VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2020-01-22 18:08:09 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2020-01-22 18:20:35 +0100
commit11aa708076910d5aaf187eecc4e33ea207155b12 (patch)
tree0ec4bf0de53465a2791d1d3bf48defa2bda42077
parent3874e9af97427c42aa0a789a3e75c6f841cd14e4 (diff)
downloadVeraCrypt-11aa708076910d5aaf187eecc4e33ea207155b12.tar.gz
VeraCrypt-11aa708076910d5aaf187eecc4e33ea207155b12.zip
Windows: use fix for CVE-2019-19501 only when process elevated otherwise it will not add any benefit compared to standard ShellExecute while at the same time potentially causing issue when opening links.
-rw-r--r--src/Common/Dlgcode.c23
1 files changed, 22 insertions, 1 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 261ec33e..7640b59e 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -14243,12 +14243,33 @@ cleanup:
return retval;
}
+// This function checks if the process is running with elevated privileges or not
+BOOL IsElevated()
+{
+ DWORD dwSize = 0;
+ HANDLE hToken = NULL;
+ TOKEN_ELEVATION tokenInformation;
+ BOOL bReturn = FALSE;
+
+ if(OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
+ {
+ if(GetTokenInformation(hToken, TokenElevation, &tokenInformation, sizeof(TOKEN_ELEVATION), &dwSize))
+ {
+ if (tokenInformation.TokenIsElevated)
+ bReturn = TRUE;
+ }
+
+ CloseHandle(hToken);
+ }
+ return bReturn;
+}
+
// This function always loads a URL in a non-privileged mode
// If current process has admin privileges, we execute the command "rundll32 url.dll,FileProtocolHandler URL" as non-elevated
// Use this security mechanism only starting from Windows Vista
void SafeOpenURL (LPCWSTR szUrl)
{
- if (IsAdmin () && IsOSAtLeast (WIN_VISTA))
+ if (IsOSAtLeast (WIN_VISTA) && IsAdmin () && IsElevated())
{
WCHAR szRunDllPath[TC_MAX_PATH];
WCHAR szUrlDllPath[TC_MAX_PATH];