mirror of
git://sourceware.org/git/newlib-cygwin.git
synced 2025-01-27 17:40:37 +08:00
ca2a4ec243
Before commit 44f73c5a6206 ("Cygwin: Fix segfalt when too many command
line args are specified.") we had no actual argument size limit, except
for the fact that the child process created another copy of the argv
array on the stack, which could result in a stack overflow and a
subsequent SEGV. Commit 44f73c5a6206 changed that by allocating the
additional argv array via malloc, and it introduced a new SC_ARG_MAX
limit along the lines of the typical Linux limit.
However, this new limit is artificial. Cygwin allocates all argument
and environment data on the cygheap. We only run out of ARG_MAX space
if we're out of memory resources.
Change argument size handling accordingly:
- Drop the args size check from child_info_spawn::worker.
- Return -1 from sysconf (SC_ARG_MAX), i. e., the argument size limit
is undefined.
- Change argv handling in class av, so that a failing cmalloc is not
fatal. This allows the parent process to return E2BIG if it's out
of cygheap resources.
- In the child, add a check around the new malloc call, so that it
doesn't result in a SEGV if the child process gets unexpectedly into
an ENOMEM situation at this point. In this (unlikely) case, proceed
with the original __argv array instead. Add comment to explain why.
Fixes: 44f73c5a6206 ("Cygwin: Fix segfalt when too many command line args are specified.")
Tested-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
102 lines
2.7 KiB
C++
102 lines
2.7 KiB
C++
/* winf.h
|
|
|
|
This software is a copyrighted work licensed under the terms of the
|
|
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
|
|
details. */
|
|
|
|
#pragma once
|
|
/* Hack for Cygwin processes. If the Windows command line length gets slightly
|
|
bigger than this value, the stack position is suddenly moved up by 64K for
|
|
no apparent reason, which results in subsequent forks failing. Since Cygwin
|
|
processes get the full command line as argv array anyway, this only affects
|
|
the maximum command line length of Cygwin applications which nonsensically
|
|
have a WinMain instead of a main entry point or which use GetCommandLine. */
|
|
#define MAXCYGWINCMDLEN 30000
|
|
|
|
#define MAXWINCMDLEN 32767
|
|
#define LINE_BUF_CHUNK (MAX_PATH * 2)
|
|
|
|
class av
|
|
{
|
|
char **argv;
|
|
int calloced;
|
|
public:
|
|
int argc;
|
|
bool win16_exe;
|
|
av () : argv (NULL), argc (0) {}
|
|
av (int ac_in, const char * const *av_in)
|
|
: calloced (0), win16_exe (false)
|
|
{
|
|
argv = (char **) cmalloc (HEAP_1_ARGV, (ac_in + 5) * sizeof (char *));
|
|
if (argv)
|
|
{
|
|
argc = ac_in;
|
|
memcpy (argv, av_in, (argc + 1) * sizeof (char *));
|
|
}
|
|
}
|
|
void *operator new (size_t, void *p) __attribute__ ((nothrow)) {return p;}
|
|
~av ()
|
|
{
|
|
if (argv)
|
|
{
|
|
for (int i = 0; i < calloced; i++)
|
|
cfree (argv[i]);
|
|
cfree (argv);
|
|
}
|
|
}
|
|
int unshift (const char *what);
|
|
operator char **() {return argv;}
|
|
void all_calloced () {calloced = argc;}
|
|
void replace0_maybe (const char *arg0)
|
|
{
|
|
/* Note: Assumes that argv array has not yet been "unshifted" */
|
|
if (!calloced)
|
|
{
|
|
argv[0] = cstrdup1 (arg0);
|
|
calloced = 1;
|
|
}
|
|
}
|
|
void dup_all ()
|
|
{
|
|
for (int i = calloced; i < argc; i++)
|
|
argv[i] = cstrdup1 (argv[i]);
|
|
calloced = argc;
|
|
}
|
|
int setup (const char *, path_conv&, const char *, int, const char *const *,
|
|
bool);
|
|
};
|
|
|
|
class linebuf
|
|
{
|
|
size_t ix;
|
|
char *buf;
|
|
size_t alloced;
|
|
public:
|
|
linebuf () : ix (0), buf (NULL), alloced (0) {}
|
|
~linebuf () {if (buf) free (buf);}
|
|
void add (const char *, int);
|
|
void add (const char *what) {add (what, strlen (what));}
|
|
void prepend (const char *, int);
|
|
void finish (bool);
|
|
bool fromargv(av&, const char *, bool);;
|
|
operator size_t () const { return ix + 1; }
|
|
operator const char * () const { return buf; }
|
|
operator wchar_t * ()
|
|
{
|
|
size_t n = ix + 1;
|
|
/* Note that this malloc'ed buffer is not freed by the destructor.
|
|
It is up to the caller to do (or not do) that. */
|
|
wchar_t *wbuf = (wchar_t *) malloc (sizeof (wchar_t) * n);
|
|
return wcs (wbuf, n);
|
|
}
|
|
wchar_t *wcs (wchar_t *wbuf) { return wcs (wbuf, ix + 1); }
|
|
wchar_t *wcs (wchar_t *wbuf, size_t n)
|
|
{
|
|
if (n == 1)
|
|
wbuf[0] = L'\0';
|
|
else
|
|
sys_mbstowcs (wbuf, n, buf);
|
|
return wbuf;
|
|
}
|
|
};
|