diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-07-09 02:20:39 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-11-08 23:20:35 +0100 |
| commit | f67748ae8e3ebefc1361d6e8a7f8e5020ff68517 (patch) | |
| tree | 7598dd5467ab2913b4517745188e5b87f1859078 /src/Common/Random.c | |
| parent | d6817f941a1218aa1564da158f87ac7ec4434396 (diff) | |
| download | VeraCrypt-f67748ae8e3ebefc1361d6e8a7f8e5020ff68517.tar.gz VeraCrypt-f67748ae8e3ebefc1361d6e8a7f8e5020ff68517.zip | |
Static Code Analysis : fix non-absolute DLL/process loads that can be hijacked (Microsoft Security Advisory 2269637).
Diffstat (limited to 'src/Common/Random.c')
| -rw-r--r-- | src/Common/Random.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/Common/Random.c b/src/Common/Random.c index ceb14e33..c897e3b7 100644 --- a/src/Common/Random.c +++ b/src/Common/Random.c @@ -573,7 +573,15 @@ BOOL SlowPoll (void) {
/* Obtain a handle to the module containing the Lan Manager
functions */
- hNetAPI32 = LoadLibrary ("NETAPI32.DLL");
+ char dllPath[MAX_PATH];
+ if (GetSystemDirectory (dllPath, MAX_PATH))
+ {
+ strcat(dllPath, "\\NETAPI32.DLL");
+ }
+ else
+ strcpy(dllPath, "C:\\Windows\\System32\\NETAPI32.DLL");
+
+ hNetAPI32 = LoadLibrary (dllPath);
if (hNetAPI32 != NULL)
{
/* Now get pointers to the functions */
|