Support launching rundll32.exe as a safe executable if the dll it loads is in a secure location

author: Nir Bar <nir.bar@panel-sw.co.il> 2025-04-03 09:26:20 +0300
committer: Rob Mensching <rob@firegiant.com> 2025-06-18 15:48:22 -0700
commit: 9af6ee7031536ccb91fc2eb2f8521a0ac286db2c (patch)
tree: c8965e4218450b3b9e02bb129d702dbb83adb8de /src/burn/engine/elevation.cpp
parent: 358bcc821c098a9ade94cca948056ec3d528a2bb (diff)
download: wix-9af6ee7031536ccb91fc2eb2f8521a0ac286db2c.tar.gz
wix-9af6ee7031536ccb91fc2eb2f8521a0ac286db2c.tar.bz2
wix-9af6ee7031536ccb91fc2eb2f8521a0ac286db2c.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/burn/engine/elevation.cpp b/src/burn/engine/elevation.cpp
index 90e9db01..f208efc9 100644
--- a/src/burn/engine/elevation.cpp
+++ b/src/burn/engine/elevation.cpp
@@ -3876,7 +3876,7 @@ static HRESULT OnLaunchApprovedExe(
    hr = RegReadString(hKey, pApprovedExe->sczValueName, &pLaunchApprovedExe->sczExecutablePath);
    ExitOnFailure(hr, "Failed to read the value for the approved exe path.");
-    hr = ApprovedExesVerifySecureLocation(pCache, pVariables, pLaunchApprovedExe->sczExecutablePath);
+    hr = ApprovedExesVerifySecureLocation(pCache, pVariables, pLaunchApprovedExe->sczExecutablePath, 0, NULL);
    ExitOnFailure(hr, "Failed to verify the executable path is in a secure location: %ls", pLaunchApprovedExe->sczExecutablePath);
    if (S_FALSE == hr)
    {
author	Nir Bar <nir.bar@panel-sw.co.il>	2025-04-03 09:26:20 +0300
committer	Rob Mensching <rob@firegiant.com>	2025-06-18 15:48:22 -0700
commit	9af6ee7031536ccb91fc2eb2f8521a0ac286db2c (patch)
tree	c8965e4218450b3b9e02bb129d702dbb83adb8de /src/burn/engine/elevation.cpp
parent	358bcc821c098a9ade94cca948056ec3d528a2bb (diff)
download	wix-9af6ee7031536ccb91fc2eb2f8521a0ac286db2c.tar.gz wix-9af6ee7031536ccb91fc2eb2f8521a0ac286db2c.tar.bz2 wix-9af6ee7031536ccb91fc2eb2f8521a0ac286db2c.zip

diff --git a/src/burn/engine/elevation.cpp b/src/burn/engine/elevation.cpp index 90e9db01..f208efc9 100644 --- a/src/burn/engine/elevation.cpp +++ b/src/burn/engine/elevation.cpp
@@ -3876,7 +3876,7 @@ static HRESULT OnLaunchApprovedExe(
3876	hr = RegReadString(hKey, pApprovedExe->sczValueName, &pLaunchApprovedExe->sczExecutablePath);	3876	hr = RegReadString(hKey, pApprovedExe->sczValueName, &pLaunchApprovedExe->sczExecutablePath);
3877	ExitOnFailure(hr, "Failed to read the value for the approved exe path.");	3877	ExitOnFailure(hr, "Failed to read the value for the approved exe path.");
3878		3878
3879	hr = ApprovedExesVerifySecureLocation(pCache, pVariables, pLaunchApprovedExe->sczExecutablePath);	3879	hr = ApprovedExesVerifySecureLocation(pCache, pVariables, pLaunchApprovedExe->sczExecutablePath, 0, NULL);
3880	ExitOnFailure(hr, "Failed to verify the executable path is in a secure location: %ls", pLaunchApprovedExe->sczExecutablePath);	3880	ExitOnFailure(hr, "Failed to verify the executable path is in a secure location: %ls", pLaunchApprovedExe->sczExecutablePath);
3881	if (S_FALSE == hr)	3881	if (S_FALSE == hr)
3882	{	3882	{