VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/Random.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-07-09 00:20:39 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-11-08 22:20:35 (GMT)
commitf67748ae8e3ebefc1361d6e8a7f8e5020ff68517 (patch)
tree7598dd5467ab2913b4517745188e5b87f1859078 /src/Common/Random.c
parentd6817f941a1218aa1564da158f87ac7ec4434396 (diff)
downloadVeraCrypt-f67748ae8e3ebefc1361d6e8a7f8e5020ff68517.zip
VeraCrypt-f67748ae8e3ebefc1361d6e8a7f8e5020ff68517.tar.gz
Static Code Analysis : fix non-absolute DLL/process loads that can be hijacked (Microsoft Security Advisory 2269637).
Diffstat (limited to 'src/Common/Random.c')
-rw-r--r--src/Common/Random.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/src/Common/Random.c b/src/Common/Random.c
index ceb14e3..c897e3b 100644
--- a/src/Common/Random.c
+++ b/src/Common/Random.c
@@ -573,7 +573,15 @@ BOOL SlowPoll (void)
{
/* Obtain a handle to the module containing the Lan Manager
functions */
- hNetAPI32 = LoadLibrary ("NETAPI32.DLL");
+ char dllPath[MAX_PATH];
+ if (GetSystemDirectory (dllPath, MAX_PATH))
+ {
+ strcat(dllPath, "\\NETAPI32.DLL");
+ }
+ else
+ strcpy(dllPath, "C:\\Windows\\System32\\NETAPI32.DLL");
+
+ hNetAPI32 = LoadLibrary (dllPath);
if (hNetAPI32 != NULL)
{
/* Now get pointers to the functions */