Increase safety on Windows

Call SetDllDirectory() to reduce risk of DLL hijacking, and call
SetProcessDEPPolicy() to reduce risk of rogue code execution.

diff --git a/addressbook/libedata-book/e-data-book-factory.c b/addressbook/libedata-book/e-data-book-factory.c
index f5f0f7f..e823891 100644 (file)
--- a/addressbook/libedata-book/e-data-book-factory.c
+++ b/addressbook/libedata-book/e-data-book-factory.c
@@ -36,6 +36,17 @@
 
 #include "e-gdbus-egdbusbookfactory.h"
 
+#ifdef G_OS_WIN32
+#include <windows.h>
+#include <conio.h>
+#ifndef PROCESS_DEP_ENABLE
+#define PROCESS_DEP_ENABLE 0x00000001
+#endif
+#ifndef PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION
+#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
+#endif
+#endif
+
 #define d(x)
 
 static GMainLoop *loop;
@@ -555,6 +566,28 @@ main (gint argc, gchar **argv)
        EDataBookFactory *factory;
        guint owner_id;
 
+#ifdef G_OS_WIN32
+       /* Reduce risks */
+       {
+               typedef BOOL (WINAPI *t_SetDllDirectoryA) (LPCSTR lpPathName);
+               t_SetDllDirectoryA p_SetDllDirectoryA;
+
+               p_SetDllDirectoryA = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetDllDirectoryA");
+               if (p_SetDllDirectoryA)
+                       (*p_SetDllDirectoryA) ("");
+       }
+#ifndef _WIN64
+       {
+               typedef BOOL (WINAPI *t_SetProcessDEPPolicy) (DWORD dwFlags);
+               t_SetProcessDEPPolicy p_SetProcessDEPPolicy;
+
+               p_SetProcessDEPPolicy = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetProcessDEPPolicy");
+               if (p_SetProcessDEPPolicy)
+                       (*p_SetProcessDEPPolicy) (PROCESS_DEP_ENABLE|PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);
+       }
+#endif
+#endif
+
        g_type_init ();
        g_set_prgname (E_PRGNAME);
        if (!g_thread_supported ()) g_thread_init (NULL);

diff --git a/calendar/libedata-cal/e-data-cal-factory.c b/calendar/libedata-cal/e-data-cal-factory.c
index 2ec7eda..88aeb41 100644 (file)
--- a/calendar/libedata-cal/e-data-cal-factory.c
+++ b/calendar/libedata-cal/e-data-cal-factory.c
@@ -45,6 +45,17 @@
 
 #include "e-gdbus-egdbuscalfactory.h"
 
+#ifdef G_OS_WIN32
+#include <windows.h>
+#include <conio.h>
+#ifndef PROCESS_DEP_ENABLE
+#define PROCESS_DEP_ENABLE 0x00000001
+#endif
+#ifndef PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION
+#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
+#endif
+#endif
+
 #define d(x)
 
 static GMainLoop *loop;
@@ -854,6 +865,28 @@ main (gint argc, gchar **argv)
        EDataCalFactory *factory;
        guint owner_id;
 
+#ifdef G_OS_WIN32
+       /* Reduce risks */
+       {
+               typedef BOOL (WINAPI *t_SetDllDirectoryA) (LPCSTR lpPathName);
+               t_SetDllDirectoryA p_SetDllDirectoryA;
+
+               p_SetDllDirectoryA = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetDllDirectoryA");
+               if (p_SetDllDirectoryA)
+                       (*p_SetDllDirectoryA) ("");
+       }
+#ifndef _WIN64
+       {
+               typedef BOOL (WINAPI *t_SetProcessDEPPolicy) (DWORD dwFlags);
+               t_SetProcessDEPPolicy p_SetProcessDEPPolicy;
+
+               p_SetProcessDEPPolicy = GetProcAddress (GetModuleHandle ("kernel32.dll"), "SetProcessDEPPolicy");
+               if (p_SetProcessDEPPolicy)
+                       (*p_SetProcessDEPPolicy) (PROCESS_DEP_ENABLE|PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);
+       }
+#endif
+#endif
+
        setlocale (LC_ALL, "");
        bindtextdomain (GETTEXT_PACKAGE, LOCALEDIR);
        bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");