801
2022-02-18 17:18:34 +00:00
Pete Batard
209fb18b1c
[iso] add bypass of Windows 11 restrictions for in-place upgrades 2022-02-16 17:25:43 +00:00
Matthias Kruk
23e79ad907
[iso] add Miracle Linux 8 to the list of Red Hat exceptions
* MIRACLE LINUX is a Red Hat derivative, so it needs the same special
  treatment as Red Hat, CentOS, etc to work around issues in anaconda.
* This commit adds MIRACLE LINUX to the list of Red Hat derivatives.
* Closes #1866
2022-02-11 18:47:41 +00:00
Tatsuhito KATO
108424ecf4
[loc] update Japanese translation
* Closes #1863
2022-02-11 18:44:46 +00:00
Pete Batard
4223fe9681
[misc] fix inverted memset() parameters
* Also fix artifact name for VS2022 builds.
2022-02-11 18:42:38 +00:00
Pete Batard
ebaa7d561a
[core] add file System detection from superblock
* Also prevent GitHub Actions from failing on VirusTotal upload
2022-02-04 17:41:44 +00:00
Pete Batard
036f6260c5
[ui] fix regression in conditional expression and use %c always
* This fixes the regression introduced in c28f9bc491.
* 'if ((a && !b) || (!a && b))' can not always be simplified as 'if (a != b)' when the types for 'a' and 'b' are not straight booleans.
* Closes #1862
* Also drop the use of '%C' in printf() expression, as it is intended to print wide characters and not turn a char to uppercase.
2022-01-31 16:55:42 +00:00
Csizmadia Gábor
891eb45549
[loc] update Hungarian translation to latest 2022-01-25 09:39:44 +01:00
SiderealArt
2e19b4958b
[loc] update Chinese Traditional translation
* Closes #1849
2022-01-20 16:10:01 +01:00
Pete Batard
00a802ca1d
[iso] fix ISO→ESP creation for Windows 11
* In their great "wisdom", Microsoft made it even harder to access ESPs on Windows 11,
  meaning that we have to use even more convoluted ways of providing the ISO→ESP feature.
* Closes #1855
2022-01-20 15:24:35 +01:00
Pete Batard
14847a1a89
[misc] update copyright year
* Also update signing certificate hash
2022-01-09 15:02:50 +00:00
Pete Batard
a47072c3c6
[ui] produce a more explicit error message when an image can't be opened/read
* Closes #1843
* Also publish Coverity artifacts since upload to Coverity seems to be broken atm.
2022-01-07 13:27:15 +00:00
Jeon Hyun-seok
52d05aa228
[loc] update Korean translation 2022-01-07 12:27:41 +00:00
marcellogianola
7fa83aa479
[loc] update Italian translation
* Closes #1841
2022-01-05 18:37:47 +00:00
Austin Wise
ef2ff7179d
[msvc] add provision to prevent DLL search order hijacking through delay loading
* Hypothetically if the user's current directory contains a malicious DLL that DLL
  could be loaded instead of the one in System32.
* Whereas the previous patch should have taken care of the one DLL referenced by
  Rufus that may be vulnerable to this attack (version.dll), we nonetheless add
  delay loading for all the libraries we reference as a precautionary measure.
* One can confirm that this works by using dumpbin.exe /IMPORTS to make sure
  a specific DLL is delay loaded. Then putting a breakpoint in the delay load
  hook should also confirm that the hook is used.
* Closes #1838
2022-01-05 18:33:59 +00:00
Pete Batard
f6ac559f4d
[iso] don't link with version.lib to prevent DLL sideloading issues
* This is part of #1838, where we need to sort the version.dll sideloading problem for MinGW.
* A subsequent patch will be applied to MSVC, to more generally delay the loading of DLLs.
* Also fix a typo with an assert expression.
2022-01-05 16:49:06 +00:00
Pete Batard
e495c691ea
[misc] fix GitHub Actions' MinGW compilation 2022-01-05 12:51:29 +00:00
Pete Batard
c28f9bc491
[misc] fix PVS-Studio warnings 2022-01-05 12:57:26 +01:00
Pete Batard
eeca1f279c
[iso] add 'inst.repo' Red-Hat workaround for CentOS Stream
* Since CentOS Stream does not use the 'CentOS-8.*' labelling scheme.
* This is a follow up to #1777.
* Also fix Windows Kit location for signing scripts.
2021-11-22 20:11:47 +00:00
Dimitri Papadopoulos
d840083a32
[misc] fix typos found by codespell
* 3rd party software was left out.
* Most changes are in code comments, but one user-visible string has also been fixed.
* Closes #1817
2021-11-16 18:53:52 +00:00
marcellogianola
5030c1520d
[loc] fix typos in Italian translation
* Closes #1813
2021-11-16 18:48:48 +00:00
Pete Batard
9692e6709d
[misc] forget CodeQL until they fix VS2022 support
* I don't have time for this bullshit. Of course the irony is that a Microsoft product (CodeQL)
  hosted on a Microsoft platform (GitHub) hasn't been updated to work with the latest Microsoft
  compiler (VS2022).
