diff --git a/src/common/fortconf.h b/src/common/fortconf.h index 1fbc8b82..6bb2f327 100644 --- a/src/common/fortconf.h +++ b/src/common/fortconf.h @@ -8,13 +8,14 @@ typedef struct fort_conf_flags { UINT32 app_log_blocked : 1; UINT32 app_block_all : 1; UINT32 app_allow_all : 1; + UINT32 _reserved_ : 4; + UINT32 conf_version : 6; UINT32 group_bits : 16; } FORT_CONF_FLAGS, *PFORT_CONF_FLAGS; typedef struct fort_conf { FORT_CONF_FLAGS flags; - UINT16 conf_version; UINT16 data_off; UINT16 ip_include_n; diff --git a/src/driver/fortdrv.c b/src/driver/fortdrv.c index f1990135..9d215e5c 100644 --- a/src/driver/fortdrv.c +++ b/src/driver/fortdrv.c @@ -388,7 +388,8 @@ fort_device_control (PDEVICE_OBJECT device, PIRP irp) const PFORT_CONF conf = irp->AssociatedIrp.SystemBuffer; const ULONG len = irp_stack->Parameters.DeviceIoControl.InputBufferLength; - if (len > FORT_CONF_DATA_OFF) { + if (conf->flags.conf_version == FORT_CONF_VERSION + && len > FORT_CONF_DATA_OFF) { PFORT_CONF_REF conf_ref = fort_conf_ref_new(conf, len); if (conf_ref == NULL) { @@ -404,7 +405,8 @@ fort_device_control (PDEVICE_OBJECT device, PIRP irp) const PFORT_CONF_FLAGS conf_flags = irp->AssociatedIrp.SystemBuffer; const ULONG len = irp_stack->Parameters.DeviceIoControl.InputBufferLength; - if (len == sizeof(FORT_CONF_FLAGS)) { + if (conf_flags->conf_version == FORT_CONF_VERSION + && len == sizeof(FORT_CONF_FLAGS)) { fort_conf_ref_flags_set(conf_flags); status = fort_callout_force_reauth(device); } diff --git a/src/ui/util/confutil.cpp b/src/ui/util/confutil.cpp index 75de652b..ffd08811 100644 --- a/src/ui/util/confutil.cpp +++ b/src/ui/util/confutil.cpp @@ -94,6 +94,7 @@ int ConfUtil::writeFlags(const FirewallConf &conf, QByteArray &buf) confFlags->app_log_blocked = conf.appLogBlocked(); confFlags->app_block_all = conf.appBlockAll(); confFlags->app_allow_all = conf.appAllowAll(); + confFlags->conf_version = FORT_CONF_VERSION; confFlags->group_bits = conf.appGroupBits(); return flagsSize; @@ -236,11 +237,12 @@ void ConfUtil::writeData(char *output, const FirewallConf &conf, drvConf->flags.app_block_all = conf.appBlockAll(); drvConf->flags.app_allow_all = conf.appAllowAll(); + drvConf->flags.conf_version = FORT_CONF_VERSION; + drvConf->flags.group_bits = conf.appGroupBits(); FortCommon::confAppPermsMaskInit(drvConf); - drvConf->conf_version = FORT_CONF_VERSION; drvConf->data_off = FORT_CONF_DATA_OFF; drvConf->ip_include_n = incRangeSize;