VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2016-07-26 00:49:19 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2016-07-26 00:53:18 +0200
commita7f1ba05b4917cd22319cba1b5fd0adc3bd69c31 (patch)
treeb0704651b258e1fec6c2ae294650845d9e15186c /src
parent3aaf5c70453d2bc4b2f1efe224e0adf0ff8a0ec2 (diff)
downloadVeraCrypt-a7f1ba05b4917cd22319cba1b5fd0adc3bd69c31.tar.gz
VeraCrypt-a7f1ba05b4917cd22319cba1b5fd0adc3bd69c31.zip
Windows: Enhance protection against dll hijacking attacks following new report by Stefan Kanthak.
Diffstat (limited to 'src')
-rw-r--r--src/Common/Dlgcode.c29
1 files changed, 27 insertions, 2 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index d13a2eff..76e71ac8 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -239,6 +239,18 @@ HMODULE hwinscarddll = NULL;
#define FREE_DLL(h) if (h) { FreeLibrary (h); h = NULL;}
+#ifndef BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE
+#define BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE 0x00000001
+#endif
+
+#ifndef BASE_SEARCH_PATH_PERMANENT
+#define BASE_SEARCH_PATH_PERMANENT 0x00008000
+#endif
+
+typedef BOOL (WINAPI *SetDllDirectoryPtr)(LPCWSTR lpPathName);
+typedef BOOL (WINAPI *SetSearchPathModePtr)(DWORD Flags);
+
+
typedef void (WINAPI *InitCommonControlsPtr)(void);
typedef HIMAGELIST (WINAPI *ImageList_CreatePtr)(int cx, int cy, UINT flags, int cInitial, int cGrow);
typedef int (WINAPI *ImageList_AddPtr)(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask);
@@ -255,6 +267,9 @@ typedef HRESULT (STDAPICALLTYPE *SHStrDupWPtr)(LPCWSTR psz, LPWSTR *ppwsz);
// ChangeWindowMessageFilter
typedef BOOL (WINAPI *ChangeWindowMessageFilterPtr) (UINT, DWORD);
+SetDllDirectoryPtr SetDllDirectoryFn = NULL;
+SetSearchPathModePtr SetSearchPathModeFn = NULL;
+
ImageList_CreatePtr ImageList_CreateFn = NULL;
ImageList_AddPtr ImageList_AddFn = NULL;
@@ -2547,6 +2562,15 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine)
char langId[6];
InitCommonControlsPtr InitCommonControlsFn = NULL;
+ /* remove current directory from dll search path */
+ SetDllDirectoryFn = (SetDllDirectoryPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDllDirectoryW");
+ SetSearchPathModeFn = (SetSearchPathModePtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetSearchPathMode");
+
+ if (SetDllDirectoryFn)
+ SetDllDirectoryFn (L"");
+ if (SetSearchPathModeFn)
+ SetSearchPathModeFn (BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE | BASE_SEARCH_PATH_PERMANENT);
+
InitOSVersionInfo();
VirtualLock (&CmdTokenPin, sizeof (CmdTokenPin));
@@ -2597,9 +2621,10 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine)
if (IsOSAtLeast (WIN_VISTA))
{
- LoadSystemDll (L"spp.dll", &hsppdll, TRUE, SRC_POS);
- LoadSystemDll (L"vssapi.dll", &vssapidll, TRUE, SRC_POS);
+ LoadSystemDll (L"atl.dll", &hsppdll, TRUE, SRC_POS);
LoadSystemDll (L"vsstrace.dll", &hvsstracedll, TRUE, SRC_POS);
+ LoadSystemDll (L"vssapi.dll", &vssapidll, TRUE, SRC_POS);
+ LoadSystemDll (L"spp.dll", &hsppdll, TRUE, SRC_POS);
if (IsOSAtLeast (WIN_7))
{