w32: use safe DLL search paths everywhere

Windows applications that use LoadLibrary are vulnerable to DLL preloading attacks if a malicious DLL with the same name as a system DLL is placed in the current directory. mpv had some code to avoid this in ao_wasapi.c. This commit just moves it to main.c, since there's no reason it can't be used process-wide. This change can affect how plugins are loaded in AviSynth, but it shouldn't be a problem since MPC-HC also does this and it's a very popular AviSynth client.
2024-08-08 13:25:45 +02:00 · 2014-01-07 23:26:26 +11:00 · 2014-01-07 23:26:26 +11:00 · d26ee98fa6
commit d26ee98fa6
parent 4c83a93617
2 changed files with 21 additions and 17 deletions
--- a/audio/out/ao_wasapi.c
+++ b/audio/out/ao_wasapi.c
@ -36,10 +36,6 @@
 #include "misc/ring.h"
 #include "ao.h"

-#ifndef BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE
-#define BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE 0x00000001
-#endif
-
 #ifndef PKEY_Device_FriendlyName
 DEFINE_PROPERTYKEY(PKEY_Device_FriendlyName,
                   0xa45c254e, 0xdf1c, 0x4efd, 0x80, 0x20,
@ -136,17 +132,6 @@ static int fill_VistaBlob(wasapi_state *state)
 {
    if (!state)
        return 1;
-    HMODULE hkernel32 = GetModuleHandleW(L"kernel32.dll");
-    if (!hkernel32)
-        return 1;
-    WINBOOL (WINAPI *pSetDllDirectory)(LPCWSTR lpPathName) =
-        (WINBOOL (WINAPI *)(LPCWSTR))GetProcAddress(hkernel32, "SetDllDirectoryW");
-    WINBOOL (WINAPI *pSetSearchPathMode)(DWORD Flags) =
-        (WINBOOL (WINAPI *)(DWORD))GetProcAddress(hkernel32, "SetSearchPathMode");
-    if (pSetSearchPathMode)
-        pSetDllDirectory(L"");  /* Attempt to use safe search paths */
-    if (pSetSearchPathMode)
-        pSetSearchPathMode(BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE);
    state->VistaBlob.hAvrt = LoadLibraryW(L"avrt.dll");
    if (!state->VistaBlob.hAvrt)
        goto exit_label;
@ -160,8 +145,6 @@ static int fill_VistaBlob(wasapi_state *state)
 exit_label:
    if (state->VistaBlob.hAvrt)
        FreeLibrary(state->VistaBlob.hAvrt);
-    if (pSetSearchPathMode)
-        pSetDllDirectory(NULL);
    return 1;
 }

--- a/player/main.c
+++ b/player/main.c
@ -79,6 +79,14 @@

 #if defined(__MINGW32__) || defined(__CYGWIN__)
 #include <windows.h>
+
+#ifndef BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE
+#define BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE (0x0001)
+#endif
+
+#ifndef BASE_SEARCH_PATH_PERMANENT
+#define BASE_SEARCH_PATH_PERMANENT (0x8000)
+#endif
 #endif

 const char mp_help_text[] =
@ -265,6 +273,19 @@ static void osdep_preinit(int *p_argc, char ***p_argv)

    // Enable heap corruption detection
    HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0);
+
+    HMODULE kernel32 = GetModuleHandleW(L"kernel32.dll");
+    WINBOOL (WINAPI *pSetDllDirectory)(LPCWSTR lpPathName) =
+        (WINBOOL (WINAPI *)(LPCWSTR))GetProcAddress(kernel32, "SetDllDirectoryW");
+    WINBOOL (WINAPI *pSetSearchPathMode)(DWORD Flags) =
+        (WINBOOL (WINAPI *)(DWORD))GetProcAddress(kernel32, "SetSearchPathMode");
+
+    // Always use safe search paths for DLLs and other files, ie. never use the
+    // current directory
+    if (pSetSearchPathMode)
+        pSetDllDirectory(L"");
+    if (pSetSearchPathMode)
+        pSetSearchPathMode(BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE);
 #endif

    terminal_init();