diff options
authorJason A. Donenfeld <Jason@zx2c4.com>2020-11-26 14:05:21 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2020-11-27 12:50:53 +0100
commit06fa04f63379899933b503bbfcd233e5d70f3c87 (patch)
parentmanager: move legacy store from conf (diff)
fetcher: delay load anything with transitive dependencies outside of knowndlls
It looks like advapi32.dll loads cryptbase.dll because RtlGenRandom is forwarded to it, and cryptbase.dll isn't in knowndlls. So, even though we haven't done anything wrong by importing advapi32.dll statically, the surprising forwarding behavior means that this is a disaster. At the same time, some UI-related system modules wind up calling loadlibraryex with default arguments, so again, even though linking to things like user32.dll and such statically is fine, microsoft is doing the wrong thing inside of them. Work around the first issue by loading advapi32.dll (and others, just for good measure) delayed, and work around the latter by gimping the dll search path. Reported-by: Stefan Kanthak <stefan.kanthak@nexgo.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2 files changed, 4 insertions, 1 deletions
diff --git a/installer/fetcher/Makefile b/installer/fetcher/Makefile
index 49b0bc51..0c150d90 100644
--- a/installer/fetcher/Makefile
+++ b/installer/fetcher/Makefile
@@ -13,7 +13,7 @@ LDLIBS += -lkernel32 -lwinhttp -lntdll -lshlwapi -lmsi -lcomctl32 -luser32 -lshe
LDFLAGS += -s -flto -Wl,--dynamicbase -Wl,--nxcompat -Wl,--tsaware -mwindows
LDFLAGS += -Wl,--major-os-version=6 -Wl,--minor-os-version=1 -Wl,--major-subsystem-version=6 -Wl,--minor-subsystem-version=1
# The use of -Wl,/delayload: here implies we're using llvm-mingw
-LDFLAGS += -Wl,/delayload:winhttp.dll -Wl,/delayload:msi.dll -Wl,/delayload:wintrust.dll
+LDFLAGS += -Wl,/delayload:winhttp.dll -Wl,/delayload:msi.dll -Wl,/delayload:wintrust.dll -Wl,/delayload:advapi32.dll -Wl,/delayload:shell32.dll -Wl,/delayload:shlwapi.dll -Wl,/delayload:gdi32.dll -Wl,/delayload:user32.dll -Wl,/delayload:comctl32.dll
TARGET := wireguard-installer.exe
CC := i686-w64-mingw32-clang
WINDRES := i686-w64-mingw32-windres
diff --git a/installer/fetcher/fetcher.c b/installer/fetcher/fetcher.c
index 473cb26d..2e0a2d16 100644
--- a/installer/fetcher/fetcher.c
+++ b/installer/fetcher/fetcher.c
@@ -284,6 +284,9 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR pCmdLine,
(void)hPrevInstance; (void)pCmdLine; (void)nCmdShow;
+ if (!SetDllDirectoryA("") || !SetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_SYSTEM32))
+ return 1;
progress = CreateWindowEx(0, PROGRESS_CLASS, "WireGuard Installer",