Add checking MD5 ability in Plugin Admin
Check MD5 after installing to prevent from MITMApull/4886/head
parent
6fb78db414
commit
b662bcf5ae
|
@ -30,6 +30,8 @@
|
||||||
#include <shlobj.h>
|
#include <shlobj.h>
|
||||||
#include <uxtheme.h>
|
#include <uxtheme.h>
|
||||||
#include <cassert>
|
#include <cassert>
|
||||||
|
#include <codecvt>
|
||||||
|
|
||||||
#include "StaticDialog.h"
|
#include "StaticDialog.h"
|
||||||
|
|
||||||
#include "Common.h"
|
#include "Common.h"
|
||||||
|
@ -1194,3 +1196,43 @@ bool isAssoCommandExisting(LPCTSTR FullPathName)
|
||||||
}
|
}
|
||||||
return isAssoCommandExisting;
|
return isAssoCommandExisting;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
std::wstring s2ws(const std::string& str)
|
||||||
|
{
|
||||||
|
using convert_typeX = std::codecvt_utf8<wchar_t>;
|
||||||
|
std::wstring_convert<convert_typeX, wchar_t> converterX;
|
||||||
|
|
||||||
|
return converterX.from_bytes(str);
|
||||||
|
}
|
||||||
|
|
||||||
|
std::string ws2s(const std::wstring& wstr)
|
||||||
|
{
|
||||||
|
using convert_typeX = std::codecvt_utf8<wchar_t>;
|
||||||
|
std::wstring_convert<convert_typeX, wchar_t> converterX;
|
||||||
|
|
||||||
|
return converterX.to_bytes(wstr);
|
||||||
|
}
|
||||||
|
|
||||||
|
bool deleteFileOrFolder(const generic_string& f2delete)
|
||||||
|
{
|
||||||
|
auto len = f2delete.length();
|
||||||
|
TCHAR* actionFolder = new TCHAR[len + 2];
|
||||||
|
lstrcpy(actionFolder, f2delete.c_str());
|
||||||
|
actionFolder[len] = 0;
|
||||||
|
actionFolder[len + 1] = 0;
|
||||||
|
|
||||||
|
SHFILEOPSTRUCT fileOpStruct = { 0 };
|
||||||
|
fileOpStruct.hwnd = NULL;
|
||||||
|
fileOpStruct.pFrom = actionFolder;
|
||||||
|
fileOpStruct.pTo = NULL;
|
||||||
|
fileOpStruct.wFunc = FO_DELETE;
|
||||||
|
fileOpStruct.fFlags = FOF_NOCONFIRMATION | FOF_SILENT | FOF_ALLOWUNDO;
|
||||||
|
fileOpStruct.fAnyOperationsAborted = false;
|
||||||
|
fileOpStruct.hNameMappings = NULL;
|
||||||
|
fileOpStruct.lpszProgressTitle = NULL;
|
||||||
|
|
||||||
|
int res = SHFileOperation(&fileOpStruct);
|
||||||
|
|
||||||
|
delete[] actionFolder;
|
||||||
|
return (res == 0);
|
||||||
|
}
|
||||||
|
|
|
@ -191,3 +191,8 @@ HWND CreateToolTip(int toolID, HWND hDlg, HINSTANCE hInst, const PTSTR pszText);
|
||||||
|
|
||||||
bool isCertificateValidated(const generic_string & fullFilePath, const generic_string & subjectName2check);
|
bool isCertificateValidated(const generic_string & fullFilePath, const generic_string & subjectName2check);
|
||||||
bool isAssoCommandExisting(LPCTSTR FullPathName);
|
bool isAssoCommandExisting(LPCTSTR FullPathName);
|
||||||
|
|
||||||
|
std::wstring s2ws(const std::string& str);
|
||||||
|
std::string ws2s(const std::wstring& wstr);
|
||||||
|
|
||||||
|
bool deleteFileOrFolder(const generic_string& f2delete);
|
|
@ -58,20 +58,20 @@ INT_PTR CALLBACK MD5FromFilesDlg::run_dlgProc(UINT message, WPARAM wParam, LPARA
|
||||||
if (stringVector *pfns = fDlg.doOpenMultiFilesDlg())
|
if (stringVector *pfns = fDlg.doOpenMultiFilesDlg())
