Commit d6e11a97 authored by Tor Lillqvist's avatar Tor Lillqvist
Browse files

Avoid potential DLL hijacking in ms-windows theme engine

Load uxtheme.dll from an absolute path. A proper uxtheme.dll, if
present, will always be in the Windows system directory, so load it
from there.
parent 4bd9e3ae
......@@ -166,6 +166,8 @@ static const short element_part_map[XP_THEME_ELEMENT__SIZEOF] = {
TKP_TICSVERT
};
#define UXTHEME_DLL "uxtheme.dll"
static HINSTANCE uxtheme_dll = NULL;
static HTHEME open_themes[XP_THEME_CLASS__SIZEOF];
static gboolean use_xp_theme = FALSE;
......@@ -228,12 +230,36 @@ xp_theme_close_open_handles (void)
void
xp_theme_init (void)
{
char *buf;
char dummy;
int n, k;
if (uxtheme_dll)
return;
memset (open_themes, 0, sizeof (open_themes));
uxtheme_dll = LoadLibrary ("uxtheme.dll");
n = GetSystemDirectory (&dummy, 0);
if (n <= 0)
return;
buf = g_malloc (n + 1 + strlen (UXTHEME_DLL));
k = GetSystemDirectory (buf, n);
if (k == 0 || k > n)
{
g_free (buf);
return;
}
if (!G_IS_DIR_SEPARATOR (buf[strlen (buf) -1]))
strcat (buf, G_DIR_SEPARATOR_S);
strcat (buf, UXTHEME_DLL);
uxtheme_dll = LoadLibrary (buf);
g_free (buf);
if (!uxtheme_dll)
return;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment