This is the mail archive of the cygwin-developers mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: DLL hijacking problem


On Aug 28 08:35, Lee wrote:
> On 8/27/10, Corinna Vinschen wrote:
> > Hi,
> >
> > This DLL hijacking problem goes from simmering to boiling pretty fast
> > right now:
> > http://www.microsoft.com/technet/security/advisory/2269637.mspx
> > The exploit DB fills rapidly in the last couple of days:
> > http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=DLL+Hijacking&filter_author=&filter_platform=0&filter_type=0&filter_port=&filter_osvdb=&filter_cve=
> >
> > Given
> > http://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx
> >
> > I propose to change all calls to
> >
> >   LoadLibrary ("any-Win32-system.dll")
> >
> > to (basically)
> >
> >   GetSystemDirectory (path);
> >   strcat (path, "\\any-Win32-system.dll");
> >   LoadLibrary (path);
> >
> > Or does anybody think this is overreacting?
> 
> Would cygwin1.dll still be loaded from the directory from which the
> application loaded or would I have to put a copy of cygwin1.dll into
> whatever GetSystemDirectory resolves to?

Copying cygwin1.dll to the system directory was never correct, contains
to be so, and has nothing to do with the actual DLL hijacking problem.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]