From c74dba69fc4118e1d81c2bdcbc6ba52fd5a465d5 Mon Sep 17 00:00:00 2001
From: Gerald Combs <gerald@wireshark.org>
Date: Mon, 25 Jun 2018 17:38:19 -0700
Subject: [PATCH] Windows: Fetch our version using RtlGetVersion.

GetVersionEx is deprecated. Use RtlGetVersion instead. Remove
get_windows_major_version since it's no longer needed.

Change-Id: I02f6458608c2328a96a0ac71c6b1f9187babd049
Reviewed-on: https://code.wireshark.org/review/28443
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
---
 tshark.c                 |   3 +-
 ui/qt/main.cpp           |   3 +-
 wsutil/os_version_info.c | 124 +++++++++++++++++----------------------
 wsutil/os_version_info.h |   7 ---
 4 files changed, 56 insertions(+), 81 deletions(-)

diff --git a/tshark.c b/tshark.c
index 3f20f0129a..8bf07022cd 100644
--- a/tshark.c
+++ b/tshark.c
@@ -104,7 +104,6 @@
 #include "caputils/capture_ifinfo.h"
 #ifdef _WIN32
 #include "caputils/capture-wpcap.h"
-#include <wsutil/os_version_info.h>
 #include <wsutil/unicode-utils.h>
 #endif /* _WIN32 */
 #include <capchild/capture_session.h>
@@ -802,7 +801,7 @@ main(int argc, char *argv[])
   load_wpcap();
 
   /* Warn the user if npf.sys isn't loaded. */
-  if (!npf_sys_is_running() && get_windows_major_version() >= 6) {
+  if (!npf_sys_is_running()) {
     fprintf(stderr, "The NPF driver isn't running.  You may have trouble "
       "capturing or\nlisting interfaces.\n");
   }
diff --git a/ui/qt/main.cpp b/ui/qt/main.cpp
index 178799846c..ccab602e70 100644
--- a/ui/qt/main.cpp
+++ b/ui/qt/main.cpp
@@ -94,7 +94,6 @@
 #  include "caputils/capture_wpcap_packet.h"
 #  include <tchar.h> /* Needed for Unicode */
 #  include <wsutil/file_util.h>
-#  include <wsutil/os_version_info.h>
 #endif /* _WIN32 */
 
 #ifdef HAVE_AIRPCAP
@@ -306,7 +305,7 @@ check_and_warn_user_startup(const QString &cf_name)
 
 #ifdef _WIN32
     /* Warn the user if npf.sys isn't loaded. */
-    if (!get_stdin_capture() && cf_name.isEmpty() && !npf_sys_is_running() && recent.privs_warn_if_no_npf && get_windows_major_version() >= 6) {
+    if (!get_stdin_capture() && cf_name.isEmpty() && !npf_sys_is_running() && recent.privs_warn_if_no_npf) {
         simple_message_box(ESD_TYPE_WARN, &recent.privs_warn_if_no_npf, "%s",
         "The NPF driver isn't running. You may have trouble\n"
         "capturing or listing interfaces.");
diff --git a/wsutil/os_version_info.c b/wsutil/os_version_info.c
index b9aeaf2477..0f8ac7f1e0 100644
--- a/wsutil/os_version_info.c
+++ b/wsutil/os_version_info.c
@@ -179,6 +179,13 @@ get_macos_version_info(GString *str)
 }
 #endif
 
+#ifdef _WIN32
+typedef LONG (WINAPI * RtlGetVersionProc) (OSVERSIONINFOEX *);
+#ifndef STATUS_SUCCESS
+#define STATUS_SUCCESS 0
+#endif
+#endif // _WIN32
+
 /*
  * Get the OS version, and append it to the GString
  */
@@ -186,34 +193,33 @@ void
 get_os_version_info(GString *str)
 {
 #if defined(_WIN32)
-	OSVERSIONINFOEX info;
-	SYSTEM_INFO system_info;
-#elif defined(HAVE_SYS_UTSNAME_H)
-	struct utsname name;
-#endif
 
-#if defined(_WIN32)
+	OSVERSIONINFOEX win_version_info = {0};
+	RtlGetVersionProc RtlGetVersionP = 0;
+	LONG version_status = STATUS_ENTRYPOINT_NOT_FOUND; // Any nonzero value should work.
+
 	/*
-	 * See
-	 *
-	 *	http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sysinfo/base/getting_the_system_version.asp
-	 *
-	 * for more than you ever wanted to know about determining the
-	 * flavor of Windows on which you're running.  Implementing more
-	 * of that is left as an exercise to the reader - who should
-	 * check any copyright information about code samples on MSDN
-	 * before cutting and pasting into Wireshark.
-	 *
-	 * They should also note that you need an OSVERSIONINFOEX structure
-	 * to get some of that information, and that not only is that
-	 * structure not supported on older versions of Windows, you might
-	 * not even be able to compile code that *uses* that structure with
-	 * older versions of the SDK.
+	 * We want the major and minor Windows version along with other
+	 * information. GetVersionEx provides this, but is deprecated.
+	 * We use RtlGetVersion instead, which requires a bit of extra
+	 * effort.
 	 */
 
