From 010d878a8e94d0bc9e0c3b72cc7192cab2525f7a Mon Sep 17 00:00:00 2001
From: DavidXanatos <3890945+DavidXanatos@users.noreply.github.com>
Date: Tue, 20 Feb 2024 21:43:54 +0100
Subject: [PATCH] 1.13.1

---
 CHANGELOG.md                   |  1 +
 Sandboxie/core/dll/file.c      | 74 ++++++++++++++++++++++++++++------
 Sandboxie/core/dll/file_link.c | 15 ++++++-
 3 files changed, 77 insertions(+), 13 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cb1f6b1b96..88b98b5f4c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 ### Fixed
 - added missing checkbox for API tracing
 - fixed incompatibility with Windows ARM64 Insider build 26052 and later
+- fixed [1.12.6] Symlink and open path issue [#3537](https://github.com/sandboxie-plus/Sandboxie/issues/3537)
 
 ### Changed
 - changed DynData format to add flags
diff --git a/Sandboxie/core/dll/file.c b/Sandboxie/core/dll/file.c
index c76ae5f86e..7e376ed10a 100644
--- a/Sandboxie/core/dll/file.c
+++ b/Sandboxie/core/dll/file.c
@@ -2692,6 +2692,12 @@ _FX NTSTATUS File_NtCreateFileImpl(
         }
     }
 
+    if (Dll_ApiTrace) {
+        WCHAR trace_str[2048];
+        ULONG len = Sbie_snwprintf(trace_str, 2048, L"File_NtCreateFileImpl %s DesiredAccess=0x%08X CreateDisposition=0x%08X CreateOptions=0x%08X", TruePath, DesiredAccess, CreateDisposition, CreateOptions);
+        SbieApi_MonitorPut2Ex(MONITOR_APICALL | MONITOR_TRACE, len, trace_str, FALSE, FALSE);
+    }
+
     SkipOriginalTry = (status == STATUS_BAD_INITIAL_PC);
 
     //if ( (wcsstr(TruePath, L"Harddisk0\\DR0") != 0) || wcsstr(TruePath, L"HarddiskVolume3") != 0) {
@@ -3833,6 +3839,12 @@ _FX NTSTATUS File_NtCreateFileImpl(
         status = GetExceptionCode();
     }
 
+    if (Dll_ApiTrace) {
+        WCHAR trace_str[2048];
+        ULONG len = Sbie_snwprintf(trace_str, 2048, L"File_NtCreateFileImpl status = 0x%08X", status);
+        SbieApi_MonitorPut2Ex(MONITOR_APICALL | MONITOR_TRACE, len, trace_str, FALSE, FALSE);
+    }
+
     SetLastError(LastError);
     return status;
 }
@@ -5047,6 +5059,12 @@ _FX NTSTATUS File_NtQueryFullAttributesFileImpl(
         ObjectAttributes->RootDirectory, ObjectAttributes->ObjectName,
         &TruePath, &CopyPath, &FileFlags);
 
+    if (Dll_ApiTrace) {
+        WCHAR trace_str[2048];
+        ULONG len = Sbie_snwprintf(trace_str, 2048, L"File_NtQueryFullAttributesFileImpl %s", TruePath);
+        SbieApi_MonitorPut2Ex(MONITOR_APICALL | MONITOR_TRACE, len, trace_str, FALSE, FALSE);
+    }
+
     if (! NT_SUCCESS(status)) {
 
         if (status == STATUS_BAD_INITIAL_PC) {
@@ -5243,6 +5261,12 @@ _FX NTSTATUS File_NtQueryFullAttributesFileImpl(
         status = STATUS_OBJECT_NAME_INVALID;
     }
 
+    if (Dll_ApiTrace) {
+        WCHAR trace_str[2048];
+        ULONG len = Sbie_snwprintf(trace_str, 2048, L"File_NtQueryFullAttributesFileImpl status = 0x%08X", status);
+        SbieApi_MonitorPut2Ex(MONITOR_APICALL | MONITOR_TRACE, len, trace_str, FALSE, FALSE);
+    }
+
     Dll_PopTlsNameBuffer(TlsData);
     SetLastError(LastError);
     return status;
@@ -5563,6 +5587,12 @@ _FX ULONG File_GetFinalPathNameByHandleW(
         err = GetLastError();
     }
 
+    if (Dll_ApiTrace) {
+        WCHAR trace_str[2048];
+        ULONG len = Sbie_snwprintf(trace_str, 2048, L"File_GetFinalPathNameByHandleW %s", lpszFilePath);
+        SbieApi_MonitorPut2Ex(MONITOR_APICALL | MONITOR_TRACE, len, trace_str, FALSE, FALSE);
+    }
+
     SetLastError(err);
     return rc;
 }
@@ -5578,11 +5608,11 @@ _FX WCHAR *File_GetFinalPathNameByHandleW_2(WCHAR *TruePath, ULONG dwFlags)
     static const WCHAR *_DosPrefix = L"\\\\?\\UNC\\";
     const FILE_DRIVE *file_drive;
     const FILE_LINK *file_link;
-    const WCHAR *suffix;
+    const WCHAR *suffix, *suffix2;
     WCHAR *path;
     WCHAR *ReparsedPath;
     ULONG TruePath_len;
-    ULONG suffix_len;
+    ULONG suffix_len, suffix2_len;
     WCHAR drive_letter;
     BOOLEAN AddBackslash;
 
