[PATCH] fhandler_pipe: add sanity limit to handle loops
Ken Brown
kbrown@cornell.edu
Sun Dec 26 16:04:20 GMT 2021
On 12/26/2021 10:09 AM, Ken Brown wrote:
> 1. For some processes, NtQueryInformationProcess(ProcessHandleInformation) can
> return STATUS_SUCCESS with invalid handle information. See the comment starting
> at line 5754, where it is shown how to detect this.
If I'm right, the following patch should fix the problem:
diff --git a/winsup/cygwin/fhandler_pipe.cc b/winsup/cygwin/fhandler_pipe.cc
index ba6b70f55..4cef3e4ca 100644
--- a/winsup/cygwin/fhandler_pipe.cc
+++ b/winsup/cygwin/fhandler_pipe.cc
@@ -1228,6 +1228,7 @@ fhandler_pipe::get_query_hdl_per_process (WCHAR *name,
HeapAlloc (GetProcessHeap (), 0, nbytes);
if (!phi)
goto close_proc;
+ phi->NumberOfHandles = 0;
status = NtQueryInformationProcess (proc, ProcessHandleInformation,
phi, nbytes, &len);
if (NT_SUCCESS (status))
@@ -1238,6 +1239,11 @@ fhandler_pipe::get_query_hdl_per_process (WCHAR *name,
while (n_handle < (1L<<20) && status == STATUS_INFO_LENGTH_MISMATCH);
if (!NT_SUCCESS (status))
goto close_proc;
+ if (phi->NumberOfHandles == 0)
+ {
+ HeapFree (GetProcessHeap (), 0, phi);
+ goto close_proc;
+ }
for (ULONG j = 0; j < phi->NumberOfHandles; j++)
{
Jeremy, could you try this?
Ken
More information about the Cygwin-patches
mailing list