[newlib-cygwin] Cygwin: pty: Fix thread safety of readahead buffer handling in pty master.

public inbox for cygwin-cvs@sourceware.org
help / color / mirror / Atom feed

* [newlib-cygwin] Cygwin: pty: Fix thread safety of readahead buffer handling in pty master.
@ 2023-08-04  8:57 Takashi Yano
  0 siblings, 0 replies; only message in thread
From: Takashi Yano @ 2023-08-04  8:57 UTC (permalink / raw)
  To: cygwin-cvs

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=3b4f6217c371cf70d5ec5137436cfa5892bb45e8

commit 3b4f6217c371cf70d5ec5137436cfa5892bb45e8
Author: Takashi Yano <takashi.yano@nifty.ne.jp>
Date:   Fri Aug 4 17:45:34 2023 +0900

    Cygwin: pty: Fix thread safety of readahead buffer handling in pty master.
    
    Previously, though readahead buffer handling in pty master was not
    fully thread-safe, accept_input() was called from peek_pipe() thread
    in select.cc. This caused the problem reported in:
    https://cygwin.com/pipermail/cygwin/2023-July/253984.html
    
    The mechanism of the problem is:
    1) accept_input() which is called from peek_pipe() thread calls
       eat_readahead(-1) before reading readahead buffer. This allows
       writing to the readahead buffer from another (main) thread.
    2) The main thread calls fhandler_pty_master::write() just after
       eat_readahead(-1) was called and before reading the readahead
       buffer by accept_input() called from peek_pipe() thread. This
       overwrites the readahead buffer.
    3) The read result from readahead buffer which was overwritten is
       sent to the slave.
    
    This patch makes readahead buffer handling fully thread-safe using
    input_mutex to resolve this issue.
    
    Fixes: 7b03b0d8cee0 ("select.cc (peek_pipe): Call flush_to_slave whenever we're checking for a pty master.")
    Reported-by: Thomas Wolff <towo@towo.net>
    Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>

Diff:
---
 winsup/cygwin/fhandler/pty.cc           | 10 +++++-----
 winsup/cygwin/local_includes/fhandler.h |  8 ++++++++
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/winsup/cygwin/fhandler/pty.cc b/winsup/cygwin/fhandler/pty.cc
index 8b8c42bc1..db3b77ecf 100644
--- a/winsup/cygwin/fhandler/pty.cc
+++ b/winsup/cygwin/fhandler/pty.cc
@@ -436,8 +436,10 @@ static int osi;
 void
 fhandler_pty_master::flush_to_slave ()
 {
+  WaitForSingleObject (input_mutex, mutex_timeout);
   if (get_readahead_valid () && !(get_ttyp ()->ti.c_lflag & ICANON))
     accept_input ();
+  ReleaseMutex (input_mutex);
 }
 
 void
@@ -523,8 +525,6 @@ fhandler_pty_master::accept_input ()
   DWORD bytes_left;
   int ret = 1;
 
-  WaitForSingleObject (input_mutex, mutex_timeout);
-
   char *p = rabuf () + raixget ();
   bytes_left = eat_readahead (-1);
 
@@ -625,7 +625,6 @@ fhandler_pty_master::accept_input ()
   if (write_to == get_output_handle ())
     SetEvent (input_available_event); /* Set input_available_event only when
 					 the data is written to cyg pipe. */
-  ReleaseMutex (input_mutex);
   return ret;
 }
 
@@ -2235,9 +2234,9 @@ fhandler_pty_master::write (const void *ptr, size_t len)
 	    {
 	      /* This accept_input() call is needed in order to transfer input
 		 which is not accepted yet to non-cygwin pipe. */
+	      WaitForSingleObject (input_mutex, mutex_timeout);
 	      if (get_readahead_valid ())
 		accept_input ();
-	      WaitForSingleObject (input_mutex, mutex_timeout);
 	      acquire_attach_mutex (mutex_timeout);
 	      fhandler_pty_slave::transfer_input (tty::to_nat, from_master,
 						  get_ttyp (),
@@ -2305,9 +2304,10 @@ fhandler_pty_master::write (const void *ptr, size_t len)
 					  get_ttyp (), input_available_event);
       release_attach_mutex ();
     }
-  ReleaseMutex (input_mutex);
 
   line_edit_status status = line_edit (p, len, ti, &ret);
+  ReleaseMutex (input_mutex);
+
   if (status > line_edit_signalled && status != line_edit_pipe_full)
     ret = -1;
   return ret;
diff --git a/winsup/cygwin/local_includes/fhandler.h b/winsup/cygwin/local_includes/fhandler.h
index 661fe23dc..03b51a7e4 100644
--- a/winsup/cygwin/local_includes/fhandler.h
+++ b/winsup/cygwin/local_includes/fhandler.h
@@ -2572,6 +2572,14 @@ public:
   int tcgetpgrp ();
   void flush_to_slave ();
   void discard_input ();
+  void acquire_input_mutex_if_necessary (DWORD ms)
+  {
+    WaitForSingleObject (input_mutex, ms);
+  }
+  void release_input_mutex_if_necessary (void)
+  {
+    ReleaseMutex (input_mutex);
+  }
 
   fhandler_pty_master (void *) {}

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2023-08-04  8:57 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-08-04  8:57 [newlib-cygwin] Cygwin: pty: Fix thread safety of readahead buffer handling in pty master Takashi Yano

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).