Skip to content

Commit

Permalink
Merge pull request #3693 from love-code-yeyixiao/master
Browse files Browse the repository at this point in the history 
Add“Prevent the program from getting the image of  un-sandboxed  windows” function
  • Loading branch information
@DavidXanatos
DavidXanatos authored Mar 16, 2024
2 parents b53d27a + 519fb18 commit 6813051
Show file tree
Hide file tree
Showing 8 changed files with 581 additions and 203 deletions.
282 changes: 228 additions & 54 deletions Sandboxie/core/dll/gdi.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ static ULONG_PTR Gdi_GdiDllInitialize_Common(

#ifndef _WIN64

static HDC Gdi_CreateDCW(
static HDC Gdi_CreateDCW2(
void *lpszDriver, void *lpszDevice, void *lpszOutput, void *lpInitData);

#endif ! _WIN64
Expand Down Expand Up @@ -78,6 +78,8 @@ static int Gdi_EnumFontFamiliesExW(

static HGDIOBJ Gdi_GetStockObject(int fnObject);



//---------------------------------------------------------------------------

#ifndef _WIN64
Expand All @@ -92,9 +94,12 @@ static BOOL Gdi_ClosePrinter(HANDLE hPrinter);
//---------------------------------------------------------------------------


typedef HDC (*P_CreateDCW)(
void *lpszDriver, void *lpszDevice, void *lpszOutput, void *lpInitData);
//typedef HDC (*P_CreateDCW)(
// void *lpszDriver, void *lpszDevice, void *lpszOutput, void *lpInitData);
typedef HDC(*P_CreateDCA)(LPCSTR pwszDriver, LPCSTR pwszDevice, LPCSTR pszPort, const void* pdm);

typedef HDC(*P_CreateDCW)(LPCWSTR pwszDriver, LPCWSTR pwszDevice, LPCWSTR pszPort, const void* pdm);
extern P_CreateDCW __sys_CreateDCW;
typedef ULONG (*P_GdiAddFontResourceW)(
const WCHAR *path, ULONG flags, void *reserved);

Expand Down Expand Up @@ -144,6 +149,11 @@ P_GetBitmapBits __sys_GetBitmapBits = NULL;
P_DeleteObject __sys_DeleteObject = NULL;
P_DeleteEnhMetaFile __sys_DeleteEnhMetaFile = NULL;
P_GetStockObject __sys_GetStockObject = NULL;
P_CreateDCA __sys_CreateDCA=NULL;
P_DeleteDC __sys_DeleteDC = NULL;
P_BitBlt __sys_BitBlt = NULL;
P_StretchBlt __sys_StretchBlt = NULL;
P_TransparentBlt __sys_TransparentBlt = NULL;

//---------------------------------------------------------------------------

Expand Down Expand Up @@ -263,38 +273,96 @@ _FX ULONG_PTR Gdi_GdiDllInitialize_Common(
return rc;
}

//---------------------------------------------------------------------------
// Gui_BitBlt
// --------------------------------------------------------------------------
_FX BOOL Gui_DeleteDC(HDC hdc) {
return __sys_DeleteDC(hdc);
}


_FX BOOL Gui_BitBlt(
HDC hdc,
int x,
int y,
int cx,
int cy,
HDC hdcSrc,
int x1,
int y1,
DWORD rop
) {
int ret = __sys_BitBlt(hdc, x, y, cx, cy, hdcSrc, x1, y1, rop);
/*if (SbieApi_QueryConfBool(NULL, L"IsBlockCapture", FALSE)) {
typedef int (*P_GetDeviceCaps)(_In_opt_ HDC hdc, _In_ int index);
P_GetDeviceCaps GetDeviceCaps = Ldr_GetProcAddrNew(DllName_gdi32, "GetDeviceCaps", "GetDeviceCaps"); if (!GetDeviceCaps) return ret;
int iWidth = GetDeviceCaps(hdc, HORZRES), iHeight = GetDeviceCaps(hdc, VERTRES);
int iWidth2 = GetDeviceCaps(__sys_GetDC(NULL), HORZRES), iHeight2 = GetDeviceCaps(__sys_GetDC(NULL), VERTRES);
if (iWidth == iWidth2 && iHeight == iHeight2) {
__sys_BitBlt(__sys_GetDC(NULL), x, y, cx, cy, hdcSrc, x1, y1, rop);
}
}*/
return ret;
}

