Include throughout files using LoadLibrary function.
* cygcheck.cc (dump_sysinfo): Retrieve kernel32.dll handle via
GetModuleHandle, rather than using LoadLibrary.
* cygpath.cc (get_long_name): Ditto.
(do_sysfolders): Append .dll suffix in LoadLibrary call.
* ldh.cc (WinMain): Use LoadLibraryExW with DONT_RESOLVE_DLL_REFERENCES
to avoid loading malicious library code.
* locale.cc (print_locale_with_codeset): Change way to retrieve
kernel32.dll path.
+2010-08-28 Corinna Vinschen <corinna@vinschen.de>
+
+ * loadlib.h: New header implementing safe LoadLibrary calls.
+ Include throughout files using LoadLibrary function.
+ * cygcheck.cc (dump_sysinfo): Retrieve kernel32.dll handle via
+ GetModuleHandle, rather than using LoadLibrary.
+ * cygpath.cc (get_long_name): Ditto.
+ (do_sysfolders): Append .dll suffix in LoadLibrary call.
+ * ldh.cc (WinMain): Use LoadLibraryExW with DONT_RESOLVE_DLL_REFERENCES
+ to avoid loading malicious library code.
+ * locale.cc (print_locale_with_codeset): Change way to retrieve
+ kernel32.dll path.
+
2010-08-26 Corinna Vinschen <corinna@vinschen.de>
* cygpath.cc (get_device_name): Prefer the \\.\X: DOS device for
/* cygcheck.cc
Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- 2006, 2007, 2008, 2009 Red Hat, Inc.
+ 2006, 2007, 2008, 2009, 2010 Red Hat, Inc.
This file is part of Cygwin.
#include "cygwin/include/mntent.h"
#include "cygwin/cygprops.h"
#undef cygwin_internal
+#include "loadlib.h"
#define alloca __builtin_alloca
display_error ("dump_sysinfo: GetVersionEx()");
}
- HMODULE k32 = LoadLibrary ("kernel32.dll");
+ HMODULE k32 = GetModuleHandleW (L"kernel32.dll");
switch (osversion.dwPlatformId)
{
name);
}
- if (!FreeLibrary (k32))
- display_error ("dump_sysinfo: FreeLibrary()");
SetErrorMode (prev_mode);
if (givehelp)
{
#include <ddk/winddk.h>
#include <ddk/ntifs.h>
#include "wide_path.h"
+#include "loadlib.h"
static const char version[] = "$Revision$";
{
char *sbuf;
wchar_t buf[32768];
- static HINSTANCE k32 = LoadLibrary ("kernel32.dll");
+ static HINSTANCE k32 = GetModuleHandleW (L"kernel32.dll");
static DWORD (WINAPI *GetLongPathName) (LPCWSTR, LPWSTR, DWORD) =
(DWORD (WINAPI *) (LPCWSTR, LPWSTR, DWORD)) GetProcAddress (k32, "GetLongPathNameW");
if (!GetLongPathName)
break;
case 'H':
- k32 = LoadLibrary ("userenv");
+ k32 = LoadLibrary ("userenv.dll");
if (k32)
GetProfilesDirectoryAPtrW = (BOOL (*) (LPWSTR, LPDWORD))
GetProcAddress (k32, "GetProfilesDirectoryW");
cmd += 4;
break;
}
- if (!*cmd || !LoadLibraryW (cmd))
+ if (!*cmd || !LoadLibraryExW (cmd, NULL, DONT_RESOLVE_DLL_REFERENCES))
ExitProcess (0x0100);
ExitProcess (0x0000);
}
--- /dev/null
+/* loadlib.h
+
+ Copyright 2010 Red Hat, Inc.
+
+ This file is part of Cygwin.
