mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-12-25 17:49:52 +03:00
Merge pull request #510 from dnobori/b3_loadlibrary
Preventing the Win32 API LoadLibrary() current directory DLL injection issue.
This commit is contained in:
commit
b59697fbd4
@ -154,7 +154,19 @@ static UINT64 probe_start = 0;
|
||||
static UINT64 probe_last = 0;
|
||||
static bool probe_enabled = false;
|
||||
|
||||
// The function which should be called once as soon as possible after the process is started
|
||||
static bool init_proc_once_flag = false;
|
||||
void InitProcessCallOnce()
|
||||
{
|
||||
if (init_proc_once_flag == false)
|
||||
{
|
||||
init_proc_once_flag = true;
|
||||
|
||||
#ifdef OS_WIN32
|
||||
MsInitProcessCallOnce();
|
||||
#endif // OS_WIN32
|
||||
}
|
||||
}
|
||||
|
||||
// Calculate the checksum
|
||||
USHORT CalcChecksum16(void *buf, UINT size)
|
||||
@ -490,6 +502,8 @@ void InitMayaqua(bool memcheck, bool debug, int argc, char **argv)
|
||||
return;
|
||||
}
|
||||
|
||||
InitProcessCallOnce();
|
||||
|
||||
g_memcheck = memcheck;
|
||||
g_debug = debug;
|
||||
cmdline = NULL;
|
||||
|
@ -133,6 +133,8 @@
|
||||
|
||||
#endif // VPN_SPEED
|
||||
|
||||
void InitProcessCallOnce();
|
||||
|
||||
#ifdef VPN_EXE
|
||||
// To build the executable file
|
||||
#ifdef WIN32
|
||||
@ -142,6 +144,7 @@ int main(int argc, char *argv[]);
|
||||
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
|
||||
{
|
||||
char *argv[] = { CmdLine, };
|
||||
InitProcessCallOnce();
|
||||
return main(1, argv);
|
||||
}
|
||||
#endif // WIN32
|
||||
|
@ -273,6 +273,43 @@ typedef struct MS_MSCHAPV2_PARAMS
|
||||
UCHAR ResponseBuffer[MAX_SIZE];
|
||||
} MS_MSCHAPV2_PARAMS;
|
||||
|
||||
// The function which should be called once as soon as possible after the process is started
|
||||
void MsInitProcessCallOnce()
|
||||
{
|
||||
// Mitigate the DLL injection attack
|
||||
char system_dir[MAX_PATH];
|
||||
char kernel32_path[MAX_PATH];
|
||||
UINT len;
|
||||
HINSTANCE hKernel32;
|
||||
|
||||
// Get the full path of kernel32.dll
|
||||
memset(system_dir, 0, sizeof(system_dir));
|
||||
GetSystemDirectory(system_dir, sizeof(system_dir));
|
||||
len = lstrlenA(system_dir);
|
||||
if (system_dir[len] == '\\')
|
||||
{
|
||||
system_dir[len] = 0;
|
||||
}
|
||||
wsprintfA(kernel32_path, "%s\\kernel32.dll", system_dir);
|
||||
|
||||
// Load kernel32.dll
|
||||
hKernel32 = LoadLibraryA(kernel32_path);
|
||||
if (hKernel32 != NULL)
|
||||
{
|
||||
BOOL (WINAPI *_SetDllDirectoryA)(LPCTSTR);
|
||||
|
||||
_SetDllDirectoryA = (BOOL (WINAPI *)(LPCTSTR))
|
||||
GetProcAddress(hKernel32, "SetDllDirectoryA");
|
||||
|
||||
if (_SetDllDirectoryA != NULL)
|
||||
{
|
||||
_SetDllDirectoryA("");
|
||||
}
|
||||
|
||||
FreeLibrary(hKernel32);
|
||||
}
|
||||
}
|
||||
|
||||
// Collect the information of the VPN software
|
||||
bool MsCollectVpnInfo(BUF *bat, char *tmpdir, char *svc_name, wchar_t *config_name, wchar_t *logdir_name)
|
||||
{
|
||||
|
@ -1160,6 +1160,7 @@ void MsTest();
|
||||
|
||||
bool MsSaveSystemInfo(wchar_t *dst_filename);
|
||||
bool MsCollectVpnInfo(BUF *bat, char *tmpdir, char *svc_name, wchar_t *config_name, wchar_t *logdir_name);
|
||||
void MsInitProcessCallOnce();
|
||||
|
||||
MS_SUSPEND_HANDLER *MsNewSuspendHandler();
|
||||
void MsFreeSuspendHandler(MS_SUSPEND_HANDLER *h);
|
||||
|
@ -155,6 +155,8 @@ void StopProcess()
|
||||
// WinMain function
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
InitProcessCallOnce();
|
||||
|
||||
VgUseStaticLink();
|
||||
|
||||
#ifdef OS_WIN32
|
||||
|
@ -143,6 +143,8 @@ void StopProcess()
|
||||
// WinMain function
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
InitProcessCallOnce();
|
||||
|
||||
#ifdef OS_WIN32
|
||||
|
||||
return MsService(GC_SVC_NAME_VPNCLIENT, StartProcess, StopProcess, ICO_MACHINE, argv[0]);
|
||||
|
@ -137,6 +137,8 @@ int main(int argc, char *argv[])
|
||||
wchar_t *s;
|
||||
UINT ret = 0;
|
||||
|
||||
InitProcessCallOnce();
|
||||
|
||||
#ifdef OS_WIN32
|
||||
SetConsoleTitleA(CEDAR_PRODUCT_STR " VPN Command Line Utility");
|
||||
#endif // OS_WIN32
|
||||
|
@ -134,6 +134,8 @@
|
||||
// WinMain function
|
||||
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
|
||||
{
|
||||
InitProcessCallOnce();
|
||||
|
||||
InitMayaqua(false, false, 0, NULL);
|
||||
InitCedar();
|
||||
|
||||
|
@ -353,6 +353,8 @@ void MainFunction(char *cmd)
|
||||
// winmain function
|
||||
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
|
||||
{
|
||||
InitProcessCallOnce();
|
||||
|
||||
InitMayaqua(false, false, 0, NULL);
|
||||
EnableProbe(false);
|
||||
InitCedar();
|
||||
|
@ -1634,6 +1634,7 @@ void ViFreeStringTables()
|
||||
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
|
||||
{
|
||||
INSTANCE *instance;
|
||||
InitProcessCallOnce();
|
||||
is_debug = false;
|
||||
MayaquaMinimalMode();
|
||||
InitMayaqua(false, is_debug, 0, NULL);
|
||||
|
@ -155,6 +155,8 @@ void StopProcess()
|
||||
// WinMain function
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
InitProcessCallOnce();
|
||||
|
||||
VgUseStaticLink();
|
||||
|
||||
#ifdef OS_WIN32
|
||||
|
@ -134,6 +134,8 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
|
||||
{
|
||||
UINT ret;
|
||||
|
||||
InitProcessCallOnce();
|
||||
|
||||
VgUseStaticLink();
|
||||
|
||||
ret = SWExec();
|
||||
|
@ -132,6 +132,8 @@
|
||||
// WinMain function
|
||||
int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
|
||||
{
|
||||
InitProcessCallOnce();
|
||||
|
||||
InitMayaqua(false, false, 0, NULL);
|
||||
InitCedar();
|
||||
SMExec();
|
||||
|
Loading…
Reference in New Issue
Block a user