_FX BOOL Gui_StretchBlt(
HDC hdcDest,
int xDest,
int yDest,
int wDest,
int hDest,
HDC hdcSrc,
int xSrc,
int ySrc,
int wSrc,
int hSrc,
DWORD rop
)
{
int ret = __sys_StretchBlt(hdcDest, xDest, yDest, wDest, hDest, hdcSrc, xSrc, ySrc, wSrc, hSrc, rop);
/*if (SbieApi_QueryConfBool(NULL, L"IsBlockCapture", FALSE)) {
typedef int (*P_GetDeviceCaps)(_In_opt_ HDC hdc, _In_ int index);
P_GetDeviceCaps GetDeviceCaps = Ldr_GetProcAddrNew(DllName_gdi32, "GetDeviceCaps", "GetDeviceCaps"); if (!GetDeviceCaps) return ret;
int iWidth = GetDeviceCaps(hdcDest, HORZRES), iHeight = GetDeviceCaps(hdcDest, VERTRES);
int iWidth2 = GetDeviceCaps(__sys_GetDC(NULL), HORZRES), iHeight2 = GetDeviceCaps(__sys_GetDC(NULL), VERTRES);
if (iWidth == iWidth2 && iHeight == iHeight2) {
__sys_StretchBlt(__sys_GetDC(NULL), xDest, yDest, wDest, hDest, hdcSrc, xSrc, ySrc, wSrc, hSrc, rop);
}
}*/
return ret;
}
//---------------------------------------------------------------------------
// Gdi_SplWow64
//---------------------------------------------------------------------------


_FX void Gdi_SplWow64(BOOLEAN Register)
{
//
// see GuiServer::SplWow64Slave
//
//
// see GuiServer::SplWow64Slave
//

// NoSbieDesk BEGIN
if (Dll_CompartmentMode || SbieApi_QueryConfBool(NULL, L"NoSandboxieDesktop", FALSE))
return;
// NoSbieDesk BEGIN
if (Dll_CompartmentMode || SbieApi_QueryConfBool(NULL, L"NoSandboxieDesktop", FALSE))
return;
// NoSbieDesk END

GUI_SPLWOW64_REQ req;
void *rpl;
GUI_SPLWOW64_REQ req;
void* rpl;

if (Register) {
if (Register) {

if (Ldr_BoxedImage || _wcsicmp(Dll_ImageName, L"splwow64.exe") != 0)
return;
}
if (Ldr_BoxedImage || _wcsicmp(Dll_ImageName, L"splwow64.exe") != 0)
return;
}

req.msgid = GUI_SPLWOW64;
req.set = Register;
req.win8 = (Dll_OsBuild >= 8400) ? TRUE : FALSE;
rpl = Gui_CallProxy(&req, sizeof(req), sizeof(ULONG));
if (rpl)
Dll_Free(rpl);
req.msgid = GUI_SPLWOW64;
req.set = Register;
req.win8 = (Dll_OsBuild >= 8400) ? TRUE : FALSE;
rpl = Gui_CallProxy(&req, sizeof(req), sizeof(ULONG));
if (rpl)
Dll_Free(rpl);

}

Expand All @@ -306,53 +374,136 @@ _FX void Gdi_SplWow64(BOOLEAN Register)

#ifndef _WIN64

_FX HDC Gdi_CreateDCW(
void *lpszDriver, void *lpszDevice, void *lpszOutput, void *lpInitData)
_FX HDC Gdi_CreateDCW2(
void* lpszDriver, void* lpszDevice, void* lpszOutput, void* lpInitData)
{
//
// on 64-bit Windows 8, some 32-bit programs (Notepad, Chrome) cannot
// create a printer DC (via WINSPOOL) if an instance of SplWow64.exe
// has been terminated, since the last time that 32-bit process has
// connected to SplWow64.exe. the reason for this is not clear, but
// it seems a possible workaround is to try recreating the DC several
// times, until the CreateDC call finally works.
//
//
// on 64-bit Windows 8, some 32-bit programs (Notepad, Chrome) cannot
// create a printer DC (via WINSPOOL) if an instance of SplWow64.exe
// has been terminated, since the last time that 32-bit process has
// connected to SplWow64.exe. the reason for this is not clear, but
// it seems a possible workaround is to try recreating the DC several
// times, until the CreateDC call finally works.
//

