[setup - the official Cygwin setup program] branch master, updated. release_2.929-5-g01221548
Jon Turney
jturney@sourceware.org
Wed Feb 7 17:00:57 GMT 2024
https://sourceware.org/git/gitweb.cgi?p=cygwin-apps/setup.git;h=0122154811bacdd7dc042cff0c80bb0a36af360c
commit 0122154811bacdd7dc042cff0c80bb0a36af360c
Author: Jon Turney <jon.turney@dronecode.org.uk>
Date: Tue Feb 6 20:03:31 2024 +0000
Dynamically load SetDefaultDllDirectories()
Also call SetDllDirectory() for the limited protection it provides on
earlier (<6.0) Windows versions.
https://sourceware.org/git/gitweb.cgi?p=cygwin-apps/setup.git;h=2dcf8413c282e864a86e01ad8fc4387549bc751e
commit 2dcf8413c282e864a86e01ad8fc4387549bc751e
Author: Jon Turney <jon.turney@dronecode.org.uk>
Date: Mon Feb 5 21:44:31 2024 +0000
Delay-load wininet
Since it's the only thing we link with which is not in KnownDLLs, to
avoid DLL hijacking, wrap wininet in a delay-loading stub lib.
Diff:
---
Makefile.am | 19 ++++++++++++++++++-
main.cc | 11 ++++++++++-
2 files changed, 28 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index b459d16f..03672ff5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -87,6 +87,23 @@ inilint_SOURCES = \
win32.cc \
win32.h
+# Do not link directly with wininet, as it's vulnerable to sideloading/dll
+# hijacking. Instead we make and link with a delay-loading stub lib, so it's
+# actually loaded after we've had a chance to call SetDefaultDllDirectories().
+#
+# (The voodoo here is to grovel over the libwininet.a we would link with to
+# generate the .def file, rather than having to keep our own copy around)
+wininet-delaylib.a:
+ $(AM_V_at)IMPLIB=$(shell $(CC) -print-file-name=libwininet.a) && \
+ echo "LIBRARY" $$($(DLLTOOL) --identify $$IMPLIB) >wininet.def && \
+ echo "EXPORTS" >> wininet.def && \
+ $(NM) -g --defined-only $$IMPLIB | grep ' T ' | cut -d' ' -f3 >>wininet.def
+ $(AM_V_GEN)$(DLLTOOL) --no-leading-underscore --input-def wininet.def --output-delaylib $@
+
+CLEANFILES += wininet-delaylib.a
+
+EXTRA_@SETUP@_DEPENDENCIES=wininet-delaylib.a
+
@SETUP@_LDADD = \
libgetopt++/libgetopt++.la \
$(LIBGCRYPT_LIBS) \
@@ -96,7 +113,7 @@ inilint_SOURCES = \
$(ZLIB_LIBS) \
$(LIBSOLV_LIBS) -lregex \
-lmingwex \
- -lshlwapi -lcomctl32 -lole32 -lpsapi -luuid -lntdll -lwininet -lws2_32 \
+ -lshlwapi -lcomctl32 -lole32 -lpsapi -luuid -lntdll wininet-delaylib.a -lws2_32 \
-lmingw32 -lssp
@SETUP@_LDFLAGS = -mwindows -Wc,-static -static-libtool-libs
@SETUP@_SOURCES = \
diff --git a/main.cc b/main.cc
index b570c6cb..cf9e3234 100644
--- a/main.cc
+++ b/main.cc
@@ -228,7 +228,16 @@ WinMain (HINSTANCE h,
hinstance = h;
// Make sure Windows DLLs only delay-load further DLLs from System32
- SetDefaultDllDirectories (LOAD_LIBRARY_SEARCH_SYSTEM32);
+ typedef BOOL (WINAPI *PFNSETDEFAULTDLLDIRECTORIES)(DWORD);
+ PFNSETDEFAULTDLLDIRECTORIES pfnSetDefaultDllDirectories = 0;
+ pfnSetDefaultDllDirectories = (PFNSETDEFAULTDLLDIRECTORIES)GetProcAddress(GetModuleHandle("kernel32.dll"), "SetDefaultDllDirectories");
+ if (pfnSetDefaultDllDirectories)
+ pfnSetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_SYSTEM32);
+
+ // If we can't do that to remove the application directory from the search
+ // path, at least remove the current directory from the default DLL search
+ // order.
+ SetDllDirectory("");
// Make sure the C runtime functions use the same codepage as the GUI
char locale[12];
More information about the Cygwin-apps-cvs
mailing list