dragonleo/NSIS
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Preload some system libraries (bug #1125)

Browse source 
git-svn-id: https://svn.code.sf.net/p/nsis/code/NSIS/trunk@6688 212acab6-be3b-0410-9dea-997c60f758d6
This commit is contained in:
anders_k 2015-12-24 00:40:28 +00:00
parent 0979ab23fc
commit e2d28022e2
1 changed files with 16 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

28
Source/exehead/Main.c
View file

@ -93,23 +93,13 @@ EXTERN_C void NSISWinMainNOCRT()
TCHAR seekchar=_T(' ');
TCHAR *cmdline;
InitCommonControls();
SetErrorMode(SEM_NOOPENFILEERRORBOX | SEM_FAILCRITICALERRORS);
#if defined(NSIS_SUPPORT_ACTIVEXREG) || defined(NSIS_SUPPORT_CREATESHORTCUT)
{
extern HRESULT g_hres;
g_hres=OleInitialize(NULL);
}
#endif
{
// bug #1125: Don't load modules from the application nor current directory.
// SetDefaultDllDirectories() allows us to restrict implicitly loaded and
// dynamically loaded modules (with relative paths) to just
// %windir%\System32 and directories added with AddDllDirectory().
// This prevents DLL search order attacks (CAPEC-471).
// dynamically loaded modules to just %windir%\System32 and directories
// added with AddDllDirectory(). This prevents DLL search order attacks (CAPEC-471).
DWORD winver = GetVersion();
// CoCreateInstance(CLSID_ShellLink, ...) fails on Vista if SetDefaultDllDirectories is called
BOOL avoidwinbug = LOWORD(winver) == MAKEWORD(6, 0);
@ -118,6 +108,9 @@ EXTERN_C void NSISWinMainNOCRT()
FARPROC fp = myGetProcAddress(MGA_SetDefaultDllDirectories);
if (fp) ((BOOL(WINAPI*)(DWORD))fp)(LOAD_LIBRARY_SEARCH_SYSTEM32|LOAD_LIBRARY_SEARCH_USER_DIRS);
}
LoadSystemLibrary("UXTHEME"); // On Vista OleInitialize calls NtUserCreateWindowEx and that pulls in UXTheme.dll
LoadSystemLibrary("USERENV"); // On Vista SHGetFileInfo ends up in SHELL32.kfapi::GetUserProfileDir and that pulls in UserEnv.dll
LoadSystemLibrary("SETUPAPI"); // On XP SHGetFileInfo ends up in CMountPoint::_InitLocalDriveHelper and that pulls in SetupAPI.dll
}
// Because myGetProcAddress now loads dlls with a full path
@ -136,6 +129,17 @@ EXTERN_C void NSISWinMainNOCRT()
#endif
g_SHGetFolderPath = myGetProcAddress(MGA_SHGetFolderPath); // and SHFOLDER
InitCommonControls();
#if defined(NSIS_SUPPORT_ACTIVEXREG) || defined(NSIS_SUPPORT_CREATESHORTCUT)
{
extern HRESULT g_hres;
g_hres=OleInitialize(NULL);
}
#endif
{
// workaround for bug #1008632
// http://sourceforge.net/tracker/index.php?func=detail&aid=1008632&group_id=22049&atid=373085