summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJames Ross-Gowan <rossymiles@gmail.com>2014-01-07 23:26:26 +1100
committerwm4 <wm4@nowhere>2014-01-31 19:07:09 +0100
commit808aa08cc0b68ec2640f7b3be6759c803f5cdb34 (patch)
treef11960b1701eea48514d5c177229c78b53e6d60e
parent2065e0ba3635afe575977c02c1efbbd62e9891bc (diff)
downloadmpv-808aa08cc0b68ec2640f7b3be6759c803f5cdb34.tar.bz2
mpv-808aa08cc0b68ec2640f7b3be6759c803f5cdb34.tar.xz
w32: use safe DLL search paths everywhere
Windows applications that use LoadLibrary are vulnerable to DLL preloading attacks if a malicious DLL with the same name as a system DLL is placed in the current directory. mpv had some code to avoid this in ao_wasapi.c. This commit just moves it to main.c, since there's no reason it can't be used process-wide. This change can affect how plugins are loaded in AviSynth, but it shouldn't be a problem since MPC-HC also does this and it's a very popular AviSynth client.
-rw-r--r--audio/out/ao_wasapi.c17
-rw-r--r--player/main.c21
2 files changed, 21 insertions, 17 deletions
diff --git a/audio/out/ao_wasapi.c b/audio/out/ao_wasapi.c
index 3d0d1ddf3d..7729eb2bda 100644
--- a/audio/out/ao_wasapi.c
+++ b/audio/out/ao_wasapi.c
@@ -36,10 +36,6 @@
#include "misc/ring.h"
#include "ao.h"
-#ifndef BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE
-#define BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE 0x00000001
-#endif
-
#ifndef PKEY_Device_FriendlyName
DEFINE_PROPERTYKEY(PKEY_Device_FriendlyName,
0xa45c254e, 0xdf1c, 0x4efd, 0x80, 0x20,
@@ -136,17 +132,6 @@ static int fill_VistaBlob(wasapi_state *state)
{
if (!state)
return 1;
- HMODULE hkernel32 = GetModuleHandleW(L"kernel32.dll");
- if (!hkernel32)
- return 1;
- WINBOOL (WINAPI *pSetDllDirectory)(LPCWSTR lpPathName) =
- (WINBOOL (WINAPI *)(LPCWSTR))GetProcAddress(hkernel32, "SetDllDirectoryW");
- WINBOOL (WINAPI *pSetSearchPathMode)(DWORD Flags) =
- (WINBOOL (WINAPI *)(DWORD))GetProcAddress(hkernel32, "SetSearchPathMode");
- if (pSetSearchPathMode)
- pSetDllDirectory(L""); /* Attempt to use safe search paths */
- if (pSetSearchPathMode)
- pSetSearchPathMode(BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE);
state->VistaBlob.hAvrt = LoadLibraryW(L"avrt.dll");
if (!state->VistaBlob.hAvrt)
goto exit_label;
@@ -160,8 +145,6 @@ static int fill_VistaBlob(wasapi_state *state)
exit_label:
if (state->VistaBlob.hAvrt)
FreeLibrary(state->VistaBlob.hAvrt);
- if (pSetSearchPathMode)
- pSetDllDirectory(NULL);
return 1;
}
diff --git a/player/main.c b/player/main.c
index 2c93a67ca6..4c27ec3e19 100644
--- a/player/main.c
+++ b/player/main.c
@@ -78,6 +78,14 @@
#if defined(__MINGW32__) || defined(__CYGWIN__)
#include <windows.h>
+
+#ifndef BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE
+#define BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE (0x0001)
+#endif
+
+#ifndef BASE_SEARCH_PATH_PERMANENT
+#define BASE_SEARCH_PATH_PERMANENT (0x8000)
+#endif
#endif
const char mp_help_text[] =
@@ -264,6 +272,19 @@ static void osdep_preinit(int *p_argc, char ***p_argv)
// Enable heap corruption detection
HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0);
+
+ HMODULE kernel32 = GetModuleHandleW(L"kernel32.dll");
+ WINBOOL (WINAPI *pSetDllDirectory)(LPCWSTR lpPathName) =
+ (WINBOOL (WINAPI *)(LPCWSTR))GetProcAddress(kernel32, "SetDllDirectoryW");
+ WINBOOL (WINAPI *pSetSearchPathMode)(DWORD Flags) =
+ (WINBOOL (WINAPI *)(DWORD))GetProcAddress(kernel32, "SetSearchPathMode");
+
+ // Always use safe search paths for DLLs and other files, ie. never use the
+ // current directory
+ if (pSetSearchPathMode)
+ pSetDllDirectory(L"");
+ if (pSetSearchPathMode)
+ pSetSearchPathMode(BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE);
#endif
terminal_init();