|
||||||
{
|
{
|
||||||
std::wstring files2check, md5resultStr;
|
std::wstring files2check, md5resultStr;
|
||||||
for (auto it = pfns->begin(); it != pfns->end(); ++it)
|
for (const auto& it : *pfns)
|
||||||
{
|
{
|
||||||
WcharMbcsConvertor *wmc = WcharMbcsConvertor::getInstance();
|
WcharMbcsConvertor *wmc = WcharMbcsConvertor::getInstance();
|
||||||
const char *path = wmc->wchar2char(it->c_str(), CP_ACP);
|
const char *path = wmc->wchar2char(it.c_str(), CP_ACP);
|
||||||
|
|
||||||
MD5 md5;
|
MD5 md5;
|
||||||
char *md5Result = md5.digestFile(path);
|
char *md5Result = md5.digestFile(path);
|
||||||
|
|
||||||
if (md5Result)
|
if (md5Result)
|
||||||
{
|
{
|
||||||
files2check += *it;
|
files2check += it;
|
||||||
files2check += TEXT("\r\n");
|
files2check += TEXT("\r\n");
|
||||||
|
|
||||||
wchar_t* fileName = ::PathFindFileName(it->c_str());
|
wchar_t* fileName = ::PathFindFileName(it.c_str());
|
||||||
md5resultStr += wmc->char2wchar(md5Result, CP_ACP);
|
md5resultStr += wmc->char2wchar(md5Result, CP_ACP);
|
||||||
md5resultStr += TEXT(" ");
|
md5resultStr += TEXT(" ");
|
||||||
md5resultStr += fileName;
|
md5resultStr += fileName;
|
||||||
|
|
|
@ -1067,4 +1067,3 @@ BOOL Notepad_plus::notify(SCNotification *notification)
|
||||||
}
|
}
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -511,22 +511,45 @@ bool PluginsAdminDlg::installPlugins()
|
||||||
int result = updater.runSync();
|
int result = updater.runSync();
|
||||||
if (result == 0) // wingup return 0 -> OK
|
if (result == 0) // wingup return 0 -> OK
|
||||||
{
|
{
|
||||||
// Remove (Hide) installed plugin from available list
|
generic_string installedPluginFolder = nppPluginsDir;
|
||||||
_availableList.hideFromPluginInfoPtr(i);
|
PathAppend(installedPluginFolder, i->_folderName);
|
||||||
|
|
||||||
// Add installed plugin into insttalled list
|
generic_string installedPluginPath = installedPluginFolder;
|
||||||
PluginUpdateInfo* installedPui = new PluginUpdateInfo(*i);
|
|
||||||
installedPui->_isVisible = true;
|
|
||||||
_installedList.pushBack(installedPui);
|
|
||||||
|
|
||||||
// Load installed plugin
|
|
||||||
generic_string installedPluginPath = nppPluginsDir;
|
|
||||||
PathAppend(installedPluginPath, i->_folderName);
|
|
||||||
PathAppend(installedPluginPath, i->_folderName + TEXT(".dll"));
|
PathAppend(installedPluginPath, i->_folderName + TEXT(".dll"));
|
||||||
|
|
||||||
vector<generic_string> dll2Remove;
|
// check installed id to prevent from MITMA
|
||||||
int index = _pPluginsManager->loadPlugin(installedPluginPath.c_str(), dll2Remove);
|
MD5 md5;
|
||||||
_pPluginsManager->addInMenuFromPMIndex(index);
|
char *md5Result = md5.digestFile(ws2s(installedPluginPath).c_str());
|
||||||
|
if (ws2s(i->_id) == md5Result)
|
||||||
|
{
|
||||||
|
// Remove (Hide) installed plugin from available list
|
||||||
|
_availableList.hideFromPluginInfoPtr(i);
|
||||||
|
|
||||||
|
// Add installed plugin into insttalled list
|
||||||
|
