AuroraMiddleware/gtk
1
0
Fork 1
mirror of https://gitlab.gnome.org/GNOME/gtk.git synced 2024-12-27 06:00:22 +00:00
Code Issues Projects Releases Wiki Activity

Avoid potential DLL hijacking in Wintab code

Browse Source 
Load Wintab32.dll from an absolute path. A proper Wintab32.dll, if
present, should be in the Windows system directory, so load it from
there.
This commit is contained in:
Tor Lillqvist 2010-09-09 19:48:42 +03:00
parent fa1b57ca97
commit 88f54ea47d
1 changed files with 24 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
gdk/win32/gdkinput-win32.c
View File

@ -37,6 +37,8 @@
#include "gdkprivate-win32.h" #include "gdkprivate-win32.h"
#include "gdkinput-win32.h" #include "gdkinput-win32.h"
#define WINTAB32_DLL "Wintab32.dll"
#define PACKETDATA (PK_CONTEXT | PK_CURSOR | PK_BUTTONS | PK_X | PK_Y | PK_NORMAL_PRESSURE | PK_ORIENTATION) #define PACKETDATA (PK_CONTEXT | PK_CURSOR | PK_BUTTONS | PK_X | PK_Y | PK_NORMAL_PRESSURE | PK_ORIENTATION)
/* We want everything in absolute mode */ /* We want everything in absolute mode */
#define PACKETMODE (0) #define PACKETMODE (0)
@ -334,12 +336,14 @@ _gdk_input_wintab_init_check (void)
BOOL active; BOOL active;
DWORD physid; DWORD physid;
AXIS axis_x, axis_y, axis_npressure, axis_or[3]; AXIS axis_x, axis_y, axis_npressure, axis_or[3];
int i, k; int i, k, n;
int devix, cursorix; int devix, cursorix;
wchar_t devname[100], csrname[100]; wchar_t devname[100], csrname[100];
gchar *devname_utf8, *csrname_utf8; gchar *devname_utf8, *csrname_utf8;
BOOL defcontext_done; BOOL defcontext_done;
HMODULE wintab32; HMODULE wintab32;
char *wintab32_dll_path;
char dummy;
if (wintab_initialized) if (wintab_initialized)
return; return;
@ -351,7 +355,25 @@ _gdk_input_wintab_init_check (void)
if (_gdk_input_ignore_wintab) if (_gdk_input_ignore_wintab)
return; return;
if ((wintab32 = LoadLibrary ("wintab32.dll")) == NULL) n = GetSystemDirectory (&dummy, 0);
if (n <= 0)
return;
wintab32_dll_path = g_malloc (n + 1 + strlen (WINTAB32_DLL));
k = GetSystemDirectory (wintab32_dll_path, n);
if (k == 0 || k > n)
{
g_free (wintab32_dll_path);
return;
}
if (!G_IS_DIR_SEPARATOR (wintab32_dll_path[strlen (wintab32_dll_path) -1]))
strcat (wintab32_dll_path, G_DIR_SEPARATOR_S);
strcat (wintab32_dll_path, WINTAB32_DLL);
if ((wintab32 = LoadLibrary (wintab32_dll_path)) == NULL)
return; return;
if ((p_WTInfoA = (t_WTInfoA) GetProcAddress (wintab32, "WTInfoA")) == NULL) if ((p_WTInfoA = (t_WTInfoA) GetProcAddress (wintab32, "WTInfoA")) == NULL)