luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-08-02 07:23:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Recuce DLL hijack risk on Windows

Browse Source 
Don't call LoadLibrary() on shell32.dll or kernel32.dll. kernel32.dll
is always loaded. Shell32.dll is also already loaded as glib links to
functions in it. So just call GetModuleHandle() on them.

For mlang.dll in win_iconv.c and winhttp.dll in gwinhttpvfs.c, always
try loading them from a complete path, from the Windows system
directory.

Use the "tool help" API to enumerate modules in gmodule-win32.c. It is
present in all Windows versions since Windows 2000, which is all we
support anyway. Thus no need to look that API up dynamically. Just
link to it normally. We can bin the fallback code that attempts to use
the psapi API.
This commit is contained in:
Tor Lillqvist
2010-09-02 21:56:02 +03:00
parent 54c51c73c6
commit 6ddef375c8
4 changed files with 33 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
gio/win32/gwinhttpvfs.c
View File

@@ -40,12 +40,23 @@ static GWinHttpDllFuncs funcs;
static void
lookup_funcs (void)
{
HMODULE winhttp;
HMODULE winhttp = NULL;
char winhttp_dll[MAX_PATH + 100];
int n;
if (lookup_done)
return;
winhttp = LoadLibrary ("winhttp.dll");
n = GetSystemDirectory (winhttp_dll, MAX_PATH);
if (n > 0 && n < MAX_PATH)
{
if (winhttp_dll[n-1] != '\\' &&
winhttp_dll[n-1] != '/')
strcat (winhttp_dll, "\\");
strcat (winhttp_dll, "winhttp.dll");
winhttp = LoadLibrary (winhttp_dll);
}
if (winhttp != NULL)
{
funcs.pWinHttpCloseHandle = (BOOL (WINAPI *) (HINTERNET)) GetProcAddress (winhttp, "WinHttpCloseHandle");