From b45f345fa35c474da2694ab0d8e38eef512b8f42 Mon Sep 17 00:00:00 2001
From: lordmulder <mulder2@gmx.de>
Date: Mon, 27 Dec 2010 01:50:22 +0100
Subject: [PATCH] Simplify compatibility mode detection + check for process
 elevation

---
 etc/NSIS/setup.nsi |  4 +-
 src/Config.h       |  2 +-
 src/Global.cpp     | 95 +++++++++++++++++++++++++++-------------------
 src/Main.cpp       |  7 ++--
 4 files changed, 62 insertions(+), 46 deletions(-)

diff --git a/etc/NSIS/setup.nsi b/etc/NSIS/setup.nsi
index fe152bd4..fa189a3c 100644
--- a/etc/NSIS/setup.nsi
+++ b/etc/NSIS/setup.nsi
@@ -486,7 +486,7 @@ Function LockedListShow
 		LockedList::AddModule "\Uninstall.exe"
 		LockedList::AddModule "\Au_.exe"
 	${EndIf}
-	LockedList::Dialog /heading "$(LAMEXP_LANG_LOCKEDLIST_HEADING)" /noprograms "$(LAMEXP_LANG_LOCKEDLIST_NOPROG)" /searching  "$(LAMEXP_LANG_LOCKEDLIST_SEARCH)" /colheadings "$(LAMEXP_LANG_LOCKEDLIST_COLHDR1)" "$(LAMEXP_LANG_LOCKEDLIST_COLHDR2)"
+	LockedList::Dialog /autonext /heading "$(LAMEXP_LANG_LOCKEDLIST_HEADING)" /noprograms "$(LAMEXP_LANG_LOCKEDLIST_NOPROG)" /searching  "$(LAMEXP_LANG_LOCKEDLIST_SEARCH)" /colheadings "$(LAMEXP_LANG_LOCKEDLIST_COLHDR1)" "$(LAMEXP_LANG_LOCKEDLIST_COLHDR2)"
 	Pop $R0
 FunctionEnd
 
@@ -496,7 +496,7 @@ Function un.LockedListShow
 		LockedList::AddModule "\LameXP.exe"
 		LockedList::AddModule "\Uninstall.exe"
 	${EndIf}
-	LockedList::Dialog /heading "$(LAMEXP_LANG_LOCKEDLIST_HEADING)" /noprograms "$(LAMEXP_LANG_LOCKEDLIST_NOPROG)" /searching  "$(LAMEXP_LANG_LOCKEDLIST_SEARCH)" /colheadings "$(LAMEXP_LANG_LOCKEDLIST_COLHDR1)" "$(LAMEXP_LANG_LOCKEDLIST_COLHDR2)"
+	LockedList::Dialog /autonext /heading "$(LAMEXP_LANG_LOCKEDLIST_HEADING)" /noprograms "$(LAMEXP_LANG_LOCKEDLIST_NOPROG)" /searching  "$(LAMEXP_LANG_LOCKEDLIST_SEARCH)" /colheadings "$(LAMEXP_LANG_LOCKEDLIST_COLHDR1)" "$(LAMEXP_LANG_LOCKEDLIST_COLHDR2)"
 	Pop $R0
 FunctionEnd
 
diff --git a/src/Config.h b/src/Config.h
index db20f262..1c9d98e7 100644
--- a/src/Config.h
+++ b/src/Config.h
@@ -25,7 +25,7 @@
 #define VER_LAMEXP_MAJOR				4
 #define VER_LAMEXP_MINOR_HI				0
 #define VER_LAMEXP_MINOR_LO				0
-#define VER_LAMEXP_BUILD				183
+#define VER_LAMEXP_BUILD				186
 #define VER_LAMEXP_SUFFIX				TechPreview
 
 /*
diff --git a/src/Global.cpp b/src/Global.cpp
index 327f571d..0308bd21 100644
--- a/src/Global.cpp
+++ b/src/Global.cpp
@@ -66,8 +66,6 @@
 #define LAMEXP_INIT_QT_STATIC_PLUGIN(X)
 #endif
 
-#define X ULONG_MAX
-
 ///////////////////////////////////////////////////////////////////////////////
 // TYPES
 ///////////////////////////////////////////////////////////////////////////////
@@ -80,23 +78,6 @@ typedef struct
 	char parameter[4096];
 } lamexp_ipc_t;
 
-struct lamexp_oscomp_t
-{
-	DWORD verMajor;
-	DWORD verMinor;
-	char *pcExport;
-};
-
-static const struct lamexp_oscomp_t g_lamexp_oscomp[] =
-{
-	{4, X, "OpenThread"},            // Windows NT 4.0
-	{5, 0, "GetNativeSystemInfo"},   // Windows 2000
-	{5, 1, "GetLargePageMinimum"},   // Windows XP
-	{5, 2, "GetLocaleInfoEx"},       // Windows Server 2003
-	{6, 0, "CreateRemoteThreadEx"},  // Windows Vista
-	{0, 0, NULL}                     // EOL
-};
-
 ///////////////////////////////////////////////////////////////////////////////
 // GLOBAL VARS
 ///////////////////////////////////////////////////////////////////////////////
@@ -412,32 +393,55 @@ void WINAPI debugThreadProc(__in LPVOID lpParameter)
 /*
  * Check for compatibility mode
  */
-static bool lamexp_check_compatibility_mode(void)
+static bool lamexp_check_compatibility_mode(const char *exportName)
 {
 	QLibrary kernel32("kernel32.dll");
 
