warning fixes

3 years ago · f25860207f
parent 4c99873f1d
commit f25860207f
6 changed files with 77 additions and 68 deletions
--- a/src/defender-control/dcontrol.cpp
+++ b/src/defender-control/dcontrol.cpp
@ -19,7 +19,9 @@ namespace dcontrol

    // SecurityHealth
    //
-    if (REG::create_registry(L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run", hkey))
+    if (REG::create_registry(
+      L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run", 
+      hkey))
    {
      if (!REG::set_keyval_bin(hkey, L"SecurityHealth", 3))
        std::cout << "failed to write to SecurityHealth" << std::endl;
@ -105,7 +107,6 @@ namespace dcontrol

  bool enable_defender()
  {
-
    if (!util::sub_43604B())
      return false;

@ -119,7 +120,9 @@ namespace dcontrol
    if (!REG::set_keyval(hkey, L"DisableAntiSpyware", 0))
      std::cout << "failed to write to DisableAntiSpyware" << std::endl;

-    if (!REG::create_registry(L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run", hkey))
+    if (!REG::create_registry(
+      L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run",
+      hkey))
      std::cout << "failed to access CurrentVersion" << std::endl;

    if (!REG::set_keyval_bin(hkey, L"SecurityHealth", 2))
@ -156,6 +159,7 @@ namespace dcontrol
    helper->execute<BOOL>("DisableAntiSpyware", wmic::variant_type::t_bool, FALSE);
    helper->execute<BOOL>("DisableAntiVirus", wmic::variant_type::t_bool, FALSE);

+    return true;
  }

  // Checks whether Real-Time Protection is activated on windows
--- a/src/defender-control/defender-control.vcxproj
+++ b/src/defender-control/defender-control.vcxproj
@ -78,10 +78,11 @@
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
    <LinkIncremental>true</LinkIncremental>
+    <IntDir>$(Configuration)\</IntDir>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
    <LinkIncremental>false</LinkIncremental>
-    <IntDir>$(Platform)\$(Configuration)</IntDir>
+    <IntDir>$(Configuration)\</IntDir>
  </PropertyGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
    <ClCompile>
--- a/src/defender-control/trusted.cpp
+++ b/src/defender-control/trusted.cpp
@ -31,53 +31,11 @@ namespace trusted
    return true;
  }

-  // Get target process id
-  //
-  DWORD get_pid(std::string process_name)
-  {
-    HANDLE hSnapshot;
-    if ((hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)) == INVALID_HANDLE_VALUE)
-    {
-      return -1;
-    }
-
-    DWORD pid = -1;
-    PROCESSENTRY32 pe;
-    ZeroMemory(&pe, sizeof(PROCESSENTRY32));
-    pe.dwSize = sizeof(PROCESSENTRY32);
-
-    if (Process32First(hSnapshot, &pe))
-    {
-      while (Process32Next(hSnapshot, &pe))
-      {
-        if (pe.szExeFile == process_name)
-        {
-          pid = pe.th32ProcessID;
-          break;
-        }
-      }
-    }
-    else
-    {
-      CloseHandle(hSnapshot);
-      return -1;
-    }
-
-    if (pid == -1)
-    {
-      CloseHandle(hSnapshot);
-      return -1;
-    }
-
-    CloseHandle(hSnapshot);
-    return pid;
-  }
-
  // Give system permissions
  //
  bool impersonate_system()
  {
-    auto systemPid = get_pid("winlogon.exe");
+    auto systemPid = util::get_pid("winlogon.exe");
    HANDLE hSystemProcess;
    if ((hSystemProcess = OpenProcess(
      PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION,
@ -265,28 +223,31 @@ namespace trusted
  //
  bool is_system_group()
  {
-    DWORD i, dwSize = 0, dwResult = 0;
-    HANDLE hToken;
-    PTOKEN_USER Ptoken_User;
+    DWORD dw_size = 0;
+    DWORD dw_result = 0;
+    HANDLE token;
+    PTOKEN_USER token_user;
+    LPWSTR SID = NULL;

-    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
+    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
      return false;

-    if (!GetTokenInformation(hToken, TokenUser, NULL, dwSize, &dwSize))
+    if (!GetTokenInformation(token, TokenUser, NULL, dw_size, &dw_size))
    {
-      dwResult = GetLastError();
-      if (dwResult != ERROR_INSUFFICIENT_BUFFER)
+      dw_result = GetLastError();
+      if (dw_result != ERROR_INSUFFICIENT_BUFFER)
        return false;
    }