PluginUpdateInfo* installedPui = new PluginUpdateInfo(*i);
|
||||||
|
installedPui->_isVisible = true;
|
||||||
|
_installedList.pushBack(installedPui);
|
||||||
|
|
||||||
|
// Load installed plugin
|
||||||
|
vector<generic_string> dll2Remove;
|
||||||
|
int index = _pPluginsManager->loadPlugin(installedPluginPath.c_str(), dll2Remove);
|
||||||
|
_pPluginsManager->addInMenuFromPMIndex(index);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
// Remove installed plugin
|
||||||
|
NativeLangSpeaker *pNativeSpeaker = (NppParameters::getInstance())->getNativeLangSpeaker();
|
||||||
|
pNativeSpeaker->messageBox("PluginIdNotMatchedWillBeRemoved",
|
||||||
|
NULL,
|
||||||
|
TEXT("The plugin \"$STR_REPLACE$\" ID is not correct. This plugin will be uninstalled."),
|
||||||
|
TEXT("Plugin ID missmathed"),
|
||||||
|
MB_OK | MB_APPLMODAL,
|
||||||
|
0,
|
||||||
|
i->_displayName.c_str());
|
||||||
|
|
||||||
|
deleteFileOrFolder(installedPluginFolder);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
else // wingup return non-zero (-1) -> Not OK
|
else // wingup return non-zero (-1) -> Not OK
|
||||||
{
|
{
|
||||||
|
@ -689,6 +712,9 @@ bool loadFromJson(PluginViewList & pl, const json& j)
|
||||||
valStr = i.at("description").get<std::string>();
|
valStr = i.at("description").get<std::string>();
|
||||||
pi->_description = wmc->char2wchar(valStr.c_str(), CP_ACP);
|
pi->_description = wmc->char2wchar(valStr.c_str(), CP_ACP);
|
||||||
|
|
||||||
|
valStr = i.at("id").get<std::string>();
|
||||||
|
pi->_id = wmc->char2wchar(valStr.c_str(), CP_ACP);
|
||||||
|
|
||||||
valStr = i.at("version").get<std::string>();
|
valStr = i.at("version").get<std::string>();
|
||||||
generic_string newValStr(valStr.begin(), valStr.end());
|
generic_string newValStr(valStr.begin(), valStr.end());
|
||||||
pi->_version = Version(newValStr);
|
pi->_version = Version(newValStr);
|
||||||
|
|
|
@ -399,8 +399,7 @@ INT_PTR CALLBACK BarsDlg::run_dlgProc(UINT message, WPARAM wParam, LPARAM)
|
||||||
if (pNppParam->getNativeLangA()) // if nativeLangA is not NULL, then we can be sure the default language (English) is not used
|
if (pNppParam->getNativeLangA()) // if nativeLangA is not NULL, then we can be sure the default language (English) is not used
|
||||||
{
|
{
|
||||||
string fn = localizationSwitcher.getFileName();
|
string fn = localizationSwitcher.getFileName();
|
||||||
wstring fnW(fn.begin(), fn.end());
|
wstring fnW = s2ws(fn);
|
||||||
fnW.assign(fn.begin(), fn.end());
|
|
||||||
lang = localizationSwitcher.getLangFromXmlFileName(fnW.c_str());
|
lang = localizationSwitcher.getLangFromXmlFileName(fnW.c_str());
|
||||||
}
|
}
|
||||||
auto index = ::SendDlgItemMessage(_hSelf, IDC_COMBO_LOCALIZATION, CB_FINDSTRINGEXACT, static_cast<WPARAM>(-1), reinterpret_cast<LPARAM>(lang.c_str()));
|
auto index = ::SendDlgItemMessage(_hSelf, IDC_COMBO_LOCALIZATION, CB_FINDSTRINGEXACT, static_cast<WPARAM>(-1), reinterpret_cast<LPARAM>(lang.c_str()));
|
||||||
|
|
Loading…
Reference in New Issue