aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFridrich Štrba <fridrich.strba@bluewin.ch>2010-09-15 22:49:01 +0800
committerFridrich Štrba <fridrich.strba@bluewin.ch>2010-09-15 22:49:01 +0800
commit64f53f1a536cd871b2948cbea30869d68b37f98e (patch)
tree9a23c1d30d0bc30cefb73d1489b2a62149cc9592
parent5310e4a0b10ded4c77ce9dfaff49d3e99e327462 (diff)
downloadgsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.gz
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.bz2
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.lz
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.xz
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.zst
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.zip
Increase safety on Windows
Call SetDllDirectory() to reduce risk of DLL hijacking, and call SetProcessDEPPolicy() to reduce risk of rogue code execution.
-rw-r--r--addressbook/tools/evolution-addressbook-export.c36
-rw-r--r--calendar/gui/alarm-notify/notify-main.c34
-rw-r--r--capplet/anjal-settings-main.c35
-rw-r--r--plugins/backup-restore/backup.c36
-rw-r--r--shell/main.c32
5 files changed, 164 insertions, 9 deletions
diff --git a/addressbook/tools/evolution-addressbook-export.c b/addressbook/tools/evolution-addressbook-export.c
index 58831ed16c..9c495e5b5f 100644
--- a/addressbook/tools/evolution-addressbook-export.c
+++ b/addressbook/tools/evolution-addressbook-export.c
@@ -30,6 +30,20 @@
#include "evolution-addressbook-export.h"
+#ifdef G_OS_WIN32
+#ifdef DATADIR
+#undef DATADIR
+#endif
+#include <windows.h>
+#include <conio.h>
+#ifndef PROCESS_DEP_ENABLE
+#define PROCESS_DEP_ENABLE 0x00000001
+#endif
+#ifndef PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION
+#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
+#endif
+#endif
+
/* Command-Line Options */
static gchar *opt_output_file = NULL;
static gboolean opt_list_folders_mode = FALSE;
@@ -75,6 +89,28 @@ main (gint argc, gchar **argv)
gint IsCSV = FALSE;
gint IsVCard = FALSE;
+#ifdef G_OS_WIN32
+ /* Reduce risks */
+ {
+ typedef BOOL (WINAPI *t_SetDllDirectoryA) (LPCSTR lpPathName);
+ t_SetDllDirectoryA p_SetDllDirectoryA;
+
+ p_SetDllDirectoryA = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetDllDirectoryA");
+ if (p_SetDllDirectoryA)
+ (*p_SetDllDirectoryA) ("");
+ }
+#ifndef _WIN64
+ {
+ typedef BOOL (WINAPI *t_SetProcessDEPPolicy) (DWORD dwFlags);
+ t_SetProcessDEPPolicy p_SetProcessDEPPolicy;
+
+ p_SetProcessDEPPolicy = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetProcessDEPPolicy");
+ if (p_SetProcessDEPPolicy)
+ (*p_SetProcessDEPPolicy) (PROCESS_DEP_ENABLE|PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);
+ }
+#endif
+#endif
+
g_type_init ();
/*i18n-lize */
diff --git a/calendar/gui/alarm-notify/notify-main.c b/calendar/gui/alarm-notify/notify-main.c
index 8c56abaff2..ad1a1178f8 100644
--- a/calendar/gui/alarm-notify/notify-main.c
+++ b/calendar/gui/alarm-notify/notify-main.c
@@ -35,12 +35,24 @@
#include <libedataserver/e-source.h>
#include <libedataserverui/e-passwords.h>
-#include "e-util/e-util-private.h"
#include "alarm.h"