+
+ This software is a copyrighted work licensed under the terms of the
+ Cygwin license. Please consult the file "CYGWIN_LICENSE" for
+ details. */
+
+#ifndef _LOADLIB_H
+#define _LOADLIB_H
+
+#include <windows.h>
+#include <wchar.h>
+
+/* Load all system libs from the windows system directory by prepending the
+ full path. This doesn't work for loadling cygwin1.dll. For this case,
+ instead of prepending the path, make sure that the CWD is removed from
+ the DLL search path, if possible (XP SP1++, Vista++). */
+static HMODULE
+_load_sys_library (const wchar_t *dll)
+{
+ static BOOL (*set_dll_directory)(LPCWSTR);
+ static WCHAR sysdir[MAX_PATH];
+ static UINT sysdir_len;
+
+ WCHAR dllpath[MAX_PATH];
+
+ if (!sysdir_len)
+ {
+ sysdir_len = GetSystemDirectoryW (sysdir, MAX_PATH);
+ sysdir[sysdir_len++] = L'\\';
+ sysdir[sysdir_len] = L'\0';
+ }
+ if (!set_dll_directory)
+ {
+ HMODULE k32 = GetModuleHandleW (L"kernel32.dll");
+ if (k32)
+ set_dll_directory = (BOOL (*)(LPCWSTR))
+ GetProcAddress (k32, "SetDllDirectoryW");
+ if (!set_dll_directory)
+ set_dll_directory = (BOOL (*)(LPCWSTR)) -1;
+ else
+ set_dll_directory (L"");
+ }
+
+ if (wcscmp (dll, L"cygwin1.dll") == 0)
+ return LoadLibraryExW (L"cygwin1.dll", NULL, LOAD_WITH_ALTERED_SEARCH_PATH);
+
+ wcscpy (dllpath, sysdir);
+ wcscpy (dllpath + sysdir_len, dll);
+ return LoadLibraryExW (dllpath, NULL, LOAD_WITH_ALTERED_SEARCH_PATH);
+}
+
+#define LoadLibraryW(d) _load_sys_library(d)
+#define LoadLibraryA(d) _load_sys_library(L##d)
+
+#endif /* _LOADLIB_H */
if (!sysroot)
{
char sysbuf[PATH_MAX];
- stpcpy (stpcpy (sysbuf, getenv ("SYSTEMROOT")),
- "\\system32\\kernel32.dll");
- sysroot = (const char *) cygwin_create_path (CCP_WIN_A_TO_POSIX, sysbuf);
+ HMODULE k32 = GetModuleHandleW (L"kernel32.dll");
+ if (GetModuleFileName (k32, sysbuf, PATH_MAX))
+ sysroot = (const char *) cygwin_create_path (CCP_WIN_A_TO_POSIX,
+ sysbuf);
if (!sysroot)
sysroot = "kernel32.dll";
}
/* mkgroup.c:
Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
- 2007, 2008, 2009 Red Hat, Inc.
+ 2007, 2008, 2009, 2010 Red Hat, Inc.
This file is part of Cygwin.
#include <ntsecapi.h>
#include <dsgetdc.h>
#include <ntdef.h>
+#include "loadlib.h"
#define print_win_error(x) _print_win_error(x, __LINE__)
/* mkpasswd.c:
Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2005, 2006,
- 2008, 2009 Red Hat, Inc.
+ 2008, 2009, 2010 Red Hat, Inc.
This file is part of Cygwin.
#include <ntsecapi.h>
#include <dsgetdc.h>
#include <ntdef.h>
+#include "loadlib.h"
#define print_win_error(x) _print_win_error(x, __LINE__)
/* module_info.cc
- Copyright 1999,2000,2001 Red Hat, Inc.
+ Copyright 1999,2000,2001,2010 Red Hat, Inc.
Written by Egor Duda <deo@logos-m.ru>
#include <stdlib.h>
#include <windows.h>
#include <psapi.h>
+#include "loadlib.h"
static int psapi_loaded = 0;
static HMODULE psapi_module_handle = NULL;
#ifdef FSTAB_ONLY
#include <sys/cygwin.h>
#endif
+#include "loadlib.h"
#ifndef FSTAB_ONLY
/* Used when treating / and \ as equivalent. */
/* ps.cc
Copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
- 2008, 2009 Red Hat, Inc.
+ 2008, 2009, 2010 Red Hat, Inc.
This file is part of Cygwin.
#include <psapi.h>
#include <ddk/ntapi.h>
#include <ddk/winddk.h>
+#include "loadlib.h"
/* Maximum possible path length under NT. There's no official define
for that value. Note that PATH_MAX is only 4K. */
/* regtool.cc
Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
- 2009 Red Hat Inc.
+ 2009, 2010 Red Hat Inc.
This file is part of Cygwin.
#define WINVER 0x0502
#include <windows.h>
#include <sys/cygwin.h>
+#include "loadlib.h"
#define DEFAULT_KEY_SEPARATOR '\\'
#include "cygwin/include/sys/cygwin.h"
#include "path.h"
#undef cygwin_internal
+#include "loadlib.h"
/* we *know* we're being built with GCC */
#define alloca __builtin_alloca
OSDN Git Service
