simon-git: putty (master): Simon Tatham

Commits to Tartarus hosted VCS tartarus-commits at lists.tartarus.org
Sat Apr 29 10:25:54 BST 2017 

TL;DR:
  73039b7 Load winmm.dll (for PlaySound()) at run time.
  793ac87 Load the Windows printing subsystem at run time.
  f77ee39 Load comctl32.dll (for drag lists) at run time.
  b1829b8 Update version number for 0.69 release.
  d6d1093 Release checklist update: no @releases array!

Repository:     https://git.tartarus.org/simon/putty.git
On the web:     https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2017-04-29 10:25:54

commit 73039b7831aa863fabba1e6ff06471643303ae09
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=73039b7831aa863fabba1e6ff06471643303ae09;hp=b189df947d2625499cf508fd1fae7e18b03b9247
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Mar 13 21:24:06 2017 +0000

    Load winmm.dll (for PlaySound()) at run time.
    
    It's not on the default list of important system 'known DLLs' stored
    at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs (see
    https://isc.sans.edu/forums/diary/DLL+hijacking+vulnerabilities/9445/ )
    which apparently makes it exempt from Windows's standard DLL hijacking
    defence, i.e. if an executable links against it in the normal way then
    that executable will be vulnerable to DLL hijacking from a file called
    winmm.dll in the same directory as it.
    
    The solution is to load it dynamically _after_ we've locked down our
    DLL search path, which fortunately PuTTY's code base is well used to
    doing already for other DLLs.

 Recipe           | 2 +-
 windows/window.c | 8 +++++---
 2 files changed, 6 insertions(+), 4 deletions(-)

commit 793ac872757667a87df4636b5b3eed61302dd837
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=793ac872757667a87df4636b5b3eed61302dd837;hp=73039b7831aa863fabba1e6ff06471643303ae09
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Mar 13 21:28:36 2017 +0000

    Load the Windows printing subsystem at run time.
    
    The printing functions are split between winspool.drv and spoolss.dll
    in a really weird way (who would have guessed that OpenPrinter and
    ClosePrinter don't live in the same dynamic library?!), but _neither_
    of those counts as a system 'known DLL', so linking against either one
    of these at load time is again a potential DLL hijacking vector.

 Recipe             |  2 +-
 windows/winprint.c | 65 ++++++++++++++++++++++++++++++++++++++++++------------
 2 files changed, 52 insertions(+), 15 deletions(-)

commit f77ee39e8cae2eaaea3a8fdd1eaffaf484cada08
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=f77ee39e8cae2eaaea3a8fdd1eaffaf484cada08;hp=793ac872757667a87df4636b5b3eed61302dd837
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Mar 13 21:42:44 2017 +0000

    Load comctl32.dll (for drag lists) at run time.
    
    This too is not in the list of known DLLs on Windows 10. I don't know
    of any actual viable hijacking attack based on it, which according to
    my reading of MSDN (specifically, a rather vague hint in
    https://msdn.microsoft.com/library/ff919712) _may_ be because we
    mention the common controls assembly in our application manifest; but
    better safe than sorry.
    
    Now the entire list of remaining DLLs that PuTTY links against at load
    time is a subset of the Win10 known DLLs list, so that _should_ mean
    that everything we load before we've deployed our own defence
    (SetDefaultDllDirectories) is defended against for us by Windows
    itself.

 Recipe             |  2 +-
 windows/winctrls.c | 33 ++++++++++++++++++++++++---------
 windows/window.c   |  2 +-
 windows/winpgen.c  |  2 +-
 windows/winstuff.h |  1 +
 5 files changed, 28 insertions(+), 12 deletions(-)

commit b1829b81b5c0d12dcc91f6b50b0b4d83c3df6a8e
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=b1829b81b5c0d12dcc91f6b50b0b4d83c3df6a8e;hp=f77ee39e8cae2eaaea3a8fdd1eaffaf484cada08
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Apr 24 14:45:52 2017 +0100

    Update version number for 0.69 release.

 Buildscr          | 2 +-
 LATEST.VER        | 2 +-
 doc/plink.but     | 2 +-
 doc/pscp.but      | 2 +-
 windows/putty.iss | 8 ++++----
 5 files changed, 8 insertions(+), 8 deletions(-)

commit d6d10932ac1f9333b06ee8027dcfad231f17ed04
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=d6d10932ac1f9333b06ee8027dcfad231f17ed04;hp=b1829b81b5c0d12dcc91f6b50b0b4d83c3df6a8e
Author: Simon Tatham <anakin at pobox.com>
Date:   Sat Apr 29 10:23:31 2017 +0100

    Release checklist update: no @releases array!
    
    The rewritten bugs2html.py in the wishlist repository no longer needs
    me to manually maintain a mapping between releases and version control
    - and the one thing I forgot was to remove the reminder in the release
    checklist telling me to keep that mapping up to date :-)

 CHECKLST.txt | 1 -
 1 file changed, 1 deletion(-)

More information about the tartarus-commits mailing list