From: Stefan Oltmanns via ffmpeg-devel <ffmpeg-devel@ffmpeg.org>
To: ffmpeg-devel@ffmpeg.org
Cc: Stefan Oltmanns <stefan-oltmanns@gmx.net>
Subject: Re: [FFmpeg-devel] [PATCH v2] libavformat/vapoursynth: Update to API version 4, load library at runtime
Date: Mon, 22 Jul 2024 02:42:51 +0200
Message-ID: <4d4b309c-69cd-40ab-ab49-9d5c62855940@gmx.net> (raw)
In-Reply-To: <CA+anqdyBKeofcbepJ34Z1auNwCYFakdr++j6wp3xB1nK8i7pmw@mail.gmail.com>
Am 22.07.24 um 00:15 schrieb Hendrik Leppkes:
> On Mon, Jul 22, 2024 at 12:08 AM Stefan Oltmanns via ffmpeg-devel
> <ffmpeg-devel@ffmpeg.org> wrote:
>>
>> Am 18.07.24 um 17:23 schrieb epirat07@gmail.com:
>>>
>>>>>
>>>>> Well, the DLL directory is added to PATH by the VapourSynth installer,
>>>>> but for safety reasons ffmpeg explictly tells the LoadLibrary function
>>>>> to only search the application directory and system32, quote from
>>>>> w32dlfcn.h:
>>>>>
>>>>>> /**
>>>>>> * Safe function used to open dynamic libs. This attempts to improve program security
>>>>>> * by removing the current directory from the dll search path. Only dll's found in the
>>>>>> * executable or system directory are allowed to be loaded.
>>>>>> * @param name The dynamic lib name.
>>>>>> * @return A handle to the opened lib.
>>>>>> */
>>>>> So ffmpeg prevents that solution on purpose. Or should that behavior be
>>>>> changed in the w32dlfcn.h?
>>>>
>>>> Oh, bummer. I would expect that overriding the PATH environment
>>>> variable would work kind of like how LD_LIBRARY_PATH works on Linux. I
>>>> don't know why that was changed. I don't really follow what goes on in
>>>> Windowsland anymore. Does anyone else care to comment on this? Martin,
>>>> maybe?
>>>
>>> IIRC this is done to prevent DLL injection attacks
>>>
>>> https://learn.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-security
>>>
>>
>> So what's your proposal how to continue?
>>
>> I see different options with pros&cons:
>>
>>
>> 1.
>> Read the DLL path from registry, function for that could be located
>> outside the VapourSynth module.
>>
>> Pro: Safest method to protect from DLL-injection
>> Con: A lot of custom code/functionality for Windows
>>
>
> Relaxing security considerations to avoid a 10 line function seems not
> worth it to me. So go with actually finding the correct path.
>
Ok, should that function remain in the vapoursynth module, or should
handling the registry be done in a header like "compat/w32registry.h"?
An external file with a universal function would of course require more
code.
Best regards
Stefan
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2024-07-22 0:43 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-06 21:08 Stefan Oltmanns via ffmpeg-devel
2024-07-18 9:37 ` Stefan Oltmanns via ffmpeg-devel
2024-07-18 11:25 ` Anton Khirnov
2024-07-18 15:38 ` Stefan Oltmanns via ffmpeg-devel
2024-07-22 6:57 ` Anton Khirnov
2024-07-23 0:24 ` Stefan Oltmanns via ffmpeg-devel
2024-07-18 11:08 ` Ramiro Polla
2024-07-18 12:48 ` Stefan Oltmanns via ffmpeg-devel
2024-07-18 13:04 ` Ramiro Polla
2024-07-18 13:41 ` Stefan Oltmanns via ffmpeg-devel
2024-07-18 14:21 ` Ramiro Polla
2024-07-18 14:53 ` Stefan Oltmanns via ffmpeg-devel
2024-07-19 17:05 ` Stephen Hutchinson
2024-07-18 15:23 ` epirat07
2024-07-21 22:08 ` Stefan Oltmanns via ffmpeg-devel
2024-07-21 22:15 ` Hendrik Leppkes
2024-07-22 0:42 ` Stefan Oltmanns via ffmpeg-devel [this message]
2024-07-22 6:36 ` Hendrik Leppkes
2024-07-22 12:13 ` Ramiro Polla
2024-07-22 13:41 ` Hendrik Leppkes
2024-07-22 18:28 ` Ramiro Polla
2024-07-22 13:52 ` Stefan Oltmanns via ffmpeg-devel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4d4b309c-69cd-40ab-ab49-9d5c62855940@gmx.net \
--to=ffmpeg-devel@ffmpeg.org \
--cc=stefan-oltmanns@gmx.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git