This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [Patch] Fixing the PROCESS_DUP_HANDLE security hole.


On Sat, Dec 04, 2004 at 01:01:11PM -0500, Pierre A. Humblet wrote:
>At 12:33 PM 12/4/2004 -0500, Christopher Faylor wrote:
>>On Sat, Dec 04, 2004 at 11:45:28AM -0500, Pierre A. Humblet wrote:
>>>At 12:43 AM 12/4/2004 -0500, Christopher Faylor wrote:
>>>>I wrote a simple test case to check this and I don't see it -- on XP.  I
>>>>can't easily run Me anymore.  Does the attached program demonstrate this
>>>>behavior when you run it?  It should re-exec itself every time you hit
>>>>CTRL-C.
>>>
>>>That test case has no problem, but the attached one does. 
>>>Use kill -30 pid
>>
>>Sigh.  Works fine on XP, AFAICT.
>
>More details
>CYGWIN_ME-4.90 hpn5170 1.5.13s(0.116/4/2) 20041125 23:34:52 i686 unknown
>unknown Cygwin
>
>I added a printf at the top, showing the current pid and ppid
>(attached)
>
>~: ./a
>pid 556021 ppid 890585
>~: ps | fgrep /A
>  36793321       1  556021 4258173975    0  740 12:47:22 /c/HOME/PIERRE/A
>~: kill -30 36793321
>got signal 30
>execing myself
>~: pid 36793321 ppid 36793321
>~: ps | fgrep /A
>  36765717       1  556021 4258201579    0  740 12:47:44 /c/HOME/PIERRE/A
>
>The problem is that the execed process has itself as ppid.
>So it forks again.
>
>That must be history by now, but I think it's coming from
> if (!myself->wr_proc_pipe)
> 	         {
> 	           myself.hProcess = pi.hProcess;
> 	           myself.remember ();
> 	           wait_for_myself = true;
> 	         }
>with wr_proc_pipe having been reset to NULL.

Yes, myself.remember() should not have been resetting the parent pid.
Fixing this made me realize that I'd made mychild() in sigproc.cc more
expensive than it should have been.  I reverted it to its old behavior
and eliminated the need for ppid to be set.

This did exhibit the same behavior on XP as on Me (I finally got Me
running).  I don't know what I was hallucinating before.

cgf


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]