VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Driver/DriveFilter.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-05-14 21:10:38 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-05-14 22:02:38 (GMT)
commite95c075f0cce01afa3b0367b2345b81a6a16cc5c (patch)
tree87f12536420972fb37bc9f3954ce0bdbebc8782b /src/Driver/DriveFilter.c
parent4a5154e750fe5f5d764664328dd15c2deafa57b1 (diff)
downloadVeraCrypt-e95c075f0cce01afa3b0367b2345b81a6a16cc5c.zip
VeraCrypt-e95c075f0cce01afa3b0367b2345b81a6a16cc5c.tar.gz
Windows driver: avoid race condition by using IoAttachDeviceToDeviceStackSafe instead IoAttachDeviceToDeviceStack. Set BootArgs.CryptoInfoLength to 0 after clearing boot memory.
Diffstat (limited to 'src/Driver/DriveFilter.c')
-rw-r--r--src/Driver/DriveFilter.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index 73a1a53..8bf953a 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -155,7 +155,12 @@ NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo)
Extension = (DriveFilterExtension *) filterDeviceObject->DeviceExtension;
memset (Extension, 0, sizeof (DriveFilterExtension));
- Extension->LowerDeviceObject = IoAttachDeviceToDeviceStack (filterDeviceObject, pdo); // IoAttachDeviceToDeviceStackSafe() is not required in AddDevice routine and is also unavailable on Windows 2000 SP4
+ status = IoAttachDeviceToDeviceStackSafe (filterDeviceObject, pdo, &(Extension->LowerDeviceObject));
+ if (!NT_SUCCESS (status))
+ {
+ goto err;
+ }
+
if (!Extension->LowerDeviceObject)
{
status = STATUS_DEVICE_REMOVED;
@@ -276,6 +281,9 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
PHYSICAL_ADDRESS cryptoInfoAddress;
cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset;
+#ifdef DEBUG
+ Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
+#endif
mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached);
if (mappedCryptoInfo)
{
@@ -336,13 +344,9 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
// Erase boot loader scheduled keys
if (mappedCryptoInfo)
{
-#ifdef DEBUG
- PHYSICAL_ADDRESS cryptoInfoAddress;
- cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset;
- Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
-#endif
burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ BootArgs.CryptoInfoLength = 0;
}
BootDriveFilterExtension = Extension;