Commit 24386abb authored by Tor Lillqvist's avatar Tor Lillqvist

Increase safety on Windows

Call SetDllDirectory() to reduce risk of DLL hijacking, and call
SetProcessDEPPolicy() to reduce risk of rogue code execution.
parent bfce429d
......@@ -60,6 +60,10 @@
#include "version.h"
#ifdef G_OS_WIN32
/* To get PROCESS_DEP_* defined we need _WIN32_WINNT at 0x0601. We still
* use the API optionally only if present, though.
*/
#define _WIN32_WINNT 0x0601
#include <windows.h>
#include <conio.h>
#endif
......@@ -279,6 +283,30 @@ main (int argc,
argv = __argv;
#endif
#ifdef G_OS_WIN32
/* Reduce risks */
{
typedef BOOL (WINAPI *t_SetDllDirectoryA) (LPCSTR lpPathName);
t_SetDllDirectoryA p_SetDllDirectoryA;
p_SetDllDirectoryA = GetProcAddress (GetModuleHandle ("kernel32.dll"),
"SetDllDirectoryA");
if (p_SetDllDirectoryA)
(*p_SetDllDirectoryA) ("");
}
#ifndef _WIN64
{
typedef BOOL (WINAPI *t_SetProcessDEPPolicy) (DWORD dwFlags);
t_SetProcessDEPPolicy p_SetProcessDEPPolicy;
p_SetProcessDEPPolicy = GetProcAddress (GetModuleHandle ("kernel32.dll"),
"SetProcessDEPPolicy");
if (p_SetProcessDEPPolicy)
(*p_SetProcessDEPPolicy) (PROCESS_DEP_ENABLE|PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);
}
#endif
#endif
g_thread_init (NULL);
#ifdef GIMP_UNSTABLE
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment