jp9000/obs-studio
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

UI/installer: Use random temp directory for security

Browse Source 
Using a fixed path would allow malware on a compromised system to
perform a DLL planting attack. Reported by Erik Wynter.
This commit is contained in:
Richard Stanway 2020-10-30 17:07:57 +01:00
parent 0c39fd08c7
commit 57bed7923e
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
UI/installer/mp-installer.nsi
View File

@ -106,11 +106,10 @@ Function PreReqCheck
!ifdef INSTALL64
; 64 bit Visual Studio 2017 runtime check
ClearErrors
SetOutPath "$TEMP\OBS"
SetOutPath "$PLUGINSDIR"
File check_for_64bit_visual_studio_2017_runtimes.exe
ExecWait "$TEMP\OBS\check_for_64bit_visual_studio_2017_runtimes.exe" $R0
Delete "$TEMP\OBS\check_for_64bit_visual_studio_2017_runtimes.exe"
RMDir "$TEMP\OBS"
ExecWait "$PLUGINSDIR\check_for_64bit_visual_studio_2017_runtimes.exe" $R0
Delete "$PLUGINSDIR\check_for_64bit_visual_studio_2017_runtimes.exe"
IntCmp $R0 126 vs2017Missing_64 vs2017OK_64
vs2017Missing_64:
MessageBox MB_YESNO|MB_ICONEXCLAMATION "Your system is missing runtime components that ${APPNAME} requires. Would you like to download them?" IDYES vs2017true_64 IDNO vs2017false_64