mirror of
https://github.com/gnif/LookingGlass.git
synced 2024-12-23 14:03:40 +00:00
4858bb5899
To quote MSDN documentation: > The lpApplicationName parameter can be NULL, in which case the executable > name must be the first white space–delimited string in lpCommandLine. If > the executable or path name has a space in it, there is a risk that a > different executable could be run because of the way the function parses > spaces. The following example is dangerous because the function will > attempt to run "Program.exe", if it exists, instead of "MyApp.exe". > > LPTSTR szCmdline[] = _tcsdup(TEXT("C:\\Program Files\\MyApp")); > CreateProcessAsUser(hToken, NULL, szCmdline, /*...*/ ); > > If a malicious user were to create an application called "Program.exe" on > a system, any program that incorrectly calls CreateProcessAsUser using the > Program Files directory will run this application instead of the intended > application. > > To avoid this problem, do not pass NULL for lpApplicationName. So instead, we pass the executable to lpApplicationName instead, which avoids the issue. MSDN says: > The lpCommandLine parameter can be NULL. In that case, the function uses > the string pointed to by lpApplicationName as the command line. This also avoids the strdup since lpApplicationName is LPCSTR unlike lpCommandLine which is LPSTR. |
||
---|---|---|
.. | ||
capture | ||
include/windows | ||
src | ||
app.manifest | ||
CMakeLists.txt | ||
installer.nsi | ||
resource.rc |