-	memset(&info, '\0', sizeof info);
-	info.dwOSVersionInfoSize = sizeof info;
-	if (!GetVersionEx((OSVERSIONINFO *)&info)) {
+	HMODULE ntdll_module = LoadLibrary(_T("ntdll.dll"));
+	if (ntdll_module) {
+		RtlGetVersionP = (RtlGetVersionProc) GetProcAddress(ntdll_module, "RtlGetVersion");
+	}
+
+	if (RtlGetVersionP) {
+		win_version_info.dwOSVersionInfoSize = sizeof(win_version_info);
+		version_status = RtlGetVersionP(&win_version_info);
+	}
+
+	if (ntdll_module) {
+		FreeLibrary(ntdll_module);
+	}
+
+	if (version_status != STATUS_SUCCESS) {
 		/*
 		 * XXX - get the failure reason.
 		 */
@@ -221,12 +227,13 @@ get_os_version_info(GString *str)
 		return;
 	}
 
+	SYSTEM_INFO system_info;
 	memset(&system_info, '\0', sizeof system_info);
 	/* Look for and use the GetNativeSystemInfo() function to get the correct processor architecture
 	 * even when running 32-bit Wireshark in WOW64 (x86 emulation on 64-bit Windows) */
 	GetNativeSystemInfo(&system_info);
 
-	switch (info.dwPlatformId) {
+	switch (win_version_info.dwPlatformId) {
 
 	case VER_PLATFORM_WIN32s:
 		/* Shyeah, right. */
@@ -235,11 +242,11 @@ get_os_version_info(GString *str)
 
 	case VER_PLATFORM_WIN32_WINDOWS:
 		/* Windows OT */
-		switch (info.dwMajorVersion) {
+		switch (win_version_info.dwMajorVersion) {
 
 		case 4:
 			/* 3 cheers for Microsoft marketing! */
-			switch (info.dwMinorVersion) {
+			switch (win_version_info.dwMinorVersion) {
 
 			case 0:
 				g_string_append_printf(str, "Windows 95");
@@ -255,31 +262,31 @@ get_os_version_info(GString *str)
 
 			default:
 				g_string_append_printf(str, "Windows OT, unknown version %lu.%lu",
-				    info.dwMajorVersion, info.dwMinorVersion);
+				    win_version_info.dwMajorVersion, win_version_info.dwMinorVersion);
 				break;
 			}
 			break;
 
 		default:
 			g_string_append_printf(str, "Windows OT, unknown version %lu.%lu",
-			    info.dwMajorVersion, info.dwMinorVersion);
+			    win_version_info.dwMajorVersion, win_version_info.dwMinorVersion);
 			break;
 		}
 		break;
 
 	case VER_PLATFORM_WIN32_NT:
 		/* Windows NT */
-		switch (info.dwMajorVersion) {
+		switch (win_version_info.dwMajorVersion) {
 
 		case 3:
 		case 4:
 			g_string_append_printf(str, "Windows NT %lu.%lu",
-			    info.dwMajorVersion, info.dwMinorVersion);
+			    win_version_info.dwMajorVersion, win_version_info.dwMinorVersion);
 			break;
 
 		case 5:
 			/* 3 cheers for Microsoft marketing! */
-			switch (info.dwMinorVersion) {
+			switch (win_version_info.dwMinorVersion) {
 
 			case 0:
 				g_string_append_printf(str, "Windows 2000");
@@ -290,7 +297,7 @@ get_os_version_info(GString *str)
 				break;
 
 			case 2:
-				if ((info.wProductType == VER_NT_WORKSTATION) &&
+				if ((win_version_info.wProductType == VER_NT_WORKSTATION) &&
 				    (system_info.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64)) {
 					g_string_append_printf(str, "Windows XP Professional x64 Edition");
 				} else {
@@ -302,7 +309,7 @@ get_os_version_info(GString *str)
 