-    Ptoken_User = (PTOKEN_USER)GlobalAlloc(GPTR, dwSize);
+    token_user = (PTOKEN_USER)GlobalAlloc(GPTR, dw_size);

-    if (!GetTokenInformation(hToken, TokenUser, Ptoken_User, dwSize, &dwSize))
-      return FALSE;
+    if (!GetTokenInformation(token, TokenUser, token_user, dw_size, &dw_size))
+      return false;

-    LPWSTR SID = NULL;
+    if (!token_user)
+      return false;

-    if (!ConvertSidToStringSidW(Ptoken_User->User.Sid, &SID))
+    if (!ConvertSidToStringSidW(token_user->User.Sid, &SID))
      return false;

    // All SID can be found here
@ -296,8 +257,8 @@ namespace trusted
    if (_wcsicmp(L"S-1-5-18", SID) == 0)
      return true;

-    if (Ptoken_User)
-      GlobalFree(Ptoken_User);
+    if (token_user)
+      GlobalFree(token_user);

    return false;
  }
@ -309,16 +270,16 @@ namespace trusted
    BOOL ret = FALSE;
    HANDLE token = NULL;

-    if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token)) 
+    if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
    {
      TOKEN_ELEVATION elevation;
      DWORD rlen = sizeof(TOKEN_ELEVATION);

-      if (GetTokenInformation(token, TokenElevation, &elevation, sizeof(elevation), &rlen)) 
+      if (GetTokenInformation(token, TokenElevation, &elevation, sizeof(elevation), &rlen))
        ret = elevation.TokenIsElevated;
    }

-    if (token) 
+    if (token)
      CloseHandle(token);

    return ret;
--- a/src/defender-control/trusted.hpp
+++ b/src/defender-control/trusted.hpp
@ -1,14 +1,13 @@
 #pragma once
 #include <Windows.h>
 #include <string>
-#include <TlHelp32.h>
 #include <sddl.h>
 #include <iostream>
+#include "util.hpp"

 namespace trusted
 {
  bool enable_privilege(std::string privilege);
-  DWORD get_pid(std::string process_name);
  bool impersonate_system();
  bool impersonate_trusted(DWORD pid);
  DWORD start_trusted();
--- a/src/defender-control/util.cpp
+++ b/src/defender-control/util.cpp
@ -100,8 +100,47 @@ namespace util
  std::string get_current_path()
  {
    char buf[256];
-    size_t len = sizeof(buf);
-    int bytes = GetModuleFileName(NULL, buf, len);
+    DWORD len = sizeof(buf);
+    int bytes = GetModuleFileNameA(NULL, buf, len);
    return std::string(buf);
  }
+
+  // Get target process id
+  //
+  DWORD get_pid(std::string process_name)
+  {
+    HANDLE hSnapshot;
+    if ((hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)) == INVALID_HANDLE_VALUE)
+      return -1;
+
+    DWORD pid = -1;
+    PROCESSENTRY32 pe;
+    ZeroMemory(&pe, sizeof(PROCESSENTRY32));
+    pe.dwSize = sizeof(PROCESSENTRY32);
+
+    if (!Process32First(hSnapshot, &pe))
+    {
+      CloseHandle(hSnapshot);
+      return -1;
+    }
+
+    while (Process32Next(hSnapshot, &pe))
+    {
+      if (pe.szExeFile == process_name)
+      {
+        pid = pe.th32ProcessID;
+        break;
+      }
+    }
+
+    if (pid == -1)
+    {
+      CloseHandle(hSnapshot);
+      return -1;
+    }
+
+    CloseHandle(hSnapshot);
+    return pid;
+  }
+
 }
--- a/src/defender-control/util.hpp
+++ b/src/defender-control/util.hpp
@ -2,6 +2,7 @@
 #include <Windows.h>
 #include <string>
 #include <lmcons.h>
+#include <TlHelp32.h>

 namespace util
 {
@ -25,4 +26,8 @@ namespace util
  // Get current path of process
  //
  std::string get_current_path();
+
+  // Get target process id
+  //
+  DWORD get_pid(std::string process_name);
 }