Preventing the Win32 API LoadLibrary() current directory DLL injection issue.

When loading the DLL file by the LoadLibrary() function in Windows VPN programs, we changed the behavior not to search the current directory. Based on this improvement, even if there are untrusted DLL files in the calendar directory, it is now safe to avoid the problem of unexpected security problem caused by the default loading behavior of Windows. Acknowledgments: This is based on a report by Herman Groeneveld, aka Sh4d0wman.
2025-07-07 08:14:58 +03:00 · 2018-04-22 18:21:19 +09:00
parent b1f74268b1
commit 241813e827
13 changed files with 72 additions and 0 deletions
--- a/src/Mayaqua/Mayaqua.h
+++ b/src/Mayaqua/Mayaqua.h
@ -133,6 +133,8 @@

 #endif	// VPN_SPEED

+void InitProcessCallOnce();
+
 #ifdef	VPN_EXE
 // To build the executable file
 #ifdef	WIN32
@ -142,6 +144,7 @@ int main(int argc, char *argv[]);
 int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
 {
 	char *argv[] = { CmdLine, };
+	InitProcessCallOnce();
 	return main(1, argv);
 }
 #endif	// WIN32