Closed marcosfrm closed 7 months ago
jcoffland
commented
7 months ago Currently there are only three DLLs loaded by cbang. They are ntdll.dll, OpenCL.dll and nvcuda.dll. Are these always located in %windows%\system32? If so we could restrict DLL searching to this location.
jcoffland
commented
7 months ago I've restricted DLL search with LOAD_LIBRARY_SEARCH_DEFAULT_DIRS. I think this is a reasonable because the application's install path permissions are the application's responsibility (i.e. ours). By not searching the PATH we are not exposed to 3rd party mistakes. Hopefully this wont break OpenCL or CUDA for some users.
marcosfrm
commented
7 months ago Thanks. nvcuda.dll and OpenCL.dll are in C:\Windows\System32. *crossed fingers*
https://github.com/CauldronDevelopmentLLC/cbang/blob/12ad46a0593634605c8ab98bd85d1fffb763f9e5/src/cbang/os/DynamicLibrary.cpp#L72
LoadLibrary()search order is often too broad:https://itm4n.github.io/windows-dll-hijacking-clarified/
LoadLibraryEx()has flags to restrict the search path. The important ones require at minimum Vista/7 with KB2533623 installed.