 			default:
 				g_string_append_printf(str, "Windows NT, unknown version %lu.%lu",
-						       info.dwMajorVersion, info.dwMinorVersion);
+						       win_version_info.dwMajorVersion, win_version_info.dwMinorVersion);
 				break;
 			}
 			break;
@@ -316,11 +323,11 @@ get_os_version_info(GString *str)
 				g_string_append(str, "32-bit ");
 #ifndef VER_NT_WORKSTATION
 #define VER_NT_WORKSTATION 0x01
-			is_nt_workstation = ((info.wReserved[1] & 0xff) == VER_NT_WORKSTATION);
+			is_nt_workstation = ((win_version_info.wReserved[1] & 0xff) == VER_NT_WORKSTATION);
 #else
-			is_nt_workstation = (info.wProductType == VER_NT_WORKSTATION);
+			is_nt_workstation = (win_version_info.wProductType == VER_NT_WORKSTATION);
 #endif
-			switch (info.dwMinorVersion) {
+			switch (win_version_info.dwMinorVersion) {
 			case 0:
 				g_string_append_printf(str, is_nt_workstation ? "Windows Vista" : "Windows Server 2008");
 				break;
@@ -335,7 +342,7 @@ get_os_version_info(GString *str)
 				break;
 			default:
 				g_string_append_printf(str, "Windows NT, unknown version %lu.%lu",
-						       info.dwMajorVersion, info.dwMinorVersion);
+						       win_version_info.dwMajorVersion, win_version_info.dwMinorVersion);
 				break;
 			}
 			break;
@@ -348,14 +355,14 @@ get_os_version_info(GString *str)
 				g_string_append(str, "64-bit ");
 			else if (system_info.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_INTEL)
 				g_string_append(str, "32-bit ");
-			is_nt_workstation = (info.wProductType == VER_NT_WORKSTATION);
-			switch (info.dwMinorVersion) {
+			is_nt_workstation = (win_version_info.wProductType == VER_NT_WORKSTATION);
+			switch (win_version_info.dwMinorVersion) {
 			case 0:
 				g_string_append_printf(str, is_nt_workstation ? "Windows 10" : "Windows Server 2016");
 				break;
 			default:
 				g_string_append_printf(str, "Windows NT, unknown version %lu.%lu",
-						       info.dwMajorVersion, info.dwMinorVersion);
+						       win_version_info.dwMajorVersion, win_version_info.dwMinorVersion);
 				break;
 			}
 			break;
@@ -363,20 +370,21 @@ get_os_version_info(GString *str)
 
 		default:
 			g_string_append_printf(str, "Windows NT, unknown version %lu.%lu",
-			    info.dwMajorVersion, info.dwMinorVersion);
+			    win_version_info.dwMajorVersion, win_version_info.dwMinorVersion);
 			break;
 		} /* info.dwMajorVersion */
 		break;
 
 	default:
 		g_string_append_printf(str, "Unknown Windows platform %lu version %lu.%lu",
-		    info.dwPlatformId, info.dwMajorVersion, info.dwMinorVersion);
+		    win_version_info.dwPlatformId, win_version_info.dwMajorVersion, win_version_info.dwMinorVersion);
 		break;
 	}
-	if (info.szCSDVersion[0] != '\0')
-		g_string_append_printf(str, " %s", utf_16to8(info.szCSDVersion));
-	g_string_append_printf(str, ", build %lu", info.dwBuildNumber);
+	if (win_version_info.szCSDVersion[0] != '\0')
+		g_string_append_printf(str, " %s", utf_16to8(win_version_info.szCSDVersion));
+	g_string_append_printf(str, ", build %lu", win_version_info.dwBuildNumber);
 #elif defined(HAVE_SYS_UTSNAME_H)
+	struct utsname name;
 	/*
 	 * We have <sys/utsname.h>, so we assume we have "uname()".
 	 */
@@ -495,30 +503,6 @@ get_os_version_info(GString *str)
 #endif
 }
 
-#if defined(_WIN32)
-/*
- * Get the Windows major OS version.
- *
- * XXX - Should this return the minor version as well, e.g. 0x00050002?
- *
- * XXX - I think Microsoft have now stuck it at 6 forever, so it really
- * distinguishes, on the versions of Windows we currently support and
- * future Windows versions between Windows 2000/XP (major version 5) and
- * everything after it (major version 6).
- */
-guint32
-get_windows_major_version(void)
-{
-	OSVERSIONINFO info;
-
-	info.dwOSVersionInfoSize = sizeof info;
-	if (GetVersionEx(&info)) {
-		return info.dwMajorVersion;
-	}
-	return 0;
-}
-#endif
-
 /*
  * Editor modelines  -  http://www.wireshark.org/tools/modelines.html
  *
diff --git a/wsutil/os_version_info.h b/wsutil/os_version_info.h
index c9e14c337e..a56c132e4f 100644
--- a/wsutil/os_version_info.h
+++ b/wsutil/os_version_info.h
@@ -22,13 +22,6 @@ extern "C" {
  */
 WS_DLL_PUBLIC void get_os_version_info(GString *str);
 
-#ifdef _WIN32
-/*
- * Get the Windows major OS version.
- */
-WS_DLL_PUBLIC guint32 get_windows_major_version(void);
-#endif
-
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */