Dll hijacking fixes: Windows version check + SetDllDirectory("").

2016-08-14 21:55:59 +03:00 · 2016-08-14 21:55:59 +03:00 · 50b10ba0bf
parent 994576375e
commit 50b10ba0bf
3 changed files with 42 additions and 11 deletions
--- a/Telegram/SourceFiles/platform/win/windows_dlls.cpp
+++ b/Telegram/SourceFiles/platform/win/windows_dlls.cpp
@ -24,6 +24,23 @@ Copyright (c) 2014-2016 John Preston, https://desktop.telegram.org
 namespace Platform {
 namespace Dlls {
 f_SetDllDirectory SetDllDirectory;
 HINSTANCE LibKernel32;
 void init() {
 	static bool inited = false;
 	if (inited) return;
 	inited = true;
 	LibKernel32 = LoadLibrary(L"KERNEL32.DLL");
 	load(LibKernel32, "SetDllDirectoryW", SetDllDirectory);
 	if (SetDllDirectory) {
 		// Remove the current directory from the DLL search order.
 		SetDllDirectory(L"");
 	}
 }
 f_SetWindowTheme SetWindowTheme;
 f_OpenAs_RunDLL OpenAs_RunDLL;
 f_SHOpenWithDialog SHOpenWithDialog;
@ -45,8 +62,7 @@ HINSTANCE LibPropSys;
 HINSTANCE LibComBase;
 void start() {
-	LibUxTheme = LoadLibrary(L"UXTHEME.DLL");
+	init();
 	load(LibUxTheme, "SetWindowTheme", SetWindowTheme);
 	LibShell32 = LoadLibrary(L"SHELL32.DLL");
 	load(LibShell32, "SHAssocEnumHandlers", SHAssocEnumHandlers);
@ -56,17 +72,25 @@ void start() {
 	load(LibShell32, "SHQueryUserNotificationState", SHQueryUserNotificationState);
 	load(LibShell32, "SetCurrentProcessExplicitAppUserModelID", SetCurrentProcessExplicitAppUserModelID);
-	LibWtsApi32 = LoadLibrary(L"WTSAPI32.DLL");
+	auto version = QSysInfo::windowsVersion();
-	load(LibWtsApi32, "WTSRegisterSessionNotification", WTSRegisterSessionNotification);
+	if (version >= QSysInfo::WV_VISTA) {
-	load(LibWtsApi32, "WTSUnRegisterSessionNotification", WTSUnRegisterSessionNotification);
+		LibUxTheme = LoadLibrary(L"UXTHEME.DLL");
 		load(LibUxTheme, "SetWindowTheme", SetWindowTheme);
-	LibPropSys = LoadLibrary(L"PROPSYS.DLL");
+		LibWtsApi32 = LoadLibrary(L"WTSAPI32.DLL");
-	load(LibPropSys, "PropVariantToString", PropVariantToString);
+		load(LibWtsApi32, "WTSRegisterSessionNotification", WTSRegisterSessionNotification);
 		load(LibWtsApi32, "WTSUnRegisterSessionNotification", WTSUnRegisterSessionNotification);
-	LibComBase = LoadLibrary(L"COMBASE.DLL");
+		LibPropSys = LoadLibrary(L"PROPSYS.DLL");
-	load(LibComBase, "RoGetActivationFactory", RoGetActivationFactory);
+		load(LibPropSys, "PropVariantToString", PropVariantToString);
-	load(LibComBase, "WindowsCreateStringReference", WindowsCreateStringReference);
+
-	load(LibComBase, "WindowsDeleteString", WindowsDeleteString);
+		if (version >= QSysInfo::WV_WINDOWS8) {
 			LibComBase = LoadLibrary(L"COMBASE.DLL");
 			load(LibComBase, "RoGetActivationFactory", RoGetActivationFactory);
 			load(LibComBase, "WindowsCreateStringReference", WindowsCreateStringReference);
 			load(LibComBase, "WindowsDeleteString", WindowsDeleteString);
 		}
 	}
 }
 } // namespace Dlls
--- a/Telegram/SourceFiles/platform/win/windows_dlls.h
+++ b/Telegram/SourceFiles/platform/win/windows_dlls.h
@ -27,6 +27,12 @@ Copyright (c) 2014-2016 John Preston, https://desktop.telegram.org
 namespace Platform {
 namespace Dlls {
 void init();
 // KERNEL32.DLL
 typedef BOOL (FAR STDAPICALLTYPE *f_SetDllDirectory)(LPCWSTR lpPathName);
 extern f_SetDllDirectory SetDllDirectory;
 void start();
 template <typename Function>
--- a/Telegram/SourceFiles/pspecific_win.cpp
+++ b/Telegram/SourceFiles/pspecific_win.cpp
@ -737,6 +737,7 @@ void psShowInFolder(const QString &name) {
 namespace Platform {
 void start() {
 	Dlls::init();
 }
 void finish() {