* Also removed the stuff CodeQL complains about and updated README badges.
2021-11-16 18:44:43 +00:00
Pete Batard
f5072e45de
[misc] update solution to VS2022
* Also fix a possible mishandling of compounded strings in safe string macros
2021-11-16 17:50:20 +00:00
Mihai-Octavian STRĂUȚ
1de1c2a94a
[loc] update Romanian translation to latest 2021-11-13 11:41:31 +00:00
Pete Batard
3aac3f5583
[misc] improve Windows edition reporting
* Closes #1808
* Also update rufus-next to 3.18
2021-10-27 09:51:28 +01:00
Pete Batard
ca4e009ffc
[appstore] revert to using a script to build AppStore bundle
* Having two separate Visual Studio solution files, while more convenient, was a major
  pain in the ass and it also required us to update versioning in the .appxmanifest for
  each commit.
* Also, this new AppStore build process enables us to use the GitHub Actions executables
  to further foster the complete transparency of our build process.
2021-10-27 09:47:27 +01:00
Pete Batard
d5dc8ee5e7
v3.17 (Build 1845)
* Also update README.md
2021-10-23 15:40:06 +01:00
Pete Batard
a519e3b03b
[misc] fix console hogger not being deleted on exit
* Also update hash DB and readme for latest Grub4DOS
2021-10-23 15:14:46 +01:00
marcellogianola
c516c1e38b
[loc] update Italian translation
* Fix typo and upper case to lower case
* Closes #1800
2021-10-23 13:10:44 +01:00
Pete Batard
b39e2f8615
[misc] improve GetLibraryHandle() fallback
* This is a follow up to 1c2884ceba where the error code returned by Windows 7 platforms
  that don't have KB2533623 is expected to be ERROR_INVALID_PARAMETER rather than ERROR_PROC_NOT_FOUND.
* Also update the Windows 11 'Extended' installation mode translations.
2021-10-23 13:08:13 +01:00
Pete Batard
b30e3b387a
[efi] update UEFI:NTFS to latest
* Also remove Secure Boot notice since (outside of 32-bit ARM and exFAT)
  our bootloaders and NTFS drivers are now Secure Boot signed.
2021-10-23 02:49:15 +01:00
Pete Batard
05382d8c7d
[core] ReFS improvements
* Allow 4K/64K cluster size selection
* Only enable ReFS on relevant platforms
* Also recognize a few more Windows editions
2021-10-21 02:02:17 +01:00
Pete Batard
32b083e535
[misc] improve path display for Sylinux/GRUB resources 2021-10-21 01:59:03 +01:00
Pete Batard
1c2884ceba
[misc] fallback to using LoadLibrary() when LoadLibraryEx() fails or doesn't apply
* Per 2a3e82fa96, it looks like some Windows 7 system have trouble with
  LoadLibraryEx() if they don't have KB2533623 installed (which fixes a MAJOR Windows
  vulnerability. Some people sure want to leave their system open to hackers...).
* Work around this by adding a fallback to LoadLibrary() in GetLibraryHandle()
* Also switch to using GetLibraryHandle() in dos.c and using LoadLibrary() in sections
  where we have the full path (since these calls are not vulnerable).
2021-10-18 13:15:41 +01:00
Pete Batard
d8a2c29a67
[core] fix MBR cleanup regression
* Commit 9dc045a701 introduced a regression on account that we didn't set the
  file pointer to 0 before clearing the disk.
* This leads to the MBR not being properly cleared, with the result that Windows may in turn
  produce errors when trying to repartition the disk.
* Fix this by making sure we do invoke SetFilePointerEx() before calling WriteFileWithRetry().
* Also set rufus-next to 3.17
* Also fix a MinGW warning
2021-10-17 13:35:31 +01:00
Pete Batard
0b618f3de7
[misc] misc improvements and fixes
* Remove BypassRAMCheck from Extended Windows 11 installation since the minimum
  RAM requirements for Windows 11 are 4 GB and not 8 GB as pointed out in #1791.
* Display Windows edition code when we can't resolve it.
* VS2019 wants us to have PackageOptionalProjectsInIdeBuilds enabled? So be it.
2021-10-15 13:13:36 +01:00
Pete Batard
8a09b9b9fc
v3.16 (build 1836)
* Also update French translation to latest
2021-10-13 12:22:04 +01:00
Pete Batard
56a99e6394
[misc] use application dir for storage in portable mode
* Also improve path reporting in the log.
* Also fix MinGW warnings
2021-10-11 20:11:06 +01:00
Pete Batard
9cd7adaaaa
[iso] finalize workaround for Red Hat 8 derivatives
* See #1777
2021-10-11 17:55:46 +01:00