Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix unsecure loading library pointed by ENV variable #142

Merged
merged 8 commits into from
Apr 22, 2024
Merged

Fix unsecure loading library pointed by ENV variable #142

Changes from 4 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
adcf321
VASP-30718: Adding relative path check to avoid undefined behaviour
mk-srivastava Apr 5, 2024
04443c4
VASP-30719: Adding the header file for function PathIsRelativeA
mk-srivastava Apr 8, 2024
032c394
VASP-30719: Adding the custom function to check if path is relative
mk-srivastava Apr 9, 2024
6c9d282
VASP-30719: Adding the custom function to check for relative path
mk-srivastava Apr 10, 2024
86dcacd
VASP-30719: minor fixes related to absolute path check
mk-srivastava Apr 18, 2024
af24c47
minor indentation and network path fixes
mk-srivastava Apr 18, 2024
c3653c9
identation fixes
mk-srivastava Apr 20, 2024
28d221a
indentation changes
mk-srivastava Apr 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 26 additions & 1 deletion src/ittnotify/jitprofiling.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@

#if ITT_PLATFORM==ITT_PLATFORM_WIN
#include <windows.h>
#include <string.h>
#include <ctype.h>
#endif /* ITT_PLATFORM==ITT_PLATFORM_WIN */
#if ITT_PLATFORM != ITT_PLATFORM_MAC && ITT_PLATFORM != ITT_PLATFORM_FREEBSD && ITT_PLATFORM != ITT_PLATFORM_OPENBSD
#include <malloc.h>
Expand Down Expand Up @@ -112,6 +114,28 @@ ITT_EXTERN_C iJIT_IsProfilingActiveFlags JITAPI iJIT_IsProfilingActive()
return executionMode;
}

#if ITT_PLATFORM==ITT_PLATFORM_WIN
int isPathRelative(char *path)
eparshut marked this conversation as resolved.
Show resolved Hide resolved
{
if(path==NULL)
eparshut marked this conversation as resolved.
Show resolved Hide resolved
{
return 1;
}
else if(strlen(path)>1)
{
if(isalpha(path[0]) && path[1]==':')
eparshut marked this conversation as resolved.
Show resolved Hide resolved
{
return 0;
}
else if(path[0]=='\\' && path[1]=='\\')
{
return 0;
}
}
return 1;
}
#endif

/* This function loads the collector dll and the relevant functions.
* on success: all functions load, iJIT_DLL_is_missing = 0, return value = 1
* on failure: all functions are NULL, iJIT_DLL_is_missing = 1, return value = 0
Expand Down Expand Up @@ -151,11 +175,12 @@ static int loadiJIT_Funcs()
{
DWORD envret = 0;
dllName = (char*)malloc(sizeof(char) * (dNameLength + 1));
dllName[dNameLength]='\0'; // To handle a corner case to prevent out of bounds memory access.
eparshut marked this conversation as resolved.
Show resolved Hide resolved
if(dllName != NULL)
{
envret = GetEnvironmentVariableA(NEW_DLL_ENVIRONMENT_VAR,
dllName, dNameLength);
if (envret)
if (envret && !isPathRelative(dllName))
{
/* Try to load the dll from the PATH... */
m_libHandle = LoadLibraryExA(dllName,
Expand Down