[Libreoffice-commits] core.git: sal/osl

Mike Kaganski (via logerrit) logerrit at kemper.freedesktop.org
Wed Apr 17 04:02:26 UTC 2019 

 sal/osl/w32/process.cxx |    6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

New commits:
commit c650217cc543080928a26de4bfc07ebb0be5c6ca
Author:     Mike Kaganski <mike.kaganski at collabora.com>
AuthorDate: Tue Apr 16 22:08:42 2019 +0200
Commit:     Mike Kaganski <mike.kaganski at collabora.com>
CommitDate: Wed Apr 17 06:01:36 2019 +0200

    tdf#124776: don't use SearchPathW to get full path of executable
    
    ... use GetModuleFileNameW() for that.
    
    We call SetDllDirectoryW and SetSearchPathMode to improve security of
    the process, and exclude some paths (including current directory) from
    search when using API that looks for binaries whose names are not fully
    qualified.
    
    So the sequence is this:
    1. Program is started using relative executable path like
       "instdir\program\soffice";
    2. sal_detail_initialize is called, which calls the two mentioned
       hardening functions;
    3. sal_detail_initialize calls osl_setCommandArgs, which in turn calls
       osl_createCommandArgs_Impl;
    4. The latter uses SearchPathW with empty path and first program arg
       "instdir\program\soffice" to find fully qualified program path.
    
    That now naturally fails, because current path is not searched.
    
    But to find the process name, we need no search: we can simply use
    GetModuleFileNameW() with NULL passed as module handle. Let's use that.
    
    Note that we can't use _wpgmptr/_get_wpgmptr, because we don't use wide
    entry point like wmain.
    
    Change-Id: I7a0013a0505f7bdd38164b09b045bfade9686664
    Reviewed-on: https://gerrit.libreoffice.org/70844
    Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
    Tested-by: Mike Kaganski <mike.kaganski at collabora.com>

diff --git a/sal/osl/w32/process.cxx b/sal/osl/w32/process.cxx
index f1e223bd34cd..cc5c1568f2f4 100644
--- a/sal/osl/w32/process.cxx
+++ b/sal/osl/w32/process.cxx
@@ -335,10 +335,8 @@ static rtl_uString ** osl_createCommandArgs_Impl (int argc, char **)
         {
             /* Ensure absolute path */
             ::osl::LongPathBuffer< sal_Unicode > aBuffer( MAX_LONG_PATH );
-            DWORD dwResult = 0;
-
-            dwResult = SearchPathW (
-                nullptr, o3tl::toW(ppArgs[0]->buffer), L".exe", aBuffer.getBufSizeInSymbols(), o3tl::toW(aBuffer), nullptr);
+            DWORD dwResult
+                = GetModuleFileNameW(nullptr, o3tl::toW(aBuffer), aBuffer.getBufSizeInSymbols());
             if ((0 < dwResult) && (dwResult < aBuffer.getBufSizeInSymbols()))
             {
                 /* Replace argv[0] with its absolute path */

More information about the Libreoffice-commits mailing list