aboutsummaryrefslogtreecommitdiffstats
path: root/capplet
diff options
context:
space:
mode:
authorFridrich Štrba <fridrich.strba@bluewin.ch>2010-09-15 22:49:01 +0800
committerFridrich Štrba <fridrich.strba@bluewin.ch>2010-09-15 22:49:01 +0800
commit64f53f1a536cd871b2948cbea30869d68b37f98e (patch)
tree9a23c1d30d0bc30cefb73d1489b2a62149cc9592 /capplet
parent5310e4a0b10ded4c77ce9dfaff49d3e99e327462 (diff)
downloadgsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.gz
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.bz2
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.lz
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.xz
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.tar.zst
gsoc2013-evolution-64f53f1a536cd871b2948cbea30869d68b37f98e.zip
Increase safety on Windows
Call SetDllDirectory() to reduce risk of DLL hijacking, and call SetProcessDEPPolicy() to reduce risk of rogue code execution.
Diffstat (limited to 'capplet')
-rw-r--r--capplet/anjal-settings-main.c35
1 files changed, 30 insertions, 5 deletions
diff --git a/capplet/anjal-settings-main.c b/capplet/anjal-settings-main.c
index f380e2bf7a..eb9ccce6a9 100644
--- a/capplet/anjal-settings-main.c
+++ b/capplet/anjal-settings-main.c
@@ -43,10 +43,16 @@
#ifdef DATADIR
#undef DATADIR
#endif
-#include <io.h>
-#include <conio.h>
-#define _WIN32_WINNT 0x0501
+#define _WIN32_WINNT 0x0601
#include <windows.h>
+#include <conio.h>
+#include <io.h>
+#ifndef PROCESS_DEP_ENABLE
+#define PROCESS_DEP_ENABLE 0x00000001
+#endif
+#ifndef PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION
+#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
+#endif
#endif
#include <unique/unique.h>
@@ -176,14 +182,33 @@ main (gint argc, gchar *argv[])
UniqueApp *app;
#ifdef G_OS_WIN32
+ /* Reduce risks */
+ {
+ typedef BOOL (WINAPI *t_SetDllDirectoryA) (LPCSTR lpPathName);
+ t_SetDllDirectoryA p_SetDllDirectoryA;
+
+ p_SetDllDirectoryA = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetDllDirectoryA");
+ if (p_SetDllDirectoryA)
+ (*p_SetDllDirectoryA) ("");
+ }
+#ifndef _WIN64
+ {
+ typedef BOOL (WINAPI *t_SetProcessDEPPolicy) (DWORD dwFlags);
+ t_SetProcessDEPPolicy p_SetProcessDEPPolicy;
+
+ p_SetProcessDEPPolicy = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetProcessDEPPolicy");
+ if (p_SetProcessDEPPolicy)
+ (*p_SetProcessDEPPolicy) (PROCESS_DEP_ENABLE|PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);
+ }
+#endif
+
if (fileno (stdout) != -1 && _get_osfhandle (fileno (stdout)) != -1) {
/* stdout is fine, presumably redirected to a file or pipe */
} else {
typedef BOOL (* WINAPI AttachConsole_t) (DWORD);
AttachConsole_t p_AttachConsole =
- (AttachConsole_t) GetProcAddress (
- GetModuleHandle ("kernel32.dll"), "AttachConsole");
+ (AttachConsole_t) GetProcAddress (GetModuleHandle ("kernel32.dll"), "AttachConsole");
if (p_AttachConsole && p_AttachConsole (ATTACH_PARENT_PROCESS)) {
freopen ("CONOUT$", "w", stdout);