#include "alarm-queue.h"
#include "alarm-notify.h"
#include "config-data.h"
+#ifdef G_OS_WIN32
+#include <windows.h>
+#include <conio.h>
+#ifndef PROCESS_DEP_ENABLE
+#define PROCESS_DEP_ENABLE 0x00000001
+#endif
+#ifndef PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION
+#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
+#endif
+#endif
+
+#include "e-util/e-util-private.h"
+
gint
main (gint argc, gchar **argv)
{
@@ -49,6 +61,26 @@ main (gint argc, gchar **argv)
UniqueApp *app;
#ifdef G_OS_WIN32
gchar *path;
+
+ /* Reduce risks */
+ {
+ typedef BOOL (WINAPI *t_SetDllDirectoryA) (LPCSTR lpPathName);
+ t_SetDllDirectoryA p_SetDllDirectoryA;
+
+ p_SetDllDirectoryA = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetDllDirectoryA");
+ if (p_SetDllDirectoryA)
+ (*p_SetDllDirectoryA) ("");
+ }
+#ifndef _WIN64
+ {
+ typedef BOOL (WINAPI *t_SetProcessDEPPolicy) (DWORD dwFlags);
+ t_SetProcessDEPPolicy p_SetProcessDEPPolicy;
+
+ p_SetProcessDEPPolicy = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetProcessDEPPolicy");
+ if (p_SetProcessDEPPolicy)
+ (*p_SetProcessDEPPolicy) (PROCESS_DEP_ENABLE|PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);
+ }
+#endif
#endif
bindtextdomain (GETTEXT_PACKAGE, EVOLUTION_LOCALEDIR);
diff --git a/capplet/anjal-settings-main.c b/capplet/anjal-settings-main.c
index f380e2bf7a..eb9ccce6a9 100644
--- a/capplet/anjal-settings-main.c
+++ b/capplet/anjal-settings-main.c
@@ -43,10 +43,16 @@
#ifdef DATADIR
#undef DATADIR
#endif
-#include <io.h>
-#include <conio.h>
-#define _WIN32_WINNT 0x0501
+#define _WIN32_WINNT 0x0601
#include <windows.h>
+#include <conio.h>
+#include <io.h>
+#ifndef PROCESS_DEP_ENABLE
+#define PROCESS_DEP_ENABLE 0x00000001
+#endif
+#ifndef PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION
+#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
+#endif
#endif
#include <unique/unique.h>
@@ -176,14 +182,33 @@ main (gint argc, gchar *argv[])
UniqueApp *app;
#ifdef G_OS_WIN32
+ /* Reduce risks */
+ {
+ typedef BOOL (WINAPI *t_SetDllDirectoryA) (LPCSTR lpPathName);
+ t_SetDllDirectoryA p_SetDllDirectoryA;
+
+ p_SetDllDirectoryA = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetDllDirectoryA");
+ if (p_SetDllDirectoryA)
+ (*p_SetDllDirectoryA) ("");
+ }
+#ifndef _WIN64
+ {
+ typedef BOOL (WINAPI *t_SetProcessDEPPolicy) (DWORD dwFlags);
+ t_SetProcessDEPPolicy p_SetProcessDEPPolicy;
+
+ p_SetProcessDEPPolicy = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetProcessDEPPolicy");
+ if (p_SetProcessDEPPolicy)
+ (*p_SetProcessDEPPolicy) (PROCESS_DEP_ENABLE|PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);
+ }
+#endif
+
if (fileno (stdout) != -1 && _get_osfhandle (fileno (stdout)) != -1) {
/* stdout is fine, presumably redirected to a file or pipe */
} else {
typedef BOOL (* WINAPI AttachConsole_t) (DWORD);
AttachConsole_t p_AttachConsole =
- (AttachConsole_t) GetProcAddress (
- GetModuleHandle ("kernel32.dll"), "AttachConsole");
+ (AttachConsole_t) GetProcAddress (GetModuleHandle ("kernel32.dll"), "AttachConsole");
if (p_AttachConsole && p_AttachConsole (ATTACH_PARENT_PROCESS)) {
