From 5872be28a243acb3b5aafdf13248e07d30471893 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sat, 2 Jan 2016 17:54:55 +0100
Subject: Windows: Fix Dll hijacking vulnerability affecting installer that
 allows arbitrary code execution with elevation of privilege (CVE-2016-1281)

---
 src/Setup/Setup.vcproj | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'src/Setup/Setup.vcproj')

diff --git a/src/Setup/Setup.vcproj b/src/Setup/Setup.vcproj
index 8e70aa6e..b27b6963 100644
--- a/src/Setup/Setup.vcproj
+++ b/src/Setup/Setup.vcproj
@@ -43,7 +43,7 @@
 				Name="VCCLCompilerTool"
 				Optimization="0"
 				AdditionalIncludeDirectories="..\Common;..\Crypto;..\;..\PKCS11"
-				PreprocessorDefinitions="SETUP;WIN32;DEBUG;_DEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;_CRT_NON_CONFORMING_SWPRINTFS"
+				PreprocessorDefinitions="SETUP;WIN32;DEBUG;_DEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;_CRT_NON_CONFORMING_SWPRINTFS;_ATL_NO_DEFAULT_LIBS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"
 				RuntimeLibrary="1"
@@ -65,7 +65,7 @@
 			<Tool
 				Name="VCLinkerTool"
 				AdditionalOptions="/NODEFAULTLIB:LIBCMTD"
-				AdditionalDependencies="libcmtd.lib comctl32.lib setupapi.lib"
+				AdditionalDependencies="libcmtd.lib"
 				OutputFile="$(OutDir)/VeraCryptSetup.exe"
 				LinkIncremental="2"
 				GenerateManifest="false"
@@ -130,7 +130,7 @@
 				AdditionalOptions="/w34189"
 				Optimization="2"
 				AdditionalIncludeDirectories="..\Common;..\Crypto;..\;..\PKCS11"
-				PreprocessorDefinitions="SETUP;WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;_CRT_NON_CONFORMING_SWPRINTFS"
+				PreprocessorDefinitions="SETUP;WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;_CRT_NON_CONFORMING_SWPRINTFS;_ATL_NO_DEFAULT_LIBS"
 				RuntimeLibrary="0"
 				BufferSecurityCheck="true"
 				UsePrecompiledHeader="0"
@@ -152,7 +152,6 @@
 			<Tool
 				Name="VCLinkerTool"
 				AdditionalOptions="/IGNORE:4089"
-				AdditionalDependencies="comctl32.lib setupapi.lib"
 				OutputFile="$(OutDir)/VeraCryptSetup.exe"
 				LinkIncremental="1"
 				GenerateManifest="false"
-- 
cgit v1.2.3