diff options
| author | Jay Satiro <raysatiro@yahoo.com> | 2016-06-05 21:07:03 -0400 |
|---|---|---|
| committer | Jay Satiro <raysatiro@yahoo.com> | 2016-06-05 21:07:03 -0400 |
| commit | 84a48e5732d9dd0c98fda3597352e4b16f35a7ad (patch) | |
| tree | 0a3c987061a90ed84f82e82123d6cbabeb6d2488 /lib/system_win32.c | |
| parent | 1aa899ff38548a5d1c196f5c9ad7047f0fae3f5a (diff) | |
| download | gnurl-84a48e5732d9dd0c98fda3597352e4b16f35a7ad.tar.gz gnurl-84a48e5732d9dd0c98fda3597352e4b16f35a7ad.tar.bz2 gnurl-84a48e5732d9dd0c98fda3597352e4b16f35a7ad.zip | |
checksrc: Add LoadLibrary to the banned functions list
LoadLibrary was supplanted by Curl_load_library for security
reasons in 6df916d.
Diffstat (limited to 'lib/system_win32.c')
| -rw-r--r-- | lib/system_win32.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/system_win32.c b/lib/system_win32.c index 4cc5f2362..2ba7d0bc1 100644 --- a/lib/system_win32.c +++ b/lib/system_win32.c @@ -249,10 +249,12 @@ HMODULE Curl_load_library(LPCTSTR filename) there is. Note: Both back slashes and forward slashes have been supported since the earlier days of DOS at an API level although they are not supported by command prompt */ - if(_tcspbrk(filename, TEXT("\\/"))) + if(_tcspbrk(filename, TEXT("\\/"))) { + /** !checksrc! disable BANNEDFUNC 1 **/ hModule = pLoadLibraryEx ? pLoadLibraryEx(filename, NULL, LOAD_WITH_ALTERED_SEARCH_PATH) : LoadLibrary(filename); + } /* Detect if KB2533623 is installed, as LOAD_LIBARY_SEARCH_SYSTEM32 is only supported on Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2 with this patch or natively on Windows 8 and above */ @@ -274,6 +276,7 @@ HMODULE Curl_load_library(LPCTSTR filename) _tcscpy(path + _tcslen(path), filename); /* Load the DLL from the Windows system directory */ + /** !checksrc! disable BANNEDFUNC 1 **/ hModule = pLoadLibraryEx ? pLoadLibraryEx(path, NULL, LOAD_WITH_ALTERED_SEARCH_PATH) : LoadLibrary(path); |