diff options
| author | Brad Fitzpatrick <bradfitz@golang.org> | 2016-04-02 00:20:13 +0000 |
|---|---|---|
| committer | Andrew Gerrand <adg@golang.org> | 2016-04-08 05:21:14 +0000 |
| commit | 16c42047effe28edd5a827bec4b198ffc83f5ec8 (patch) | |
| tree | ffe33a6d8257faa0c2e26a16e7e2b1d842b70d89 | |
| parent | b8af3fd1bd6338f315d92592c28ff26753f2f118 (diff) | |
| download | go-16c42047effe28edd5a827bec4b198ffc83f5ec8.tar.gz go-16c42047effe28edd5a827bec4b198ffc83f5ec8.zip | |
syscall: point to x/sys in DLL loading docs, update syscall generator
Updates the syscall generator for patchset 4 of https://golang.org/cl/21388.
Updates #14959
Change-Id: Icbd6df489887d3dcc076dfc73d4feb1376abaf8b
Reviewed-on: https://go-review.googlesource.com/21428
Reviewed-by: Alex Brainman <alex.brainman@gmail.com>
Reviewed-on: https://go-review.googlesource.com/21697
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
| -rw-r--r-- | src/syscall/dll_windows.go | 13 | ||||
| -rw-r--r-- | src/syscall/mksyscall_windows.go | 4 |
2 files changed, 15 insertions, 2 deletions
diff --git a/src/syscall/dll_windows.go b/src/syscall/dll_windows.go index 572fcee7e4..9c5c22628d 100644 --- a/src/syscall/dll_windows.go +++ b/src/syscall/dll_windows.go @@ -37,6 +37,13 @@ type DLL struct { } // LoadDLL loads the named DLL file into memory. +// +// If name is not an absolute path and is not a known system DLL used by +// Go, Windows will search for the named DLL in many locations, causing +// potential DLL preloading attacks. +// +// Use LazyDLL in golang.org/x/sys/windows for a secure way to +// load system DLLs. func LoadDLL(name string) (*DLL, error) { namep, err := UTF16PtrFromString(name) if err != nil { @@ -174,6 +181,12 @@ func (p *Proc) Call(a ...uintptr) (r1, r2 uintptr, lastErr error) { // It will delay the load of the DLL until the first // call to its Handle method or to one of its // LazyProc's Addr method. +// +// LazyDLL is subject to the same DLL preloading attacks as documented +// on LoadDLL. +// +// Use LazyDLL in golang.org/x/sys/windows for a secure way to +// load system DLLs. type LazyDLL struct { mu sync.Mutex dll *DLL // non nil once DLL is loaded diff --git a/src/syscall/mksyscall_windows.go b/src/syscall/mksyscall_windows.go index 546cb0d432..7786d1349e 100644 --- a/src/syscall/mksyscall_windows.go +++ b/src/syscall/mksyscall_windows.go @@ -707,9 +707,9 @@ func (src *Source) Generate(w io.Writer) error { } if *sysRepo { if packageName == "windows" { - return "&LazyDLL{Name: " + arg + ", Flags: LoadLibrarySearchSystem32}" + return "&LazyDLL{Name: " + arg + ", System: true}" } else { - return "&windows.LazyDLL{Name: " + arg + ", Flags: windows.LoadLibrarySearchSystem32}" + return "&windows.LazyDLL{Name: " + arg + ", System: true}" } } else { return syscalldot() + "NewLazyDLL(" + arg + ")" |