From afc3015a5e151fbe06bad5a8895b39db011d73fd Mon Sep 17 00:00:00 2001 From: rpj Date: Sun, 3 Jul 2011 07:42:04 +0000 Subject: Quserex.dll load security --- ChangeLog | 2 ++ NEWS | 4 ++++ README | 14 +++++++------- implement.h | 2 +- pthread_win32_attach_detach_np.c | 14 ++++++++++++-- 5 files changed, 26 insertions(+), 10 deletions(-) diff --git a/ChangeLog b/ChangeLog index 04a81c9..2b1ba40 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,8 @@ * pthread_spin_unlock.c (EPERM): Return success if unlocking a lock that is not locked, because single CPU machines wrap a PTHREAD_MUTEX_NORMAL mutex, which returns success in this case. + * pthread_win32_attach_detach_np.c (QUSEREX.DLL): Load from an + absolute path only which must be the Windows System folder. 2011-07-03 Daniel Richard G. diff --git a/NEWS b/NEWS index f39c587..219fe4e 100644 --- a/NEWS +++ b/NEWS @@ -117,6 +117,10 @@ MCS queue-based locks to reduce resource consumption, in particular use of Win32 objects. - Ross Johnson +For security, the QuserEx.dll if used must now be installed in the Windows System +folder. +- Ross Johnson + New tests --------- robust[1-5].c - Robust mutexes diff --git a/README b/README index 553ec71..545360b 100644 --- a/README +++ b/README @@ -51,9 +51,9 @@ QueueUserAPCEx by Panagiotis E. Hadjidoukas are runnable. The simulated async cancellation cannot cancel blocked threads. - QueueUserAPCEx is required in C++ builds to avoid longjmp-style - context switching in pthread_cancel(), which will otherwise affect - exception handling and proper application behaviour. + [FOR SECURITY] To be found Quserex.dll MUST be installed in the + Windows System Folder. This is not an unreasonable constraint given a + driver must also be installed and loaded at system startup. Library naming @@ -87,8 +87,8 @@ can differentiate between binary incompatible versions of the libs and dlls. In general: - pthread[VG]{SE,CE,C}c.dll - pthread[VG]{SE,CE,C}c.lib + pthread[VG]{SE,CE,C}[c].dll + pthread[VG]{SE,CE,C}[c].lib where: [VG] indicates the compiler @@ -102,7 +102,7 @@ where: c - DLL compatibility number indicating ABI and API compatibility with applications built against - any snapshot with the same compatibility number. + a snapshot with the same compatibility number. See 'Version numbering' below. The name may also be suffixed by a 'd' to indicate a debugging version @@ -110,7 +110,7 @@ of the library. E.g. pthreadVC2d.lib. Debugging versions contain additional information for debugging (symbols etc) and are often not optimised in any way (compiled with optimisation turned off). -For example: +Examples: pthreadVSE.dll (MSVC/SEH) pthreadGCE.dll (GNUC/C++ EH) pthreadGC.dll (GNUC/not dependent on exceptions) diff --git a/implement.h b/implement.h index 937a0cb..6b9f425 100644 --- a/implement.h +++ b/implement.h @@ -39,7 +39,7 @@ #define _IMPLEMENT_H #if !defined(_WIN32_WINNT) -#define _WIN32_WINNT 0x400 +#define _WIN32_WINNT 0x0400 #endif #include diff --git a/pthread_win32_attach_detach_np.c b/pthread_win32_attach_detach_np.c index aa30a65..d26a632 100644 --- a/pthread_win32_attach_detach_np.c +++ b/pthread_win32_attach_detach_np.c @@ -45,6 +45,7 @@ static HINSTANCE ptw32_h_quserex; BOOL pthread_win32_process_attach_np () { + TCHAR WindowsSystemDirBuf[1024]; BOOL result = TRUE; result = ptw32_processInitialize (); @@ -60,9 +61,18 @@ pthread_win32_process_attach_np () #endif /* - * Load QUSEREX.DLL and try to get address of QueueUserAPCEx + * Load QUSEREX.DLL and try to get address of QueueUserAPCEx. + * Because QUSEREX.DLL requires a driver to be installed we will + * assume the DLL is in the system directory. + * + * This should take care of any security issues. */ - ptw32_h_quserex = LoadLibrary (TEXT ("QUSEREX.DLL")); + if(GetSystemDirectory(WindowsSystemDirBuf, sizeof(WindowsSystemDirBuf))) + { + ptw32_h_quserex = LoadLibrary (TEXT (strncat(WindowsSystemDirBuf, + "\\QUSEREX.DLL", + sizeof(WindowsSystemDirBuf)))); + } if (ptw32_h_quserex != NULL) { -- cgit v1.2.3