Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

In Application Compartment Box,There is a bug in file redirection,CreateDirectory Fail #3637

Closed
pangshangji opened this issue Feb 23, 2024 · 0 comments
Closed

In Application Compartment Box,There is a bug in file redirection,CreateDirectory Fail #3637

pangshangji opened this issue Feb 23, 2024 · 0 comments
Labels
Confirmation pending Further confirmation is requested fixed in next build Fixed in the next Sandboxie version Green box Application compartment sandboxes

Comments

@pangshangji
Copy link

Describe what you noticed and did

  1. Create a Application compartment Box
  2. Complie Poc code,run exe
  3. CreateDirectory Fail, error code 2
    Poc code:
    HANDLE file = CreateFileW(L"\\.\FltMgr", 0xC0000000, 3u, 0i64, 3u, 0x80u, 0i64);
    printf("File %p\n", file);
    BOOL create = CreateDirectory(L"C:\123", 0);
    printf("CreateDirectory ret:%d error:%d\n", create, GetLastError());

Root Cause:
while invoke createfile L"\\.\FltMgr",in file.c, the File_NtCreateFileImpl function has a special code path that will directly return, but the variable file_NtCreateFile_lock is not set to false, next CreateDirectory, because file_NtCreateFile_lock is true, so will invoke __sys_NtCreateFile directly and ret.

How often did you encounter it so far?

every

Expected behavior

I hope to create a directory in the sandbox

Affected program

Not relevant

Download link

Not relevant

Where is the program located?

Not relevant to my request.

Did the program or any related process close unexpectedly?

No, not at all.

Crash dump

No response

What version of Sandboxie are you running now?

Sandboxie Plus 1.12.9 64-bit

Is it a new installation of Sandboxie?

I recently did a new clean installation.

Is it a regression from previous versions?

No response

In which sandbox type you have this problem?

In an Application Compartment sandbox with no isolation (green sandbox icon).

Can you reproduce this problem on a new empty sandbox?

I can confirm it also on a new empty sandbox.

What is your Windows edition and version?

Windows 10 22H2 64-bit

In which Windows account you have this problem?

A local account (Administrator).

Please mention any installed security software

no

Did you previously enable some security policy settings outside Sandboxie?

No response

Trace log

No response

Sandboxie.ini configuration

No response
@pangshangji pangshangji added the Confirmation pending Further confirmation is requested label Feb 23, 2024
@DavidXanatos DavidXanatos added the fixed in next build Fixed in the next Sandboxie version label Feb 23, 2024
@isaak654 isaak654 added the Green box Application compartment sandboxes label Feb 24, 2024
isaak654 referenced this issue Feb 26, 2024
@DavidXanatos
1.13.1
c64fa1c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Confirmation pending Further confirmation is requested fixed in next build Fixed in the next Sandboxie version Green box Application compartment sandboxes
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DavidXanatos @isaak654 @pangshangji