ntdll: Randomize security cookie when available (try 4)
Alexandre Julliard
julliard at winehq.org
Mon Jun 29 07:16:40 CDT 2015
André Hentschel <nerv at dawncrow.de> writes:
> @@ -1278,6 +1281,26 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
> }
> }
>
> +
> + /* randomize security cookie */
> +
> + if (IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG < nt->OptionalHeader.NumberOfRvaAndSizes &&
> + (pos = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG].VirtualAddress))
> + {
> + IMAGE_LOAD_CONFIG_DIRECTORY *loadcfg = (IMAGE_LOAD_CONFIG_DIRECTORY *)(ptr + pos);
> + ULONG_PTR *cookie = (ULONG_PTR *)loadcfg->SecurityCookie;
> + struct timeval tv;
> +
> + gettimeofday( &tv, NULL );
> + srand( tv.tv_usec * getpid() );
> + *cookie = rand();
That's not much better. It doesn't make sense to reset the seed on every
call.
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list