Commit 1bebc53b authored by Jason A. Donenfeld's avatar Jason A. Donenfeld Committed by Dmitri Shuralyov
Browse files

[release-branch.go1.11] runtime: safely load DLLs 

While many other call sites have been moved to using the proper
higher-level system loading, these areas were left out. This prevents
DLL directory injection attacks. This includes both the runtime load
calls (using LoadLibrary prior) and the implicitly linked ones via
cgo_import_dynamic, which we move to our LoadLibraryEx. The goal is to
only loosely load kernel32.dll and strictly load all others.

Meanwhile we make sure that we never fallback to insecure loading on
older or unpatched systems.

This is CVE-2019-9634.

Fixes #30989
Updates #14959
Updates #28978
Updates #30642

Change-Id: I401a13ed8db248ab1bb5039bf2d31915cac72b93
Reviewed-on: https://go-review.googlesource.com/c/go/+/165798


Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: default avatarAlex Brainman <alex.brainman@gmail.com>
(cherry picked from commit 9b6e9f0c)
Reviewed-on: https://go-review.googlesource.com/c/go/+/175378


Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: default avatarAndrew Bonventre <andybons@golang.org>
parent 5ee175e6
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment