From a206e5e847e3f3a075f54797a28f9de3fead4dbe Mon Sep 17 00:00:00 2001 From: Chris Waldon Date: Wed, 8 Jan 2025 20:15:37 -0500 Subject: [PATCH] app: [Windows] use NewLazySystemDLL for kernel32.dll In order to avoid DLL preloading attacks, we should always load our system dependencies using the helper that only searches the system library path. Thanks to Mohsen Mirzakhani and Utkarsh Satya Prakash for bringing this to our attention. Signed-off-by: Chris Waldon --- app/log_windows.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/app/log_windows.go b/app/log_windows.go index f6f654cf..17de2916 100644 --- a/app/log_windows.go +++ b/app/log_windows.go @@ -4,14 +4,15 @@ package app import ( "log" - "syscall" "unsafe" + + syscall "golang.org/x/sys/windows" ) type logger struct{} var ( - kernel32 = syscall.NewLazyDLL("kernel32") + kernel32 = syscall.NewLazySystemDLL("kernel32") outputDebugStringW = kernel32.NewProc("OutputDebugStringW") debugView *logger )