[Qt5-feedback] Fwd: Re: Qt major versions
Thiago Macieira
thiago at kde.org
Wed Jun 8 13:45:24 CEST 2011
On Wednesday, 8 de June de 2011 12:33:39 Thiago Macieira wrote:
> Since the system doesn't have a Wacom tablet, so there's no wintab32.dll in
> the system dirs. When Qt probes for the Wacom drivers, it tells the system
> to LoadLibrary("wintab32") and that will be resolved on the current
> directory. At that point, the DLL that the attacker provided can do
> *anything*.
By the way, we fixed this. First, there's a Windows security fix. Second, Qt no
longer does LoadLibrary("wintab32"). We introduced QSystemLibrary, an internal
class that only loads from system paths.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
Senior Product Manager - Nokia, Qt Development Frameworks
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
Url : http://lists.qt.nokia.com/pipermail/qt5-feedback/attachments/20110608/756103d3/attachment.bin
More information about the Qt5-feedback
mailing list