freopen ("CONOUT$", "w", stdout);
diff --git a/plugins/backup-restore/backup.c b/plugins/backup-restore/backup.c
index 104afe7166..dcfe20c5d9 100644
--- a/plugins/backup-restore/backup.c
+++ b/plugins/backup-restore/backup.c
@@ -30,6 +30,20 @@
#include <glib/gi18n.h>
#include <gtk/gtk.h>
+#ifdef G_OS_WIN32
+#ifdef DATADIR
+#undef DATADIR
+#endif
+#include <windows.h>
+#include <conio.h>
+#ifndef PROCESS_DEP_ENABLE
+#define PROCESS_DEP_ENABLE 0x00000001
+#endif
+#ifndef PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION
+#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
+#endif
+#endif
+
#include "e-util/e-util-private.h"
#include "e-util/e-util.h"
@@ -408,6 +422,28 @@ main (gint argc, gchar **argv)
gint i;
GError *error = NULL;
+#ifdef G_OS_WIN32
+ /* Reduce risks */
+ {
+ typedef BOOL (WINAPI *t_SetDllDirectoryA) (LPCSTR lpPathName);
+ t_SetDllDirectoryA p_SetDllDirectoryA;
+
+ p_SetDllDirectoryA = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetDllDirectoryA");
+ if (p_SetDllDirectoryA)
+ (*p_SetDllDirectoryA) ("");
+ }
+#ifndef _WIN64
+ {
+ typedef BOOL (WINAPI *t_SetProcessDEPPolicy) (DWORD dwFlags);
+ t_SetProcessDEPPolicy p_SetProcessDEPPolicy;
+
+ p_SetProcessDEPPolicy = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetProcessDEPPolicy");
+ if (p_SetProcessDEPPolicy)
+ (*p_SetProcessDEPPolicy) (PROCESS_DEP_ENABLE|PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);
+ }
+#endif
+#endif
+
bindtextdomain (GETTEXT_PACKAGE, EVOLUTION_LOCALEDIR);
bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
textdomain (GETTEXT_PACKAGE);
diff --git a/shell/main.c b/shell/main.c
index 3e922a488a..a24e618ef0 100644
--- a/shell/main.c
+++ b/shell/main.c
@@ -36,10 +36,16 @@
#ifdef DATADIR
#undef DATADIR
#endif
-#include <io.h>
-#include <conio.h>
-#define _WIN32_WINNT 0x0501
+#define _WIN32_WINNT 0x0601
#include <windows.h>
+#include <conio.h>
+#include <io.h>
+#ifndef PROCESS_DEP_ENABLE
+#define PROCESS_DEP_ENABLE 0x00000001
+#endif
+#ifndef PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION
+#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
+#endif
#endif
#include <gconf/gconf-client.h>
@@ -444,6 +450,26 @@ main (gint argc, gchar **argv)
#ifdef G_OS_WIN32
gchar *path;
+ /* Reduce risks */
+ {
+ typedef BOOL (WINAPI *t_SetDllDirectoryA) (LPCSTR lpPathName);
+ t_SetDllDirectoryA p_SetDllDirectoryA;
+
+ p_SetDllDirectoryA = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetDllDirectoryA");
+ if (p_SetDllDirectoryA)
+ (*p_SetDllDirectoryA) ("");
+ }
+#ifndef _WIN64
+ {
+ typedef BOOL (WINAPI *t_SetProcessDEPPolicy) (DWORD dwFlags);
+ t_SetProcessDEPPolicy p_SetProcessDEPPolicy;
+
+ p_SetProcessDEPPolicy = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetProcessDEPPolicy");
+ if (p_SetProcessDEPPolicy)
+ (*p_SetProcessDEPPolicy) (PROCESS_DEP_ENABLE|PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);
+ }
+#endif
+
if (fileno (stdout) != -1 && _get_osfhandle (fileno (stdout)) != -1) {
/* stdout is fine, presumably redirected to a file or pipe */
} else {