@@ -5679,6 +5709,7 @@ _FX WCHAR *File_GetFinalPathNameByHandleW_2(WCHAR *TruePath, ULONG dwFlags)
     ReparsedPath = NULL;
     AddBackslash = FALSE;
     drive_letter = 0;
+    suffix2 = NULL;
 
     file_link = File_FindPermLinksForMatchPath(TruePath, TruePath_len);
     if (file_link) {
@@ -5728,18 +5759,33 @@ _FX WCHAR *File_GetFinalPathNameByHandleW_2(WCHAR *TruePath, ULONG dwFlags)
 
             file_drive = File_GetDriveForPath(TruePath, TruePath_len);
             if (! file_drive) {
-                // release lock by File_FindPermLinksForMatchPath
-                LeaveCriticalSection(File_DrivesAndLinks_CritSec);
-                SetLastError(ERROR_PATH_NOT_FOUND);
-                return NULL;
-            }
 
-            drive_letter = file_drive->letter;
-            suffix = TruePath + file_drive->len;
+                file_drive = File_GetDriveForPath(file_link->src, file_link->src_len);
+                if (!file_drive) {
 
-            // release lock by File_GetDriveForPath
-            LeaveCriticalSection(File_DrivesAndLinks_CritSec);
+                    // release lock by File_FindPermLinksForMatchPath
+                    LeaveCriticalSection(File_DrivesAndLinks_CritSec);
+                    SetLastError(ERROR_PATH_NOT_FOUND);
+                    return NULL;
+                }
+                else
+                {
+                    drive_letter = file_drive->letter;
+                    suffix = file_link->src + file_drive->len;
+                    suffix2 = TruePath + file_link->dst_len;
 
+                    // release lock by File_GetDriveForPath
+                    LeaveCriticalSection(File_DrivesAndLinks_CritSec);
+                }
+            }
+            else
+            {
+                drive_letter = file_drive->letter;
+                suffix = TruePath + file_drive->len;
+
+                // release lock by File_GetDriveForPath
+                LeaveCriticalSection(File_DrivesAndLinks_CritSec);
+            }
         }
 
         // release lock by File_FindPermLinksForMatchPath
@@ -5785,11 +5831,15 @@ _FX WCHAR *File_GetFinalPathNameByHandleW_2(WCHAR *TruePath, ULONG dwFlags)
     } else { // VOLUME_NAME_DOS
 
         suffix_len = wcslen(suffix);
-        path = Dll_AllocTemp((suffix_len + 16) * sizeof(WCHAR));
+        suffix2_len = suffix2 ? wcslen(suffix2) : 0;
+        path = Dll_AllocTemp((suffix_len + suffix2_len + 16) * sizeof(WCHAR));
         wmemcpy(path, _DosPrefix, 4);
         path[4] = drive_letter;
         path[5] = L':';
         wmemcpy(path + 6, suffix, suffix_len + 1);
+        if (suffix2)
+            wcscat(path, suffix2);
+
     }
 
     if (AddBackslash)
diff --git a/Sandboxie/core/dll/file_link.c b/Sandboxie/core/dll/file_link.c
index 34f2e0d02e..81f8582fa1 100644
--- a/Sandboxie/core/dll/file_link.c
+++ b/Sandboxie/core/dll/file_link.c
@@ -1328,7 +1328,7 @@ _FX FILE_LINK *File_FindPermLinksForMatchPath(
     link = List_Head(File_PermLinks);
     while (link) {
 
-        const ULONG src_len = link->src_len;
+        /*const ULONG src_len = link->src_len;
 
         if (
 #ifdef WOW64_FS_REDIR
@@ -1338,6 +1338,19 @@ _FX FILE_LINK *File_FindPermLinksForMatchPath(
                 (name[src_len] == L'\\' || name[src_len] == L'\0') &&
                 _wcsnicmp(name, link->src, src_len) == 0) {
 
+            return link;
+        }*/
+
+        const ULONG dst_len = link->dst_len;
+
+        if (
+#ifdef WOW64_FS_REDIR
+            link != File_Wow64FileLink &&
+#endif WOW64_FS_REDIR
+            name_len >= dst_len &&
+                (name[dst_len] == L'\\' || name[dst_len] == L'\0') &&
+                _wcsnicmp(name, link->dst, dst_len) == 0) {
+
             return link;
         }