nerd/rufus
1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Code Issues 1 Projects Releases Wiki Activity

[misc] switch to using LoadLibraryEx everywhere

Browse source 
* This allows us to further mitigate DLL side loading by enforcing
  LOAD_LIBRARY_SEARCH_SYSTEM32 / LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR.
This commit is contained in:
Pete Batard 2021-04-09 11:31:52 +01:00
parent c9e71de898
commit 2a3e82fa96
No known key found for this signature in database
GPG key ID: 38E0CF5E69EDD671
8 changed files with 25 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
res/appstore/Package.appxmanifest
View file

@ -11,7 +11,7 @@
<Identity <Identity
Name="19453.net.Rufus" Name="19453.net.Rufus"
Publisher="CN=7AC86D13-3E5A-491A-ADD5-80095C212740" Publisher="CN=7AC86D13-3E5A-491A-ADD5-80095C212740"
Version="3.14.1768.0" /> Version="3.14.1769.0" />
<Properties> <Properties>
<DisplayName>Rufus</DisplayName> <DisplayName>Rufus</DisplayName>

2
src/dos.c
View file

@ -311,7 +311,7 @@ static BOOL ExtractMSDOS(const char* path)
goto out; goto out;
} }
static_strcat(dllname, "\\diskcopy.dll"); static_strcat(dllname, "\\diskcopy.dll");
hDLL = LoadLibraryA(dllname); hDLL = LoadLibraryExA(dllname, NULL, LOAD_LIBRARY_SEARCH_SYSTEM32);
if (hDLL == NULL) { if (hDLL == NULL) {
uprintf("Unable to open %s: %s\n", dllname, WindowsErrorString()); uprintf("Unable to open %s: %s\n", dllname, WindowsErrorString());
goto out; goto out;

12
src/msapi_utf8.h
View file

@ -317,6 +317,18 @@ static __inline HMODULE LoadLibraryU(LPCSTR lpFileName)
return ret; return ret;
} }
static __inline HMODULE LoadLibraryExU(LPCSTR lpFileName, HANDLE hFile, DWORD dwFlags)
{
HMODULE ret;
DWORD err = ERROR_INVALID_DATA;
wconvert(lpFileName);
ret = LoadLibraryExW(wlpFileName, hFile, dwFlags);
err = GetLastError();
wfree(lpFileName);
SetLastError(err);
return ret;
}
static __inline int DrawTextU(HDC hDC, LPCSTR lpText, int nCount, LPRECT lpRect, UINT uFormat) static __inline int DrawTextU(HDC hDC, LPCSTR lpText, int nCount, LPRECT lpRect, UINT uFormat)
{ {
int ret; int ret;

3
src/rufus.c
View file

@ -3148,7 +3148,8 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine
// nail... Also, no, Coverity, we never need to care about freeing kernel32 as a library. // nail... Also, no, Coverity, we never need to care about freeing kernel32 as a library.
// coverity[leaked_storage] // coverity[leaked_storage]
pfSetDefaultDllDirectories = (SetDefaultDllDirectories_t) pfSetDefaultDllDirectories = (SetDefaultDllDirectories_t)
GetProcAddress(LoadLibraryW(kernel32_path), "SetDefaultDllDirectories"); GetProcAddress(LoadLibraryExW(kernel32_path, NULL, LOAD_LIBRARY_SEARCH_SYSTEM32),
"SetDefaultDllDirectories");
if (pfSetDefaultDllDirectories != NULL) if (pfSetDefaultDllDirectories != NULL)
pfSetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_SYSTEM32); pfSetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_SYSTEM32);

2
src/rufus.h
View file

@ -658,7 +658,7 @@ static __inline HMODULE GetLibraryHandle(char* szLibraryName) {
if (OpenedLibrariesHandleSize >= MAX_LIBRARY_HANDLES) { if (OpenedLibrariesHandleSize >= MAX_LIBRARY_HANDLES) {
uprintf("Error: MAX_LIBRARY_HANDLES is too small\n"); uprintf("Error: MAX_LIBRARY_HANDLES is too small\n");
} else { } else {
h = LoadLibraryA(szLibraryName); h = LoadLibraryExA(szLibraryName, NULL, LOAD_LIBRARY_SEARCH_SYSTEM32);
if (h != NULL) if (h != NULL)
OpenedLibrariesHandle[OpenedLibrariesHandleSize++] = h; OpenedLibrariesHandle[OpenedLibrariesHandleSize++] = h;
} }

