Cygwin main function: vulnerable to wchar_t to char conversion attacks or not?
Marco Atzeri
marco.atzeri@gmail.com
Fri Jan 10 07:52:29 GMT 2025
On 10/01/2025 08:33, Andrey Repin via Cygwin wrote:
> Greetings, Kaz Kylheku!
>
>> Hi all,
>
>> I'm reading an article on attacks that are evidently possible against some Windows
>> programs in the area of command line parsing. See below.
>
>> Does the Cygwin run-time rely on GetCommandLineA to get the char-based command
>> line that is parsed into argv[]?
>
> You can answer this question yourself. The code is open.
Specifically on https://cygwin.com/git/newlib-cygwin.git
/pub/Cygwin/git/newlib-cygwin
$ grep -rH GetCommandLineA .
./winsup/CVSChangeLogs.old/cygwin/ChangeLog-2013:
(cygwin_GetCommandLineA): Ditto.
./winsup/cygwin/cygwin.din:GetCommandLineA@0 = cygwin_GetCommandLineA@0
NOSIGFE
./winsup/cygwin/include/cygwin/version.h: 268: Export GetCommandLineA,
GetCommandLineW
./winsup/cygwin/kernel32.cc:/* Cygwin replacement for GetCommandLineA.
Returns a concatenated string
./winsup/cygwin/kernel32.cc:cygwin_GetCommandLineA (void)
Regards
Marco
More information about the Cygwin
mailing list