This is the mail archive of the cygwin-developers mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: DLL hijacking problem


On Aug 27 13:31, Christopher Faylor wrote:
> On Fri, Aug 27, 2010 at 06:43:56PM +0200, Corinna Vinschen wrote:
> >On Aug 27 09:38, Christopher Faylor wrote:
> >> On Fri, Aug 27, 2010 at 03:16:14PM +0200, Corinna Vinschen wrote:
> >> >Hi,
> >> >
> >> >This DLL hijacking problem goes from simmering to boiling pretty fast
> >> >right now:
> >> >http://www.microsoft.com/technet/security/advisory/2269637.mspx
> >> >The exploit DB fills rapidly in the last couple of days:
> >> >http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=DLL+Hijacking&filter_author=&filter_platform=0&filter_type=0&filter_port=&filter_osvdb=&filter_cve=
> >> >
> >> >Given
> >> >http://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx
> >> >
> >> >I propose to change all calls to
> >> >
> >> >  LoadLibrary ("any-Win32-system.dll")
> >> >
> >> >to (basically) 
> >> >
> >> >  GetSystemDirectory (path);
> >> >  strcat (path, "\\any-Win32-system.dll");
> >> >  LoadLibrary (path);
> >> >
> >> >Or does anybody think this is overreacting?
> >> 
> >> No, I was thinking the same thing after seeing the discussion of the
> >> problem in Slashdot.
> >
> >Ok, I'll do that.  For the autoload stuff, do you have any problem if I
> >convert the DLL names to WCHAR?  The idea is to move the
> >windows_system_directory variable from a static var in exceptions.cc to
> >a global variable in globals.cc, and to move the GetSystemDirectoryW
> >call in exceptions.cc:events_init pretty much to the start of
> >dll_crt0_0, so we can be sure it's available for any autoloaded stuff,
> >however early it occurs.
> 
> That sounds right to me.

I've just checked everything in.  It works fine, afaics, but if you
think there's something not kosher, please don't hesitate to discuss it.
Otherwise, apart from your fix to allow -lbinmode to work, I think we're
all set for 1.7.7.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]