10
src/rufus.rc
View file

@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
IDD_DIALOG DIALOGEX 12, 12, 232, 326 IDD_DIALOG DIALOGEX 12, 12, 232, 326
STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
EXSTYLE WS_EX_ACCEPTFILES EXSTYLE WS_EX_ACCEPTFILES
CAPTION "Rufus 3.14.1768" CAPTION "Rufus 3.14.1769"
FONT 9, "Segoe UI Symbol", 400, 0, 0x0 FONT 9, "Segoe UI Symbol", 400, 0, 0x0
BEGIN BEGIN
LTEXT "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP LTEXT "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP
@ -395,8 +395,8 @@ END
// //
VS_VERSION_INFO VERSIONINFO VS_VERSION_INFO VERSIONINFO
FILEVERSION 3,14,1768,0 FILEVERSION 3,14,1769,0
PRODUCTVERSION 3,14,1768,0 PRODUCTVERSION 3,14,1769,0
FILEFLAGSMASK 0x3fL FILEFLAGSMASK 0x3fL
#ifdef _DEBUG #ifdef _DEBUG
FILEFLAGS 0x1L FILEFLAGS 0x1L
@ -414,13 +414,13 @@ BEGIN
VALUE "Comments", "https://rufus.ie" VALUE "Comments", "https://rufus.ie"
VALUE "CompanyName", "Akeo Consulting" VALUE "CompanyName", "Akeo Consulting"
VALUE "FileDescription", "Rufus" VALUE "FileDescription", "Rufus"
VALUE "FileVersion", "3.14.1768" VALUE "FileVersion", "3.14.1769"
VALUE "InternalName", "Rufus" VALUE "InternalName", "Rufus"
VALUE "LegalCopyright", "© 2011-2021 Pete Batard (GPL v3)" VALUE "LegalCopyright", "© 2011-2021 Pete Batard (GPL v3)"
VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html" VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html"
VALUE "OriginalFilename", "rufus-3.14.exe" VALUE "OriginalFilename", "rufus-3.14.exe"
VALUE "ProductName", "Rufus" VALUE "ProductName", "Rufus"
VALUE "ProductVersion", "3.14.1768" VALUE "ProductVersion", "3.14.1769"
END END
END END
BLOCK "VarFileInfo" BLOCK "VarFileInfo"

4
src/stdlg.c
View file

@ -2047,7 +2047,7 @@ void SetAlertPromptMessages(void)
// Fetch the localized strings in the relevant MUI // Fetch the localized strings in the relevant MUI
// Must use sysnative_dir rather than system_dir as we may not find the MUI's otherwise // Must use sysnative_dir rather than system_dir as we may not find the MUI's otherwise
static_sprintf(mui_path, "%s\\%s\\shell32.dll.mui", sysnative_dir, GetCurrentMUI()); static_sprintf(mui_path, "%s\\%s\\shell32.dll.mui", sysnative_dir, GetCurrentMUI());
mui_lib = LoadLibraryU(mui_path); mui_lib = LoadLibraryExU(mui_path, NULL, LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR);
if (mui_lib != NULL) { if (mui_lib != NULL) {
// 4097 = "You need to format the disk in drive %c: before you can use it." (dialog text) // 4097 = "You need to format the disk in drive %c: before you can use it." (dialog text)
// 4125 = "Microsoft Windows" (dialog title) // 4125 = "Microsoft Windows" (dialog title)
@ -2063,7 +2063,7 @@ void SetAlertPromptMessages(void)
FreeLibrary(mui_lib); FreeLibrary(mui_lib);
} }
static_sprintf(mui_path, "%s\\%s\\urlmon.dll.mui", sysnative_dir, GetCurrentMUI()); static_sprintf(mui_path, "%s\\%s\\urlmon.dll.mui", sysnative_dir, GetCurrentMUI());
mui_lib = LoadLibraryU(mui_path); mui_lib = LoadLibraryExU(mui_path, NULL, LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR);
if (mui_lib != NULL) { if (mui_lib != NULL) {
// 2070 = "Windows Security Warning" (yes, that's what MS uses for a stupid cookie!) // 2070 = "Windows Security Warning" (yes, that's what MS uses for a stupid cookie!)
if (LoadStringU(mui_lib, 2070, title_str[1], sizeof(title_str[1])) <= 0) { if (LoadStringU(mui_lib, 2070, title_str[1], sizeof(title_str[1])) <= 0) {

2
src/syslinux/win/ntfssect.c
View file

@ -307,7 +307,7 @@ DWORD M_NTFSSECT_API NtfsSectLoadXpFuncs(S_NTFSSECT_XPFUNCS * XpFuncs) {
XpFuncs->Size = sizeof *XpFuncs; XpFuncs->Size = sizeof *XpFuncs;
XpFuncs->Kernel32 = LoadLibraryA("kernel32.dll"); XpFuncs->Kernel32 = LoadLibraryExA("kernel32.dll", NULL, LOAD_LIBRARY_SEARCH_SYSTEM32);
rc = GetLastError(); rc = GetLastError();
if (!XpFuncs->Kernel32) { if (!XpFuncs->Kernel32) {
M_ERR("KERNEL32.DLL not found!"); M_ERR("KERNEL32.DLL not found!");