|
1 From 77ef9c7e79a8e8d948c11330584ea205b35bb0e1 Mon Sep 17 00:00:00 2001 |
|
2 From: Brad Fitzpatrick <[email protected]> |
|
3 Date: Sat, 2 Apr 2016 00:20:13 +0000 |
|
4 Subject: [PATCH 77/79] syscall: point to x/sys in DLL loading docs, update |
|
5 syscall generator |
|
6 |
|
7 Updates the syscall generator for patchset 4 of https://golang.org/cl/21388. |
|
8 |
|
9 Updates #14959 |
|
10 |
|
11 Change-Id: Icbd6df489887d3dcc076dfc73d4feb1376abaf8b |
|
12 Reviewed-on: https://go-review.googlesource.com/21428 |
|
13 Reviewed-by: Alex Brainman <[email protected]> |
|
14 Reviewed-on: https://go-review.googlesource.com/21680 |
|
15 Reviewed-by: Brad Fitzpatrick <[email protected]> |
|
16 --- |
|
17 src/syscall/dll_windows.go | 13 +++++++++++++ |
|
18 src/syscall/mksyscall_windows.go | 4 ++-- |
|
19 2 files changed, 15 insertions(+), 2 deletions(-) |
|
20 |
|
21 diff --git a/src/syscall/dll_windows.go b/src/syscall/dll_windows.go |
|
22 index ec8d85b..453ec11 100644 |
|
23 --- a/src/syscall/dll_windows.go |
|
24 +++ b/src/syscall/dll_windows.go |
|
25 @@ -37,6 +37,13 @@ type DLL struct { |
|
26 } |
|
27 |
|
28 // LoadDLL loads the named DLL file into memory. |
|
29 +// |
|
30 +// If name is not an absolute path and is not a known system DLL used by |
|
31 +// Go, Windows will search for the named DLL in many locations, causing |
|
32 +// potential DLL preloading attacks. |
|
33 +// |
|
34 +// Use LazyDLL in golang.org/x/sys/windows for a secure way to |
|
35 +// load system DLLs. |
|
36 func LoadDLL(name string) (*DLL, error) { |
|
37 namep, err := UTF16PtrFromString(name) |
|
38 if err != nil { |
|
39 @@ -174,6 +181,12 @@ func (p *Proc) Call(a ...uintptr) (r1, r2 uintptr, lastErr error) { |
|
40 // It will delay the load of the DLL until the first |
|
41 // call to its Handle method or to one of its |
|
42 // LazyProc's Addr method. |
|
43 +// |
|
44 +// LazyDLL is subject to the same DLL preloading attacks as documented |
|
45 +// on LoadDLL. |
|
46 +// |
|
47 +// Use LazyDLL in golang.org/x/sys/windows for a secure way to |
|
48 +// load system DLLs. |
|
49 type LazyDLL struct { |
|
50 mu sync.Mutex |
|
51 dll *DLL // non nil once DLL is loaded |
|
52 diff --git a/src/syscall/mksyscall_windows.go b/src/syscall/mksyscall_windows.go |
|
53 index 546cb0d..7786d13 100644 |
|
54 --- a/src/syscall/mksyscall_windows.go |
|
55 +++ b/src/syscall/mksyscall_windows.go |
|
56 @@ -707,9 +707,9 @@ func (src *Source) Generate(w io.Writer) error { |
|
57 } |
|
58 if *sysRepo { |
|
59 if packageName == "windows" { |
|
60 - return "&LazyDLL{Name: " + arg + ", Flags: LoadLibrarySearchSystem32}" |
|
61 + return "&LazyDLL{Name: " + arg + ", System: true}" |
|
62 } else { |
|
63 - return "&windows.LazyDLL{Name: " + arg + ", Flags: windows.LoadLibrarySearchSystem32}" |
|
64 + return "&windows.LazyDLL{Name: " + arg + ", System: true}" |
|
65 } |
|
66 } else { |
|
67 return syscalldot() + "NewLazyDLL(" + arg + ")" |
|
68 -- |
|
69 2.7.4 |
|
70 |