PDA

View Full Version : strange calls to windows dll's



tomrider
8th May 2011, 22:14
Hi,

I have a strange problem with my application. when executed it is calling the following files:
winmm.dll
winspool.drv
qt.conf
dwmapi.dll
wintab32.dll
qtsvg4.dll

If it helps i am using phonon to show a video, but i am not calling directly any of those dll's, turns out it can be manipulated and exployed and is a securety problem...

Any suggestions how to handle those calls or prevent them from happening?

Thanks

rsilva
8th May 2011, 22:21
The Qt isn't a "system-independent" library, it uses the system to use the functions, like all applications do.
Example, for creating a window, you need to use user32.dll, to painting events you need gdi32.dll.

The answer is simple, Qt needs to call functions of these dll, this is why your application load they.

squidge
8th May 2011, 23:10
winmm.dll is for Windows MultiMedia support,
winspool.drv is to do with printer support
qt.conf is the Qt configuration file
dwmapi is the Desktop Window Manager
wintab32 is Windows tablet support
qtsvg4 - SVG support for Qt

So if your using Phonon, it stands to reason that Phonon will use WinMM, if your using SVG, then qtsvg4, etc...

If you dont want any of those DLLs used, you will have to rewrite the code that uses them, so for example, you will have to rewrite Phonon and parts of Qt.

tomrider
8th May 2011, 23:30
I am asking that because those calls can be manipulated and used by other parties.
The thing is that is called those dll's from the application directory and not from their OS origin direcorty.
Theoretically that can be used, by impersonating to thise files, creating a simular dll that can manipulate the software and placing it in the application directory....

Any suggestions on how to prevent that?
Thanks,

SixDegrees
8th May 2011, 23:53
The way to prevent such things is to ensure that the computer your application is running on is well protected from such manipulation. There is nothing you can do from within your program.

If you allow your computer to be compromised by bogus libraries, that's a problem entirely outside of Qt.

squidge
9th May 2011, 08:47
For the case of the Microsoft libraries, you can check the digital signature to ensure its correct. For the Qt libraries such as qtsvg4 you could create a hash/checksum of the file and only function if the checksum is as you would expect.

However, this would mean that you need a commercial Qt license, as this is not allowable for open source version.