ntdll: Randomize security cookie when available (try 3)
Alexandre Julliard
julliard at winehq.org
Thu Jun 25 00:00:42 CDT 2015
André Hentschel <nerv at dawncrow.de> writes:
> + /* randomize security cookie */
> +
> + if (IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG < nt->OptionalHeader.NumberOfRvaAndSizes &&
> + (pos = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG].VirtualAddress))
> + {
> + IMAGE_LOAD_CONFIG_DIRECTORY *loadcfg = (IMAGE_LOAD_CONFIG_DIRECTORY *)(ptr + pos);
> + ULONG_PTR *cookie = (ULONG_PTR *)loadcfg->SecurityCookie;
> +
> + srand( time( NULL ) );
> + *cookie = rand();
This won't be random at all.
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list