-	OSVERSIONINFOW versionInfo;
-	memset(&versionInfo, 0, sizeof(OSVERSIONINFOW));
-	versionInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFOW);
-	
-	if(GetVersionEx(&versionInfo))
+	if(exportName != NULL)
 	{
-		for(int i = 0; g_lamexp_oscomp[i].pcExport; i++)
+		if(kernel32.resolve(exportName) != NULL)
 		{
-			if((g_lamexp_oscomp[i].verMajor == X || g_lamexp_oscomp[i].verMajor == versionInfo.dwMajorVersion) && (g_lamexp_oscomp[i].verMinor == X || g_lamexp_oscomp[i].verMinor == versionInfo.dwMinorVersion))
-			{
-				if(kernel32.resolve(g_lamexp_oscomp[i].pcExport) != NULL)
-				{
-					qFatal("Windows NT %u.%u compatibility mode detected. Aborting!", versionInfo.dwMajorVersion, versionInfo.dwMinorVersion);
-					return false;
-				}
-			}
+			qFatal("Windows compatibility mode detected. Program will exit!");
+			return false;
 		}
 	}
 
 	return true;
 }
 
+/*
+ * Check for process elevation
+ */
+static bool lamexp_check_elevation(void)
+{
+	typedef enum { lamexp_token_elevation_class = 20 };
+	typedef struct { DWORD TokenIsElevated; } LAMEXP_TOKEN_ELEVATION;
+
+	HANDLE hToken = NULL;
+	bool bIsProcessElevated = false;
+	
+	if(OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
+	{
+		LAMEXP_TOKEN_ELEVATION tokenElevation;
+		DWORD returnLength;
+		if(GetTokenInformation(hToken, (TOKEN_INFORMATION_CLASS) lamexp_token_elevation_class, &tokenElevation, sizeof(LAMEXP_TOKEN_ELEVATION), &returnLength))
+		{
+			if(returnLength == sizeof(LAMEXP_TOKEN_ELEVATION) && tokenElevation.TokenIsElevated != 0)
+			{
+				qWarning("Process token is elevated -> potential security risk!\n");
+				bIsProcessElevated = true;
+			}
+		}
+		CloseHandle(hToken);
+	}
+	else
+	{
+		qWarning("Failed to open process token!");
+	}
+
+	return !bIsProcessElevated;
+}
+
 /*
  * Initialize Qt framework
  */
@@ -460,26 +464,28 @@ bool lamexp_init_qt(int argc, char* argv[])
 	{
 	case QSysInfo::WV_2000:
 		qDebug("Running on Windows 2000 (not offically supported!).\n");
+		lamexp_check_compatibility_mode("GetNativeSystemInfo");
 		break;
 	case QSysInfo::WV_XP:
-		qDebug("Running on Windows XP.\n\n");
+		qDebug("Running on Windows XP.\n");
+		lamexp_check_compatibility_mode("GetLargePageMinimum");
 		break;
 	case QSysInfo::WV_2003:
-		qDebug("Running on Windows Server 2003 or Windows XP Professional x64 Edition.\n");
+		qDebug("Running on Windows Server 2003 or Windows XP x64-Edition.\n");
+		lamexp_check_compatibility_mode("GetLocaleInfoEx");
 		break;
 	case QSysInfo::WV_VISTA:
-		qDebug("Running on Windows Vista or Windows Server 200.8\n");
+		qDebug("Running on Windows Vista or Windows Server 2008.\n");
+		lamexp_check_compatibility_mode("CreateRemoteThreadEx");
 		break;
 	case QSysInfo::WV_WINDOWS7:
 		qDebug("Running on Windows 7 or Windows Server 2008 R2.\n");
+		lamexp_check_compatibility_mode(NULL);
 		break;
 	default:
 		qFatal("Unsupported OS, only Windows 2000 or later is supported!");
 		break;
 	}
-	
-	//Check if "compatibility mode" is enabled
-	lamexp_check_compatibility_mode();
 
 	//Create Qt application instance and setup version info
 	QApplication *application = new QApplication(argc, argv);
@@ -508,6 +514,15 @@ bool lamexp_init_qt(int argc, char* argv[])
 		}
 	}
 	
+	//Check for process elevation
+	if(!lamexp_check_elevation())
+	{
+		if(QMessageBox::warning(NULL, "LameXP", "<nobr>LameXP was started with elevated rights. This is a potential security risk!</nobr>", "Quit Program (Recommended)", "Ignore") == 0)
+		{
+			return false;
+		}
+	}
+
 	//Done
 	qt_initialized = true;
 	return true;
diff --git a/src/Main.cpp b/src/Main.cpp
index 6922d6f4..237f3d11 100644
--- a/src/Main.cpp
+++ b/src/Main.cpp
@@ -51,8 +51,6 @@ int lamexp_main(int argc, char* argv[])
 	//Init console
 	lamexp_init_console(argc, argv);
 
-	lamexp_rand_str();
-
 	//Print version info
 	qDebug("LameXP - Audio Encoder Front-End");
 	qDebug("Version %d.%02d %s, Build %d [%s], compiled with %s", lamexp_version_major(), lamexp_version_minor(), lamexp_version_release(), lamexp_version_build(), lamexp_version_date().toString(Qt::ISODate).toLatin1().constData(), lamexp_version_compiler());
@@ -75,7 +73,10 @@ int lamexp_main(int argc, char* argv[])
 	qDebug(" Number of CPU's  :  %d\n", cpuFeatures.count);
 	
 	//Initialize Qt
-	lamexp_init_qt(argc, argv);
+	if(!lamexp_init_qt(argc, argv))
+	{
+		return -1;
+	}
 
 	//Check for expiration
 	if(lamexp_version_demo())