From 6e2c582323d667fec9b1859757515f932c6f8db2 Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Thu, 11 Aug 2011 16:43:26 +0000 Subject: [PATCH] * fhandler_proc.cc (fhandler_proc::get_proc_fhandler): Don't allow to access process info by using the Windows PID. * fhandler_process.cc (fhandler_process::fstat): Ditto. (fhandler_process::fill_filebuf): Ditto. --- winsup/cygwin/ChangeLog | 7 +++++++ winsup/cygwin/fhandler_proc.cc | 8 +++++++- winsup/cygwin/fhandler_process.cc | 14 +++++++++++--- 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 04c80fe9a..8dc5248db 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,10 @@ +2011-08-11 Corinna Vinschen + + * fhandler_proc.cc (fhandler_proc::get_proc_fhandler): Don't allow to + access process info by using the Windows PID. + * fhandler_process.cc (fhandler_process::fstat): Ditto. + (fhandler_process::fill_filebuf): Ditto. + 2011-08-11 Corinna Vinschen * (winpids::add): Make sure to store always a Windows PID in diff --git a/winsup/cygwin/fhandler_proc.cc b/winsup/cygwin/fhandler_proc.cc index 9310696bc..63178a003 100644 --- a/winsup/cygwin/fhandler_proc.cc +++ b/winsup/cygwin/fhandler_proc.cc @@ -128,7 +128,13 @@ fhandler_proc::get_proc_fhandler (const char *path) if (entry) return entry->fhandler; - if (pinfo (atoi (path))) + int pid = atoi (path); + pinfo p (pid); + /* If p->pid != pid, then pid is actually the Windows PID for an execed + Cygwin process, and the pinfo entry is the additional entry created + at exec time. We don't want to enable the user to access a process + entry by using the Win32 PID, though. */ + if (p && p->pid == pid) return FH_PROCESS; bool has_subdir = false; diff --git a/winsup/cygwin/fhandler_process.cc b/winsup/cygwin/fhandler_process.cc index 09ca2c77c..eb36d9d56 100644 --- a/winsup/cygwin/fhandler_process.cc +++ b/winsup/cygwin/fhandler_process.cc @@ -143,8 +143,13 @@ fhandler_process::fstat (struct __stat64 *buf) fhandler_base::fstat (buf); path += proc_len + 1; pid = atoi (path); + pinfo p (pid); - if (!p) + /* If p->pid != pid, then pid is actually the Windows PID for an execed + Cygwin process, and the pinfo entry is the additional entry created + at exec time. We don't want to enable the user to access a process + entry by using the Win32 PID, though. */ + if (!p || p->pid != pid) { set_errno (ENOENT); return -1; @@ -320,8 +325,11 @@ fhandler_process::fill_filebuf () pid = atoi (path); pinfo p (pid); - - if (!p) + /* If p->pid != pid, then pid is actually the Windows PID for an execed + Cygwin process, and the pinfo entry is the additional entry created + at exec time. We don't want to enable the user to access a process + entry by using the Win32 PID, though. */ + if (!p || p->pid != pid) { set_errno (ENOENT); return false;