[MPlayer-dev-eng] Security Advisory

Gianluigi Tiesi mplayer at netfarm.it
Fri May 20 19:51:52 CEST 2005


On Fri, May 20, 2005 at 10:21:56AM +0200, Guillaume POIRIER wrote:
> Hi there,
> One of my colleague is working on static code analysis.
> Among other things, he ran a static code analysis MPlayer-pre7's
> source code with RATS (Rough Auditing Tool for Security, available at
> http://www.securesoftware.com/resources/download_rats.html)
> The report is available here:
> http://tuxrip.free.fr/transperl/MPlayer/report-MPlayer.html
> 
> Now, maybe most of the suspicious code it points out are false
> positive, and we can just forget about it. I just wanted to "share the
> experience"! ;-)
> 

Severity: High
Issue: LoadLibraryA
LoadLibrary will search several places for a library if no path is
specified, allowing trojan DLL's to be inserted elsewhere even if the
intended DLL is correctly protected from overwriting. Make sure to
specify the full path. 


hehehe LoadLibrary should be removed ? :), anyway the tool seams
very intresting :)
Bye

-- 
Gianluigi Tiesi <sherpya at netfarm.it>
EDP Project Leader
Netfarm S.r.l. - http://www.netfarm.it/
Free Software: http://oss.netfarm.it/




More information about the MPlayer-dev-eng mailing list