diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-05-10 11:02:31 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-05-10 11:23:58 +0200 |
commit | 1efbd14c2c65c75d147512e2953966a5de7b81bb (patch) | |
tree | aa19b7bf6279a74b528a8d8dd59bac7796b4bf0c /api/adapter.c | |
parent | api: discourage UaF on teardown (diff) | |
download | wintun-1efbd14c2c65c75d147512e2953966a5de7b81bb.tar.xz wintun-1efbd14c2c65c75d147512e2953966a5de7b81bb.zip |
api: check that GUID is valid before assuming it's in use
ROOT/NET/000X could have been claimed by a different driver, so we want
to double check.
Link: https://lists.zx2c4.com/pipermail/wireguard/2021-May/006716.html
Reported-by: Piotr Sobczak <piotrs@glosol.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'api/adapter.c')
-rw-r--r-- | api/adapter.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/api/adapter.c b/api/adapter.c index ba4467c..ec14d99 100644 --- a/api/adapter.c +++ b/api/adapter.c @@ -1452,8 +1452,13 @@ static _Return_type_success_(return != NULL) WINTUN_ADAPTER *CreateAdapter( if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, RegPath, 0, KEY_QUERY_VALUE, &Key) == ERROR_SUCCESS) { RegCloseKey(Key); - SetLastError(LOG_ERROR(ERROR_ALREADY_EXISTS, L"Requested GUID is already in use: %s", RequestedGUIDStr)); - return NULL; + NET_LUID Luid; + if (ConvertInterfaceGuidToLuid(RequestedGUID, &Luid) == NO_ERROR) + { + SetLastError( + LOG_ERROR(ERROR_ALREADY_EXISTS, L"Requested GUID is already in use: %s", RequestedGUIDStr)); + return NULL; + } } LOG(WINTUN_LOG_WARN, L"Requested GUID %s has leftover residue", RequestedGUIDStr); HANDLE OriginalToken; |