return got_username ? user : NULL;
}
+void dll_hijacking_protection(void)
+{
+ /*
+ * If the OS provides it, call SetDefaultDllDirectories() to
+ * prevent DLLs from being loaded from the directory containing
+ * our own binary, and instead only load from system32.
+ *
+ * This is a protection against hijacking attacks, if someone runs
+ * PuTTY directly from their web browser's download directory
+ * having previously been enticed into clicking on an unwise link
+ * that downloaded a malicious DLL to the same directory under one
+ * of various magic names that seem to be things that standard
+ * Windows DLLs delegate to.
+ *
+ * It shouldn't break deliberate loading of user-provided DLLs
+ * such as GSSAPI providers, because those are specified by their
+ * full pathname by the user-provided configuration.
+ */
+ static HMODULE kernel32_module;
+ DECL_WINDOWS_FUNCTION(static, BOOL, SetDefaultDllDirectories, (DWORD));
+
+ if (!kernel32_module) {
+ kernel32_module = load_system32_dll("kernel32.dll");
+ GET_WINDOWS_FUNCTION(kernel32_module, SetDefaultDllDirectories);
+ }
+
+ if (p_SetDefaultDllDirectories) {
+ /* LOAD_LIBRARY_SEARCH_SYSTEM32 only */
+ p_SetDefaultDllDirectories(0x800);
+ }
+}
+
BOOL init_winver(void)
{
ZeroMemory(&osVersion, sizeof(osVersion));
* Exports from winmisc.c.
*/
extern OSVERSIONINFO osVersion;
+void dll_hijacking_protection(void);
BOOL init_winver(void);
HMODULE load_system32_dll(const char *libname);
const char *win_strerror(int error);