HDC hdc = __sys_CreateDCW(
lpszDriver, lpszDevice, lpszOutput, lpInitData);
HDC hdc = __sys_CreateDCW(
lpszDriver, lpszDevice, lpszOutput, lpInitData);

if ((! hdc) && lpszDriver && _wcsicmp(lpszDriver, L"WINSPOOL") == 0) {
if ((!hdc) && lpszDriver && _wcsicmp(lpszDriver, L"WINSPOOL") == 0) {

P_DocumentProperties __sys_DocumentProperties =
Ldr_GetProcAddrNew(L"winspool.drv", L"DocumentPropertiesW","DocumentPropertiesW");
P_DocumentProperties __sys_DocumentProperties =
Ldr_GetProcAddrNew(L"winspool.drv", L"DocumentPropertiesW", "DocumentPropertiesW");

ULONG retry = 0;
ULONG retry = 0;

while (__sys_DocumentProperties && (! hdc) && (retry < 20)) {
while (__sys_DocumentProperties && (!hdc) && (retry < 20)) {

HANDLE hPrinter;
HANDLE hPrinter;

Sleep(retry * 25);
Sleep(retry * 25);

if (! __sys_OpenPrinter2W(lpInitData, &hPrinter, NULL, NULL))
break;
if (!__sys_OpenPrinter2W(lpInitData, &hPrinter, NULL, NULL))
break;

__sys_DocumentProperties(
NULL, hPrinter, lpInitData, NULL, NULL, 0);
__sys_DocumentProperties(
NULL, hPrinter, lpInitData, NULL, NULL, 0);

hdc = __sys_CreateDCW(
lpszDriver, lpszDevice, lpszOutput, lpInitData);
hdc = __sys_CreateDCW(
lpszDriver, lpszDevice, lpszOutput, lpInitData);

__sys_ClosePrinter(hPrinter);
__sys_ClosePrinter(hPrinter);

retry++;
}
}
retry++;
}
}

return hdc;
return hdc;
}

#endif ! _WIN64
HBITMAP bmp2 = NULL;
_FX HDC Gui_CreateDCA(LPCSTR pwszDriver, LPCSTR pwszDevice, LPCSTR pszPort, const void* pdm) {
HDC ret = __sys_CreateDCA(pwszDriver, pwszDevice, pszPort, pdm);

if (SbieApi_QueryConfBool(NULL, L"IsBlockCapture", FALSE)) {

if (pwszDevice == NULL && strcmp(pwszDriver, "DISPLAY") == 0) {

typedef HDC(*P_CreateCompatibleDC)(HDC hdc);
//typedef BOOL(*P_DeleteDC)(HDC hdc);
GET_WIN_API(CreateCompatibleDC, DllName_gdi32);
typedef HBITMAP (*P_CreateCompatibleBitmap)(_In_ HDC hdc, _In_ int cx, _In_ int cy);
GET_WIN_API(CreateCompatibleBitmap, DllName_gdi32);
GET_WIN_API(DeleteDC, DllName_gdi32);

typedef HGDIOBJ(*P_SelectObject)(_In_ HDC hdc, _In_ HGDIOBJ h);
GET_WIN_API(SelectObject, DllName_gdi32);
typedef int (*P_GetDeviceCaps)(_In_opt_ HDC hdc, _In_ int index);
GET_WIN_API(GetDeviceCaps, DllName_gdi32);

int iWidth, iHeight;

HDC ret2 = CreateCompatibleDC(ret);
iWidth = GetDeviceCaps(ret, HORZRES);
iHeight = GetDeviceCaps(ret, VERTRES);
HBITMAP hBmp;
if (bmp2 == NULL)
bmp2 = CreateCompatibleBitmap(ret2, iWidth, iHeight);
hBmp = bmp2;
SelectObject(ret2, hBmp);
DeleteDC(ret);
ret = ret2;
}
}
return ret;
}
_FX HDC Gui_CreateDCW(LPCWSTR pwszDriver, LPCWSTR pwszDevice, LPCWSTR pszPort, const void* pdm) {
void* pdm2=NULL;
memcpy(pdm2, pdm, sizeof(pdm));
#ifdef _WIN64
HDC ret = __sys_CreateDCW(pwszDriver, pwszDevice, pszPort, pdm);
#else
HDC ret = Gdi_CreateDCW2((void*)pwszDriver, (void*)pwszDevice, (void*)pszPort, pdm2);
#endif // _WIN64




