Mirrors/velopack
1
0
Fork 0
mirror of https://github.com/velopack/velopack.git synced 2025-10-25 15:19:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Simplify DllHijack mitigation and ensure urlmon is delay loaded

Browse Source 
First update the project to reduce the number of linked libraries
and ensure the most likely non-OS loaded DLLS are delay loaded. Then
simplify the DLL hijack mitigation to always dynamically link to
SetDefaultDllDirectories in case Squirrel is used on and old Win7
that is missing the necessary KB.
This commit is contained in:
Rob Mensching
2022-05-30 17:56:58 -07:00
parent 16521f3b13
commit 0bad6df14d
2 changed files with 14 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/Setup/Setup.vcxproj
View File

@@ -64,8 +64,8 @@
<Link>
<SubSystem>Windows</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<AdditionalDependencies>kernel32.lib;user32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;urlmon.lib</AdditionalDependencies>
<DelayLoadDLLs>user32.dll;advapi32.dll;shell32.dll;ole32.dll;oleaut32.dll;urlmon.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
<AdditionalDependencies>urlmon.lib</AdditionalDependencies>
<DelayLoadDLLs>comctl32.dll;shell32.dll;shlwapi.dll;urlmon.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
</Link>
<Manifest>
<AdditionalManifestFiles>compat.manifest</AdditionalManifestFiles>
@@ -91,8 +91,8 @@
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<UACExecutionLevel>AsInvoker</UACExecutionLevel>
<AdditionalDependencies>kernel32.lib;user32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;urlmon.lib</AdditionalDependencies>
<DelayLoadDLLs>user32.dll;advapi32.dll;shell32.dll;ole32.dll;oleaut32.dll;urlmon.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
<AdditionalDependencies>urlmon.lib</AdditionalDependencies>
<DelayLoadDLLs>comctl32.dll;shell32.dll;shlwapi.dll;urlmon.dll;%(DelayLoadDLLs)</DelayLoadDLLs>
</Link>
<Manifest>
<AdditionalManifestFiles>compat.manifest</AdditionalManifestFiles>

16
src/Setup/winmain.cpp
View File

@@ -23,22 +23,26 @@ void PreloadLibs()
std::wstring version = (std::wstring(sys32Folder) + L"\\version.dll");
std::wstring logoncli = (std::wstring(sys32Folder) + L"\\logoncli.dll");
std::wstring sspicli = (std::wstring(sys32Folder) + L"\\sspicli.dll");
std::wstring urlmon = (std::wstring(sys32Folder) + L"\\urlmon.dll");
LoadLibrary(version.c_str());
LoadLibrary(logoncli.c_str());
LoadLibrary(sspicli.c_str());
LoadLibrary(urlmon.c_str());
}
void MitigateDllHijacking()
{
// Set the default DLL lookup directory to System32 for ourselves and kernel32.dll
SetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_SYSTEM32);
HMODULE hKernel32 = LoadLibrary(L"kernel32.dll");
ATLASSERT(hKernel32 != NULL);
SetDefaultDllDirectoriesFunction pfn = (SetDefaultDllDirectoriesFunction)GetProcAddress(hKernel32, "SetDefaultDllDirectories");
if (pfn) { (*pfn)(LOAD_LIBRARY_SEARCH_SYSTEM32); }
if (hKernel32)
{
SetDefaultDllDirectoriesFunction pfn = (SetDefaultDllDirectoriesFunction)GetProcAddress(hKernel32, "SetDefaultDllDirectories");
if (pfn)
{
(*pfn)(LOAD_LIBRARY_SEARCH_SYSTEM32);
}
}
PreloadLibs();
}