mirror/obs-studio
1
0
Fork 0
mirror of https://github.com/obsproject/obs-studio.git synced 2026-06-27 00:47:20 -04:00
Code Issues Packages Projects Releases Wiki Activity

frontend: Set better default DLL directory settings on Windows

Browse Source 
This helps mitigate "DLL planting" attacks by removing the current
directory from most DLL loading calls.
This commit is contained in:
Richard Stanway
2026-02-12 00:29:07 +01:00
committed by Ryan Foster
parent 76ea10e281
commit 77eabcc06a
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
frontend/obs-main.cpp
View File

@@ -847,6 +847,14 @@ static bool vc_runtime_outdated()
return true;
}
static void set_process_mitigation_policies()
{
// DLL planting protection - prefer system32 images
PROCESS_MITIGATION_IMAGE_LOAD_POLICY policy = {};
policy.PreferSystem32Images = 1;
SetProcessMitigationPolicy(ProcessImageLoadPolicy, &policy, sizeof(policy));
}
#endif
#if defined(__APPLE__) || defined(__linux__)
@@ -901,11 +909,17 @@ int main(int argc, char *argv[])
// Abort as early as possible if MSVC runtime is outdated
if (vc_runtime_outdated())
return 1;
// Try to keep this as early as possible
install_dll_blocklist_hook();
set_process_mitigation_policies();
obs_init_win32_crash_handler();
SetErrorMode(SEM_FAILCRITICALERRORS);
SetSearchPathMode(BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE | BASE_SEARCH_PATH_PERMANENT);
SetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_DEFAULT_DIRS);
SetDllDirectoryW(L"");
load_debug_privilege();
base_set_crash_handler(main_crash_handler, nullptr);
set_process_mitigations();