diff options
author | James Ross-Gowan <rossymiles@gmail.com> | 2014-01-07 23:26:26 +1100 |
---|---|---|
committer | wm4 <wm4@nowhere> | 2014-01-31 19:07:09 +0100 |
commit | 808aa08cc0b68ec2640f7b3be6759c803f5cdb34 (patch) | |
tree | f11960b1701eea48514d5c177229c78b53e6d60e /player/main.c | |
parent | 2065e0ba3635afe575977c02c1efbbd62e9891bc (diff) | |
download | mpv-808aa08cc0b68ec2640f7b3be6759c803f5cdb34.tar.bz2 mpv-808aa08cc0b68ec2640f7b3be6759c803f5cdb34.tar.xz |
w32: use safe DLL search paths everywhere
Windows applications that use LoadLibrary are vulnerable to DLL
preloading attacks if a malicious DLL with the same name as a system DLL
is placed in the current directory. mpv had some code to avoid this in
ao_wasapi.c. This commit just moves it to main.c, since there's no
reason it can't be used process-wide.
This change can affect how plugins are loaded in AviSynth, but it
shouldn't be a problem since MPC-HC also does this and it's a very
popular AviSynth client.
Diffstat (limited to 'player/main.c')
-rw-r--r-- | player/main.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/player/main.c b/player/main.c index 2c93a67ca6..4c27ec3e19 100644 --- a/player/main.c +++ b/player/main.c @@ -78,6 +78,14 @@ #if defined(__MINGW32__) || defined(__CYGWIN__) #include <windows.h> + +#ifndef BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE +#define BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE (0x0001) +#endif + +#ifndef BASE_SEARCH_PATH_PERMANENT +#define BASE_SEARCH_PATH_PERMANENT (0x8000) +#endif #endif const char mp_help_text[] = @@ -264,6 +272,19 @@ static void osdep_preinit(int *p_argc, char ***p_argv) // Enable heap corruption detection HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0); + + HMODULE kernel32 = GetModuleHandleW(L"kernel32.dll"); + WINBOOL (WINAPI *pSetDllDirectory)(LPCWSTR lpPathName) = + (WINBOOL (WINAPI *)(LPCWSTR))GetProcAddress(kernel32, "SetDllDirectoryW"); + WINBOOL (WINAPI *pSetSearchPathMode)(DWORD Flags) = + (WINBOOL (WINAPI *)(DWORD))GetProcAddress(kernel32, "SetSearchPathMode"); + + // Always use safe search paths for DLLs and other files, ie. never use the + // current directory + if (pSetSearchPathMode) + pSetDllDirectory(L""); + if (pSetSearchPathMode) + pSetSearchPathMode(BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE); #endif terminal_init(); |