From f67748ae8e3ebefc1361d6e8a7f8e5020ff68517 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Wed, 9 Jul 2014 02:20:39 +0200 Subject: Static Code Analysis : fix non-absolute DLL/process loads that can be hijacked (Microsoft Security Advisory 2269637). --- src/Common/Format.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'src/Common/Format.c') diff --git a/src/Common/Format.c b/src/Common/Format.c index 49365a1b..25f20acd 100644 --- a/src/Common/Format.c +++ b/src/Common/Format.c @@ -795,10 +795,20 @@ BOOLEAN __stdcall FormatExCallback (int command, DWORD subCommand, PVOID paramet BOOL FormatNtfs (int driveNo, int clusterSize) { + char dllPath[MAX_PATH] = {0}; WCHAR dir[8] = { (WCHAR) driveNo + 'A', 0 }; PFORMATEX FormatEx; - HMODULE hModule = LoadLibrary ("fmifs.dll"); + HMODULE hModule; int i; + + if (GetSystemDirectory (dllPath, MAX_PATH)) + { + strcat(dllPath, "\\fmifs.dll"); + } + else + strcpy(dllPath, "C:\\Windows\\System32\\fmifs.dll"); + + hModule = LoadLibrary (dllPath); if (hModule == NULL) return FALSE; -- cgit v1.2.3