maxmustermann/terminal
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

don't do the lookup for things in system32

Browse source
This commit is contained in:
Mike Griese 2021-09-14 15:22:20 -05:00
parent edd71265d8
commit 47d55a8fd0
1 changed files with 34 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
src/cascadia/TerminalApp/TerminalPage.cpp
View file

@ -1480,6 +1480,31 @@ namespace winrt::TerminalApp::implementation
return true; return true;
} }
static bool _isInSystem32(std::wstring_view commandLine)
{
// TODO! magic static
static std::wstring systemDirectory{};
if (FAILED(wil::GetSystemDirectoryW(systemDirectory)))
{
// we couldn't look up where system32 is?? Then it's definitely not
// in System32
return false;
}
const std::filesystem::path executablePath{ commandLine };
if (executablePath.has_parent_path())
{
auto parentPath{ executablePath.parent_path() };
const auto pathEquals = til::equals_insensitive_ascii(parentPath.wstring(), systemDirectory);
if (pathEquals && std::filesystem::exists(executablePath))
{
return true;
}
}
return false;
}
// Method Description: // Method Description:
// - For a given commandline, determines if we should prompt the user for // - For a given commandline, determines if we should prompt the user for
// approval. We only do this check when elevated. This will check the // approval. We only do this check when elevated. This will check the
@ -1494,8 +1519,15 @@ namespace winrt::TerminalApp::implementation
// NOTE: For debugging purposes, changing this to `true || // NOTE: For debugging purposes, changing this to `true ||
// _isElevated()` is a handy way of forcing the elevation logic, even // _isElevated()` is a handy way of forcing the elevation logic, even
// when unelevated. // when unelevated.
if (_isElevated()) if (true || _isElevated())
{ {
// If the cmdline starts with (case-insensitive)
// `C:\WINDOWS\System32`, then ignore this check.
if (_isInSystem32(cmdline))
{
return false;
}
if (const auto& allowedCommandlines{ ElevatedState::SharedInstance().AllowedCommandlines() }) if (const auto& allowedCommandlines{ ElevatedState::SharedInstance().AllowedCommandlines() })
{ {
for (const auto& approved : allowedCommandlines) for (const auto& approved : allowedCommandlines)
@ -1506,9 +1538,7 @@ namespace winrt::TerminalApp::implementation
} }
} }
} }
return true;
// TODO! If the cmdline starts with (case-insensitive)
// `C:\WINDOWS\System32`, then ignore this check.
} }
return false; return false;