[llvm] ef1dbcd - [Windows] Restrict searchpath of dbghelp.dll to System32 (#90520)
via llvm-commits
llvm-commits at lists.llvm.org
Tue Apr 30 19:57:28 PDT 2024
Author: jofrn
Date: 2024-04-30T22:57:24-04:00
New Revision: ef1dbcd60f81dafd777355ffd675e1bb73358d77
URL: https://github.com/llvm/llvm-project/commit/ef1dbcd60f81dafd777355ffd675e1bb73358d77
DIFF: https://github.com/llvm/llvm-project/commit/ef1dbcd60f81dafd777355ffd675e1bb73358d77.diff
LOG: [Windows] Restrict searchpath of dbghelp.dll to System32 (#90520)
LoadLibraryW will lookup dlls in user directories if its search path is
left unrestricted. This is a security vulnerability as one can name a
shared library the same as that of a system dll in order to run
arbitrary code when the shared library is loaded from the path in a user
directory. This change modifies it to only search within sys32 when
loading dbghelp.dll.
Added:
Modified:
llvm/lib/Support/Windows/Signals.inc
Removed:
################################################################################
diff --git a/llvm/lib/Support/Windows/Signals.inc b/llvm/lib/Support/Windows/Signals.inc
index 34635b5aba7a1b..29ebf7c696e04f 100644
--- a/llvm/lib/Support/Windows/Signals.inc
+++ b/llvm/lib/Support/Windows/Signals.inc
@@ -168,7 +168,8 @@ static bool isDebugHelpInitialized() {
}
static bool load64BitDebugHelp(void) {
- HMODULE hLib = ::LoadLibraryW(L"Dbghelp.dll");
+ HMODULE hLib =
+ ::LoadLibraryExA("Dbghelp.dll", NULL, LOAD_LIBRARY_SEARCH_SYSTEM32);
if (hLib) {
fMiniDumpWriteDump =
(fpMiniDumpWriteDump)::GetProcAddress(hLib, "MiniDumpWriteDump");
More information about the llvm-commits
mailing list