Make sure active user is in the "admin" group before checking for updates.
This commit is contained in:
parent
8420e7e311
commit
02dd413577
103
src/global.cpp
103
src/global.cpp
@ -390,7 +390,7 @@ static unsigned int x264_mix(const unsigned int x, const unsigned int y, const u
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* Seeds the random number generator
|
* Seeds the random number generator
|
||||||
* Note: Altough rand_s() doesn't need a seed, this must be called pripr to lamexp_rand(), just to to be sure!
|
* Note: Altough rand_s() doesn't need a seed, this must be called pripr to x264_rand(), just to to be sure!
|
||||||
*/
|
*/
|
||||||
void x264_seed_rand(void)
|
void x264_seed_rand(void)
|
||||||
{
|
{
|
||||||
@ -1350,13 +1350,14 @@ static bool x264_event_filter(void *message, long *result)
|
|||||||
/*
|
/*
|
||||||
* Check for process elevation
|
* Check for process elevation
|
||||||
*/
|
*/
|
||||||
static bool x264_check_elevation(void)
|
static bool x264_process_is_elevated(bool *bIsUacEnabled = NULL)
|
||||||
{
|
{
|
||||||
typedef enum { x264_token_elevationType_class = 18, x264_token_elevation_class = 20 } X264_TOKEN_INFORMATION_CLASS;
|
typedef enum { x264_token_elevationType_class = 18, x264_token_elevation_class = 20 } X264_TOKEN_INFORMATION_CLASS;
|
||||||
typedef enum { x264_elevationType_default = 1, x264_elevationType_full, x264_elevationType_limited } X264_TOKEN_ELEVATION_TYPE;
|
typedef enum { x264_elevationType_default = 1, x264_elevationType_full, x264_elevationType_limited } X264_TOKEN_ELEVATION_TYPE;
|
||||||
|
|
||||||
HANDLE hToken = NULL;
|
|
||||||
bool bIsProcessElevated = false;
|
bool bIsProcessElevated = false;
|
||||||
|
if(bIsUacEnabled) *bIsUacEnabled = false;
|
||||||
|
HANDLE hToken = NULL;
|
||||||
|
|
||||||
if(OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
|
if(OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
|
||||||
{
|
{
|
||||||
@ -1374,9 +1375,14 @@ static bool x264_check_elevation(void)
|
|||||||
case x264_elevationType_full:
|
case x264_elevationType_full:
|
||||||
qWarning("Process token elevation type: Full -> potential security risk!\n");
|
qWarning("Process token elevation type: Full -> potential security risk!\n");
|
||||||
bIsProcessElevated = true;
|
bIsProcessElevated = true;
|
||||||
|
if(bIsUacEnabled) *bIsUacEnabled = true;
|
||||||
break;
|
break;
|
||||||
case x264_elevationType_limited:
|
case x264_elevationType_limited:
|
||||||
qDebug("Process token elevation type: Limited -> not elevated.\n");
|
qDebug("Process token elevation type: Limited -> not elevated.\n");
|
||||||
|
if(bIsUacEnabled) *bIsUacEnabled = true;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
qWarning("Unknown tokenElevationType value: %d", tokenElevationType);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1388,7 +1394,90 @@ static bool x264_check_elevation(void)
|
|||||||
qWarning("Failed to open process token!");
|
qWarning("Failed to open process token!");
|
||||||
}
|
}
|
||||||
|
|
||||||
return !bIsProcessElevated;
|
return bIsProcessElevated;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check if the current user is an administartor (helper function)
|
||||||
|
*/
|
||||||
|
static bool x264_user_is_admin_helper(void)
|
||||||
|
{
|
||||||
|
HANDLE hToken = NULL;
|
||||||
|
if(!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
DWORD dwSize = 0;
|
||||||
|
if(!GetTokenInformation(hToken, TokenGroups, NULL, 0, &dwSize))
|
||||||
|
{
|
||||||
|
if(GetLastError() != ERROR_INSUFFICIENT_BUFFER)
|
||||||
|
{
|
||||||
|
CloseHandle(hToken);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
PTOKEN_GROUPS lpGroups = (PTOKEN_GROUPS) malloc(dwSize);
|
||||||
|
if(!lpGroups)
|
||||||
|
{
|
||||||
|
CloseHandle(hToken);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!GetTokenInformation(hToken, TokenGroups, lpGroups, dwSize, &dwSize))
|
||||||
|
{
|
||||||
|
free(lpGroups);
|
||||||
|
CloseHandle(hToken);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
PSID lpSid = NULL; SID_IDENTIFIER_AUTHORITY Authority = {SECURITY_NT_AUTHORITY};
|
||||||
|
if(!AllocateAndInitializeSid(&Authority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &lpSid))
|
||||||
|
{
|
||||||
|
free(lpGroups);
|
||||||
|
CloseHandle(hToken);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool bResult = false;
|
||||||
|
for(DWORD i = 0; i < lpGroups->GroupCount; i++)
|
||||||
|
{
|
||||||
|
if(EqualSid(lpSid, lpGroups->Groups[i].Sid))
|
||||||
|
{
|
||||||
|
bResult = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
FreeSid(lpSid);
|
||||||
|
free(lpGroups);
|
||||||
|
CloseHandle(hToken);
|
||||||
|
return bResult;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check if the current user is an administartor
|
||||||
|
*/
|
||||||
|
bool x264_user_is_admin(void)
|
||||||
|
{
|
||||||
|
bool isAdmin = false;
|
||||||
|
|
||||||
|
//Check for process elevation and UAC support first!
