From 70f52985063808f21fd6dd197895cdb9729443a5 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Wed, 6 Mar 2019 17:51:47 +0100
Subject: [PATCH] windows/svc: safely load system DLLs

These DLLs, well advapi32.dll in particular, are vulnerable to classic
DLL directory injection attacks. The rest of x/sys/windows moved over to
the safe system loader, but apparently the svc package was forgotten.
This tidies up that oversight.

Change-Id: I330fa752cf2d49ccc5cf1bd60fb4bd612bd2b6b0
Reviewed-on: https://go-review.googlesource.com/c/sys/+/165758
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
---
 windows/svc/service.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/svc/service.go b/windows/svc/service.go
index 58ad4efd..38b147d5 100644
--- a/windows/svc/service.go
+++ b/windows/svc/service.go
@@ -115,11 +115,11 @@ var (
 )
 
 func init() {
-	k := syscall.MustLoadDLL("kernel32.dll")
-	cSetEvent = k.MustFindProc("SetEvent").Addr()
-	cWaitForSingleObject = k.MustFindProc("WaitForSingleObject").Addr()
-	a := syscall.MustLoadDLL("advapi32.dll")
-	cRegisterServiceCtrlHandlerExW = a.MustFindProc("RegisterServiceCtrlHandlerExW").Addr()
+	k := windows.NewLazySystemDLL("kernel32.dll")
+	cSetEvent = k.NewProc("SetEvent").Addr()
+	cWaitForSingleObject = k.NewProc("WaitForSingleObject").Addr()
+	a := windows.NewLazySystemDLL("advapi32.dll")
+	cRegisterServiceCtrlHandlerExW = a.NewProc("RegisterServiceCtrlHandlerExW").Addr()
 }
 
 type ctlEvent struct {