[newlib-cygwin/cygwin-3_3-branch] Cygwin: fhandler_base: Fix double free caused when open() fails.

[newlib-cygwin/cygwin-3_3-branch] Cygwin: fhandler_base: Fix double free caused when open() fails.

[Takashi Yano]

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=f5d654c24e85f984ff34461934395b36fea2be0f

commit f5d654c24e85f984ff34461934395b36fea2be0f
Author: Takashi Yano <takashi.yano@nifty.ne.jp>
Date:   Tue Jan 18 22:17:37 2022 +0900

    Cygwin: fhandler_base: Fix double free caused when open() fails.
    
    - When open fails, archetype stored in archetypes[] is not cleared.
      This causes double free when next open fail. This patch fixes the
      issue.
    
    Addresses:
      https://cygwin.com/pipermail/cygwin/2022-January/250518.html

Diff:
---
 winsup/cygwin/fhandler.cc   | 4 ++--
 winsup/cygwin/release/3.3.4 | 3 +++
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/winsup/cygwin/fhandler.cc b/winsup/cygwin/fhandler.cc
index fc7c0422e..7d427135e 100644
--- a/winsup/cygwin/fhandler.cc
+++ b/winsup/cygwin/fhandler.cc
@@ -440,8 +440,8 @@ fhandler_base::open_with_arch (int flags, mode_t mode)
   if (!(res = (archetype && archetype->io_handle)
 	|| open (flags, mode & 07777)))
     {
-      if (archetype)
-	delete archetype;
+      if (archetype && archetype->usecount == 0)
+	cygheap->fdtab.delete_archetype (archetype);
     }
   else if (archetype)
     {
diff --git a/winsup/cygwin/release/3.3.4 b/winsup/cygwin/release/3.3.4
index e09ffefdf..3fa9b9e9c 100644
--- a/winsup/cygwin/release/3.3.4
+++ b/winsup/cygwin/release/3.3.4
@@ -30,3 +30,6 @@ Bug Fixes
 - Fix a problem creating a dir "foo", if a file (but not a Cygwin symlink)
   "foo.lnk" already exists.
   Addresses: https://github.com/msys2/msys2-runtime/issues/81
+
+- Fix double free for archetype, which is caused when open() fails.
+  Addresses: https://cygwin.com/pipermail/cygwin/2022-January/250518.html