|
||||||
|
if(x264_process_is_elevated(&isAdmin))
|
||||||
|
{
|
||||||
|
qWarning("Process is elevated -> user is admin!");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
//If not elevated and UAC is not available -> user must be in admin group!
|
||||||
|
if(isAdmin)
|
||||||
|
{
|
||||||
|
qDebug("UAC is disabled/unavailable -> checking for Administrators group");
|
||||||
|
isAdmin = x264_user_is_admin_helper();
|
||||||
|
}
|
||||||
|
|
||||||
|
return isAdmin;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -1547,7 +1636,7 @@ bool x264_init_qt(int argc, char* argv[])
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
//Check for process elevation
|
//Check for process elevation
|
||||||
if((!x264_check_elevation()) && (!x264_detect_wine()))
|
if(x264_process_is_elevated() && (!x264_detect_wine()))
|
||||||
{
|
{
|
||||||
QMessageBox messageBox(QMessageBox::Warning, "Simple x264 Launcher", "<nobr>Simple x264 Launcher was started with 'elevated' rights, altough it does not need these rights.<br>Running an applications with unnecessary rights is a potential security risk!</nobr>", QMessageBox::NoButton, NULL, Qt::Dialog | Qt::MSWindowsFixedSizeDialogHint | Qt::WindowStaysOnTopHint);
|
QMessageBox messageBox(QMessageBox::Warning, "Simple x264 Launcher", "<nobr>Simple x264 Launcher was started with 'elevated' rights, altough it does not need these rights.<br>Running an applications with unnecessary rights is a potential security risk!</nobr>", QMessageBox::NoButton, NULL, Qt::Dialog | Qt::MSWindowsFixedSizeDialogHint | Qt::WindowStaysOnTopHint);
|
||||||
messageBox.addButton("Quit Program (Recommended)", QMessageBox::NoRole);
|
messageBox.addButton("Quit Program (Recommended)", QMessageBox::NoRole);
|
||||||
@ -2127,10 +2216,10 @@ bool x264_shutdown_computer(const QString &message, const unsigned long timeout,
|
|||||||
int x264_network_status(void)
|
int x264_network_status(void)
|
||||||
{
|
{
|
||||||
DWORD dwFlags;
|
DWORD dwFlags;
|
||||||
const BOOL ret = (IsNetworkAlive(&dwFlags) == TRUE);
|
const BOOL ret = IsNetworkAlive(&dwFlags);
|
||||||
if(GetLastError() == 0)
|
if(GetLastError() == 0)
|
||||||
{
|
{
|
||||||
return (ret == TRUE) ? x264_network_yes : x264_network_non;
|
return (ret != FALSE) ? x264_network_yes : x264_network_non;
|
||||||
}
|
}
|
||||||
return x264_network_err;
|
return x264_network_err;
|
||||||
}
|
}
|
||||||
|
@ -154,6 +154,7 @@ bool x264_shutdown_computer(const QString &message, const unsigned long timeout,
|
|||||||
void x264_sleep(const unsigned int delay);
|
void x264_sleep(const unsigned int delay);
|
||||||
bool x264_suspendProcess(const QProcess *proc, const bool suspend);
|
bool x264_suspendProcess(const QProcess *proc, const bool suspend);
|
||||||
const QString &x264_temp_directory(void);
|
const QString &x264_temp_directory(void);
|
||||||
|
bool x264_user_is_admin(void);
|
||||||
const char *x264_version_arch(void);
|
const char *x264_version_arch(void);
|
||||||
unsigned int x264_version_build(void);
|
unsigned int x264_version_build(void);
|
||||||
const char *x264_version_compiler(void);
|
const char *x264_version_compiler(void);
|
||||||
|
@ -26,7 +26,7 @@
|
|||||||
#define VER_X264_MAJOR 2
|
#define VER_X264_MAJOR 2
|
||||||
#define VER_X264_MINOR 2
|
#define VER_X264_MINOR 2
|
||||||
#define VER_X264_PATCH 8
|
#define VER_X264_PATCH 8
|
||||||
#define VER_X264_BUILD 720
|
#define VER_X264_BUILD 723
|
||||||
|
|
||||||
#define VER_X264_MINIMUM_REV 2363
|
#define VER_X264_MINIMUM_REV 2363
|
||||||
#define VER_X264_CURRENT_API 140
|
#define VER_X264_CURRENT_API 140
|
||||||
|
Loading…
Reference in New Issue
Block a user