We were calling GetModuleFileName() in a number of places. Use
nssm_imagepath() instead.
Ensure that a quoted path is used for the service image path when
creating the service, thus avoiding a theoretical security vulnerability
whereby the service manager could be tricked into launching the wrong
program.
When setting the path to NSSM in the environment for event hooks we
still use the unquoted path, as environment variables are typically
unquoted.
Thanks Gerald Haider.
Thanks to Miguel Angel Terrón for suggesting copy/truncate rotation.\r
Thanks to Yuriy Lesiuk for suggesting setting the environment before querying\r
the registry for parameters.\r
Thanks to Miguel Angel Terrón for suggesting copy/truncate rotation.\r
Thanks to Yuriy Lesiuk for suggesting setting the environment before querying\r
the registry for parameters.\r
+Thanks to Gerald Haider for noticing that installing a service with NSSM in a\r
+path containing spaces was technically a security vulnerability.\r
-1 on error.
*/
int test_environment(TCHAR *env) {
-1 on error.
*/
int test_environment(TCHAR *env) {
- TCHAR path[PATH_LENGTH];
- GetModuleFileName(0, path, _countof(path));
+ TCHAR *path = (TCHAR *) nssm_imagepath();
STARTUPINFO si;
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
STARTUPINFO si;
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
/* Last control handled. */
SetEnvironmentVariable(NSSM_HOOK_ENV_LAST_CONTROL, service_control_text(service->last_control));
/* Last control handled. */
SetEnvironmentVariable(NSSM_HOOK_ENV_LAST_CONTROL, service_control_text(service->last_control));
- /* Path to NSSM. */
- TCHAR path[PATH_LENGTH];
- GetModuleFileName(0, path, _countof(path));
- SetEnvironmentVariable(NSSM_HOOK_ENV_IMAGE_PATH, path);
+ /* Path to NSSM, unquoted for the environment. */
+ SetEnvironmentVariable(NSSM_HOOK_ENV_IMAGE_PATH, nssm_unquoted_imagepath());
/* NSSM version. */
SetEnvironmentVariable(NSSM_HOOK_ENV_NSSM_CONFIGURATION, NSSM_CONFIGURATION);
/* NSSM version. */
SetEnvironmentVariable(NSSM_HOOK_ENV_NSSM_CONFIGURATION, NSSM_CONFIGURATION);
ZeroMemory(&sei, sizeof(sei));\r
sei.cbSize = sizeof(sei);\r
sei.lpVerb = _T("runas");\r
ZeroMemory(&sei, sizeof(sei));\r
sei.cbSize = sizeof(sei);\r
sei.lpVerb = _T("runas");\r
- sei.lpFile = (TCHAR *) HeapAlloc(GetProcessHeap(), 0, PATH_LENGTH);\r
- if (! sei.lpFile) {\r
- print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("GetModuleFileName()"), _T("elevate()"));\r
- return 111;\r
- }\r
- GetModuleFileName(0, (TCHAR *) sei.lpFile, PATH_LENGTH);\r
+ sei.lpFile = (TCHAR *) nssm_imagepath();\r
\r
TCHAR *args = (TCHAR *) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, EXE_LENGTH * sizeof(TCHAR));\r
if (! args) {\r
\r
TCHAR *args = (TCHAR *) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, EXE_LENGTH * sizeof(TCHAR));\r
if (! args) {\r
- HeapFree(GetProcessHeap(), 0, (void *) sei.lpFile);\r
print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("GetCommandLine()"), _T("elevate()"));\r
return 111;\r
}\r
print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("GetCommandLine()"), _T("elevate()"));\r
return 111;\r
}\r
unsigned long exitcode = 0;\r
if (! ShellExecuteEx(&sei)) exitcode = 100;\r
\r
unsigned long exitcode = 0;\r
if (! ShellExecuteEx(&sei)) exitcode = 100;\r
\r
- HeapFree(GetProcessHeap(), 0, (void *) sei.lpFile);\r
HeapFree(GetProcessHeap(), 0, (void *) args);\r
return exitcode;\r
}\r
HeapFree(GetProcessHeap(), 0, (void *) args);\r
return exitcode;\r
}\r
}\r
\r
/* Get path of this program */\r
}\r
\r
/* Get path of this program */\r
- TCHAR path[PATH_LENGTH];\r
- GetModuleFileName(0, path, _countof(path));\r
+ const TCHAR *path = nssm_imagepath();\r
\r
/* Try to register the module but don't worry so much on failure */\r
RegSetValueEx(key, _T("EventMessageFile"), 0, REG_SZ, (const unsigned char *) path, (unsigned long) (_tcslen(path) + 1) * sizeof(TCHAR));\r
\r
/* Try to register the module but don't worry so much on failure */\r
RegSetValueEx(key, _T("EventMessageFile"), 0, REG_SZ, (const unsigned char *) path, (unsigned long) (_tcslen(path) + 1) * sizeof(TCHAR));\r
}\r
\r
/* Get path of this program */\r
}\r
\r
/* Get path of this program */\r
- GetModuleFileName(0, service->image, _countof(service->image));\r
+ _sntprintf_s(service->image, _countof(service->image), _TRUNCATE, _T("%s"), nssm_imagepath());\r
\r
/* Create the service - settings will be changed in edit_service() */\r
service->handle = CreateService(services, service->name, service->name, SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS, SERVICE_AUTO_START, SERVICE_ERROR_NORMAL, service->image, 0, 0, 0, 0, 0);\r
\r
/* Create the service - settings will be changed in edit_service() */\r
service->handle = CreateService(services, service->name, service->name, SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS, SERVICE_AUTO_START, SERVICE_ERROR_NORMAL, service->image, 0, 0, 0, 0, 0);\r