diff options
| author | rpj <rpj> | 2011-07-03 07:42:04 +0000 |
|---|---|---|
| committer | rpj <rpj> | 2011-07-03 07:42:04 +0000 |
| commit | afc3015a5e151fbe06bad5a8895b39db011d73fd (patch) | |
| tree | b502abcc0e918f50e2307cb4a9bc197dac098eaf | |
| parent | 3104e34f1cb2ed2931520c962e9079fda4e2817d (diff) | |
Quserex.dll load security
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | README | 14 | ||||
| -rw-r--r-- | implement.h | 2 | ||||
| -rw-r--r-- | pthread_win32_attach_detach_np.c | 14 |
5 files changed, 26 insertions, 10 deletions
@@ -3,6 +3,8 @@ * pthread_spin_unlock.c (EPERM): Return success if unlocking a lock
that is not locked, because single CPU machines wrap a
PTHREAD_MUTEX_NORMAL mutex, which returns success in this case.
+ * pthread_win32_attach_detach_np.c (QUSEREX.DLL): Load from an
+ absolute path only which must be the Windows System folder.
2011-07-03 Daniel Richard G. <skunk at iskunk dot org>
@@ -117,6 +117,10 @@ MCS queue-based locks to reduce resource consumption, in particular use of Win32 objects. - Ross Johnson +For security, the QuserEx.dll if used must now be installed in the Windows System +folder. +- Ross Johnson + New tests --------- robust[1-5].c - Robust mutexes @@ -51,9 +51,9 @@ QueueUserAPCEx by Panagiotis E. Hadjidoukas are runnable. The simulated async cancellation cannot cancel blocked threads. - QueueUserAPCEx is required in C++ builds to avoid longjmp-style - context switching in pthread_cancel(), which will otherwise affect - exception handling and proper application behaviour. + [FOR SECURITY] To be found Quserex.dll MUST be installed in the + Windows System Folder. This is not an unreasonable constraint given a + driver must also be installed and loaded at system startup. Library naming @@ -87,8 +87,8 @@ can differentiate between binary incompatible versions of the libs and dlls. In general: - pthread[VG]{SE,CE,C}c.dll - pthread[VG]{SE,CE,C}c.lib + pthread[VG]{SE,CE,C}[c].dll + pthread[VG]{SE,CE,C}[c].lib where: [VG] indicates the compiler @@ -102,7 +102,7 @@ where: c - DLL compatibility number indicating ABI and API compatibility with applications built against - any snapshot with the same compatibility number. + a snapshot with the same compatibility number. See 'Version numbering' below. The name may also be suffixed by a 'd' to indicate a debugging version @@ -110,7 +110,7 @@ of the library. E.g. pthreadVC2d.lib. Debugging versions contain additional information for debugging (symbols etc) and are often not optimised in any way (compiled with optimisation turned off). -For example: +Examples: pthreadVSE.dll (MSVC/SEH) pthreadGCE.dll (GNUC/C++ EH) pthreadGC.dll (GNUC/not dependent on exceptions) diff --git a/implement.h b/implement.h index 937a0cb..6b9f425 100644 --- a/implement.h +++ b/implement.h @@ -39,7 +39,7 @@ #define _IMPLEMENT_H #if !defined(_WIN32_WINNT) -#define _WIN32_WINNT 0x400 +#define _WIN32_WINNT 0x0400 #endif #include <windows.h> diff --git a/pthread_win32_attach_detach_np.c b/pthread_win32_attach_detach_np.c index aa30a65..d26a632 100644 --- a/pthread_win32_attach_detach_np.c +++ b/pthread_win32_attach_detach_np.c @@ -45,6 +45,7 @@ static HINSTANCE ptw32_h_quserex; BOOL pthread_win32_process_attach_np () { + TCHAR WindowsSystemDirBuf[1024]; BOOL result = TRUE; result = ptw32_processInitialize (); @@ -60,9 +61,18 @@ pthread_win32_process_attach_np () #endif /* - * Load QUSEREX.DLL and try to get address of QueueUserAPCEx + * Load QUSEREX.DLL and try to get address of QueueUserAPCEx. + * Because QUSEREX.DLL requires a driver to be installed we will + * assume the DLL is in the system directory. + * + * This should take care of any security issues. */ - ptw32_h_quserex = LoadLibrary (TEXT ("QUSEREX.DLL")); + if(GetSystemDirectory(WindowsSystemDirBuf, sizeof(WindowsSystemDirBuf))) + { + ptw32_h_quserex = LoadLibrary (TEXT (strncat(WindowsSystemDirBuf, + "\\QUSEREX.DLL", + sizeof(WindowsSystemDirBuf)))); + } if (ptw32_h_quserex != NULL) { |