Browse Source

Scans now actually prevent running of code

pull/72/head
Anairkoen Schno 3 years ago
parent
commit
4a91c24189
Signed by: DaNike GPG Key ID: BEFB74D5F3FC4387
3 changed files with 30 additions and 6 deletions
  1. +16
    -1
      IPA.Injector/Updates.cs
  2. +2
    -2
      IPA.Loader/Config/SelfConfig.cs
  3. +12
    -3
      IPA.Loader/Loader/PluginLoader.cs

+ 16
- 1
IPA.Injector/Updates.cs View File

@ -1,4 +1,7 @@
using IPA.Utilities;
#nullable enable
using IPA.AntiMalware;
using IPA.Config;
using IPA.Utilities;
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Diagnostics; using System.Diagnostics;
@ -31,6 +34,18 @@ namespace IPA.Injector
var path = Path.Combine(UnityGame.InstallPath, "IPA.exe"); var path = Path.Combine(UnityGame.InstallPath, "IPA.exe");
if (!File.Exists(path)) return; if (!File.Exists(path)) return;
var scanResult = AntiMalwareEngine.Engine.ScanFile(new FileInfo(path));
if (scanResult == ScanResult.Detected)
{
updater.Error("Scan of BSIPA installer found malware; not updating");
return;
}
if (!SelfConfig.AntiMalware_.RunPartialThreatCode_ && scanResult is not ScanResult.KnownSafe and not ScanResult.NotDetected)
{
updater.Error("Scan of BSIPA installer returned partial threat; not updating. To allow this, enable AntiMalware.RunPartialThreatCode in the config.");
return;
}
var ipaVersion = new Version(FileVersionInfo.GetVersionInfo(path).FileVersion); var ipaVersion = new Version(FileVersionInfo.GetVersionInfo(path).FileVersion);
var selfVersion = Assembly.GetExecutingAssembly().GetName().Version; var selfVersion = Assembly.GetExecutingAssembly().GetName().Version;


+ 2
- 2
IPA.Loader/Config/SelfConfig.cs View File

@ -160,9 +160,9 @@ namespace IPA.Config
// LINE: ignore // LINE: ignore
public static bool UseIfAvailable_ => Instance?.AntiMalware?.UseIfAvailable ?? true; public static bool UseIfAvailable_ => Instance?.AntiMalware?.UseIfAvailable ?? true;
public virtual bool LoadPartialThreatPlugins { get; set; } = false;
public virtual bool RunPartialThreatCode { get; set; } = false;
// LINE: ignore // LINE: ignore
public static bool LoadPartialThreatPlugins_ => Instance?.AntiMalware?.LoadPartialThreatPlugins ?? true;
public static bool RunPartialThreatCode_ => Instance?.AntiMalware?.RunPartialThreatCode ?? true;
} }
// LINE: ignore // LINE: ignore


+ 12
- 3
IPA.Loader/Loader/PluginLoader.cs View File

@ -142,10 +142,19 @@ namespace IPA.Loader
try try
{ {
Logger.loader.Debug($"Scanning {plugin}");
AntiMalwareEngine.Engine.ScanFile(new FileInfo(plugin));
var scanResult = AntiMalwareEngine.Engine.ScanFile(metadata.File);
if (scanResult is ScanResult.Detected)
{
Logger.loader.Warn($"Scan of {plugin} found malware; not loading");
continue;
}
if (!SelfConfig.AntiMalware_.RunPartialThreatCode_ && scanResult is not ScanResult.KnownSafe and not ScanResult.NotDetected)
{
Logger.loader.Warn($"Scan of {plugin} found partial threat; not loading. To load this, set AntiMalware.RunPartialThreatCode in the config.");
continue;
}
var pluginModule = AssemblyDefinition.ReadAssembly(plugin, new ReaderParameters
var pluginModule = AssemblyDefinition.ReadAssembly(metadata.File.FullName, new ReaderParameters
{ {
ReadingMode = ReadingMode.Immediate, ReadingMode = ReadingMode.Immediate,
ReadWrite = false, ReadWrite = false,


Loading…
Cancel
Save