Skip to content

feat(native): attach WER report#1777

Open
jpnurmi wants to merge 29 commits into
masterfrom
jpnurmi/feat/native/wer
Open

feat(native): attach WER report#1777
jpnurmi wants to merge 29 commits into
masterfrom
jpnurmi/feat/native/wer

utf8

5c812aa
Select commit
Loading
Failed to load commit list.
@sentry/warden / warden: security-review completed Jun 3, 2026 in 3m 53s

1 issue

security-review: Found 1 issue (1 low)

Low

DLL search-order hijacking via unqualified LoadLibraryW("wer.dll") - `src/backends/native/sentry_crash_daemon.c:2243`

resolve_wer() loads wer.dll by bare name without LOAD_LIBRARY_SEARCH_SYSTEM32, so the default DLL search order looks in the crash daemon's application directory before System32. If the daemon is installed in a directory writable by a lower-privileged local user (common for per-user installs), a planted wer.dll will be loaded and executed in the daemon's process. Use LoadLibraryExW(L"wer.dll", NULL, LOAD_LIBRARY_SEARCH_SYSTEM32) to pin resolution to the system directory.

⏱ 3m 4s · 564.9k in / 19.9k out · $1.06

Annotations

Check notice on line 2243 in src/backends/native/sentry_crash_daemon.c

See this annotation in the file changed.

@sentry-warden sentry-warden / warden: security-review

DLL search-order hijacking via unqualified LoadLibraryW("wer.dll") 

`resolve_wer()` loads `wer.dll` by bare name without `LOAD_LIBRARY_SEARCH_SYSTEM32`, so the default DLL search order looks in the crash daemon's application directory before `System32`. If the daemon is installed in a directory writable by a lower-privileged local user (common for per-user installs), a planted `wer.dll` will be loaded and executed in the daemon's process. Use `LoadLibraryExW(L"wer.dll", NULL, LOAD_LIBRARY_SEARCH_SYSTEM32)` to pin resolution to the system directory.
View more details on @sentry/warden