[x-issue] Potential EoP in Windows clipboard libraries (MS15-097)

dacap / clip

Cross-platform C++ library to copy/paste clipboard content

MIT License

622 stars 89 forks source link

[x-issue] Potential EoP in Windows clipboard libraries (MS15-097) #71

Closed oberrich closed 6 months ago

oberrich commented 6 months ago

See Potential EoP in Windows clipboard libraries (MS15-097) for discussion.

oberrich commented 6 months ago

Proposed fix: Implement AnonymousImpersonator scope-guard and instantiate on line 76: https://github.com/dacap/clip/blob/42e0d7c288f05f872095f0026fd8218216250155/clip_win.cpp#L74-L77

dacap commented 6 months ago

Thanks for the report @oberrich, I'll try to push a fix ASAP. It looks like an issue only if the running process has elevated privilegies and it creates or loads a third-party child process/library, in that case that process/library could get the elevated token.

oberrich commented 6 months ago

@dacap I have created a PR to implement a C++11 version of the Chromium implementation. Instead of deleting copy operators explicitly, I've made must_revert const, which implicitly deletes the copy constructor in 11.