if (SbieApi_QueryConfBool(NULL, L"IsBlockCapture", FALSE)) {

if (pwszDevice == NULL && lstrcmp(pwszDriver, L"DISPLAY") == 0) {

typedef HDC(*P_CreateCompatibleDC)(HDC hdc);
//typedef BOOL(*P_DeleteDC)(HDC hdc);
GET_WIN_API(CreateCompatibleDC, DllName_gdi32);
typedef HBITMAP(*P_CreateCompatibleBitmap)(_In_ HDC hdc, _In_ int cx, _In_ int cy);
GET_WIN_API(CreateCompatibleBitmap, DllName_gdi32);
GET_WIN_API(DeleteDC, DllName_gdi32);

typedef HGDIOBJ(*P_SelectObject)(_In_ HDC hdc, _In_ HGDIOBJ h);
GET_WIN_API(SelectObject, DllName_gdi32);
typedef int (*P_GetDeviceCaps)(_In_opt_ HDC hdc, _In_ int index);
GET_WIN_API(GetDeviceCaps, DllName_gdi32);
int iWidth, iHeight;

HDC ret2 = CreateCompatibleDC(ret);
iWidth = GetDeviceCaps(ret, HORZRES);
iHeight = GetDeviceCaps(ret, VERTRES);
HBITMAP hBmp;
if (bmp2 == NULL)
bmp2 = CreateCompatibleBitmap(ret2, iWidth, iHeight);
hBmp = bmp2;
SelectObject(ret2, hBmp);
DeleteDC(ret);
ret = ret2;
}
}
return ret;
}






//---------------------------------------------------------------------------
Expand Down Expand Up @@ -786,6 +937,10 @@ _FX BOOLEAN Gdi_Full_Init_impl(HMODULE module, BOOLEAN full)
P_RemoveFontResourceExW RemoveFontResourceExW;
P_GetFontResourceInfoW GetFontResourceInfoW;
P_CreateScalableFontResourceW CreateScalableFontResourceW;
P_BitBlt BitBlt;
P_StretchBlt StretchBlt;
P_CreateDCA CreateDCA;
P_DeleteDC DeleteDC;

P_EnumFontFamiliesEx EnumFontFamiliesExA;
P_EnumFontFamiliesEx EnumFontFamiliesExW;
Expand All @@ -811,6 +966,18 @@ _FX BOOLEAN Gdi_Full_Init_impl(HMODULE module, BOOLEAN full)
GetFontResourceInfoW = (P_GetFontResourceInfoW)
GetProcAddress(module, "GetFontResourceInfoW");

CreateDCA = (P_CreateDCA)
GetProcAddress(module, "CreateDCA");

BitBlt = (P_BitBlt)
GetProcAddress(module, "BitBlt");

StretchBlt = (P_StretchBlt)
GetProcAddress(module, "StretchBlt");

DeleteDC = (P_DeleteDC)
GetProcAddress(module, "DeleteDC");

if (full) {
CreateScalableFontResourceW = (P_CreateScalableFontResourceW)
GetProcAddress(module, "CreateScalableFontResourceWImpl");
Expand All @@ -820,18 +987,25 @@ _FX BOOLEAN Gdi_Full_Init_impl(HMODULE module, BOOLEAN full)
GetProcAddress(module, "CreateScalableFontResourceW");
}

#ifndef _WIN64
/*#ifndef _WIN64
if (Dll_OsBuild >= 8400) {
SBIEDLL_HOOK(Gdi_, CreateDCW);
}
#endif ! _WIN64
#endif ! _WIN64*/

SBIEDLL_HOOK(Gdi_, GdiAddFontResourceW);

SBIEDLL_HOOK(Gdi_, RemoveFontResourceExW);

//SBIEDLL_HOOK(Gui_,DeleteDC);
//SBIEDLL_HOOK(Gui_,BitBlt);
//SBIEDLL_HOOK(Gui_,StretchBlt);
//SBIEDLL_HOOK_GUI(TransparentBlt);
SBIEDLL_HOOK(Gui_,CreateDCA);
SBIEDLL_HOOK(Gui_,CreateDCW);

if (GetFontResourceInfoW) {
SBIEDLL_HOOK(Gdi_, GetFontResourceInfoW);
}
Expand Down
Loading

0 comments on commit 6813051

Please sign in to comment.