[wue] add 'Local' to the list of disallowed local account names

* Closes #2493. * Also add 'KRBTGT' as it is mentioned at https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-default-user-accounts#default-local-accounts-in-active-directory along with 'Administrator' and 'Guest' and is probably disallowed too.
2024-09-19 11:08:50 -04:00 · 2024-07-08 13:13:21 +01:00 · 2024-07-08 13:13:21 +01:00 · 6d29120b38
commit 6d29120b38
parent 7c6dbdc1ce
2 changed files with 10 additions and 9 deletions
--- a/src/rufus.rc
+++ b/src/rufus.rc
@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
 IDD_DIALOG DIALOGEX 12, 12, 232, 326
 STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
 EXSTYLE WS_EX_ACCEPTFILES
-CAPTION "Rufus 4.6.2184"
+CAPTION "Rufus 4.6.2185"
 FONT 9, "Segoe UI Symbol", 400, 0, 0x0
 BEGIN
    LTEXT           "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP
@ -397,8 +397,8 @@ END
 //

 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 4,6,2184,0
- PRODUCTVERSION 4,6,2184,0
+ FILEVERSION 4,6,2185,0
+ PRODUCTVERSION 4,6,2185,0
 FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
 FILEFLAGS 0x1L
@ -416,13 +416,13 @@ BEGIN
            VALUE "Comments", "https://rufus.ie"
            VALUE "CompanyName", "Akeo Consulting"
            VALUE "FileDescription", "Rufus"
-            VALUE "FileVersion", "4.6.2184"
+            VALUE "FileVersion", "4.6.2185"
            VALUE "InternalName", "Rufus"
            VALUE "LegalCopyright", "<22> 2011-2024 Pete Batard (GPL v3)"
            VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html"
            VALUE "OriginalFilename", "rufus-4.6.exe"
            VALUE "ProductName", "Rufus"
-            VALUE "ProductVersion", "4.6.2184"
+            VALUE "ProductVersion", "4.6.2185"
        END
    END
    BLOCK "VarFileInfo"
--- a/src/wue.c
+++ b/src/wue.c
@ -60,10 +60,11 @@ extern StrArray modified_files;
 /// <returns>The path of a newly created answer file on success or NULL on error.</returns>
 char* CreateUnattendXml(int arch, int flags)
 {
+	const static char* xml_arch_names[5] = { "x86", "amd64", "arm", "arm64" };
+	const static char* unallowed_account_names[] = { "Administrator", "Guest", "KRBTGT", "Local" };
 	static char path[MAX_PATH];
 	FILE* fd;
 	int i, order;
-	const char* xml_arch_names[5] = { "x86", "amd64", "arm", "arm64" };
 	unattend_xml_flags = flags;
 	if (arch < ARCH_X86_32 || arch > ARCH_ARM_64 || flags == 0) {
 		uprintf("Note: No Windows User Experience options selected");
@ -150,10 +151,10 @@ char* CreateUnattendXml(int arch, int flags)
 				fprintf(fd, "      </OOBE>\n");
 			}
 			if (flags & UNATTEND_SET_USER) {
-				if ((unattend_username[0] == 0) || (stricmp(unattend_username, "Administrator") == 0) ||
-					(stricmp(unattend_username, "Guest") == 0)) {
+				for (i = 0; (i < ARRAYSIZE(unallowed_account_names)) && (stricmp(unattend_username, unallowed_account_names[i]) != 0); i++);
+				if (i < ARRAYSIZE(unallowed_account_names)) {
 					uprintf("WARNING: '%s' is not allowed as local account name - Option ignored", unattend_username);
-				} else {
+				} else if (unattend_username[0] != 0) {
 					uprintf("• Use '%s' for local account name", unattend_username);
 					// If we create a local account in unattend.xml, then we can get Windows 11
 					// 22H2 to skip MSA even if the network is connected during installation.