From 4858e73321a0618a8b1e1060416ef7d546cda895 Mon Sep 17 00:00:00 2001 From: Ken Brown Date: Sun, 26 Dec 2021 16:42:26 -0500 Subject: [PATCH] Cygwin: fhandler_pipe::get_query_hdl_per_process: avoid a crash NtQueryInformationProcess(ProcessHandleInformation) can return STATUS_SUCCESS with invalid handle data for certain processes ("minimal" processes on Windows 10). This can cause a crash when there's an attempt to access that data. Fix that by setting NumberOfHandles to zero before calling NtQueryInformationProcess. Addresses: https://cygwin.com/pipermail/cygwin-patches/2021q4/011611.html --- winsup/cygwin/fhandler_pipe.cc | 6 ++++++ winsup/cygwin/release/3.3.4 | 3 +++ 2 files changed, 9 insertions(+) diff --git a/winsup/cygwin/fhandler_pipe.cc b/winsup/cygwin/fhandler_pipe.cc index 25a092262..2674d154c 100644 --- a/winsup/cygwin/fhandler_pipe.cc +++ b/winsup/cygwin/fhandler_pipe.cc @@ -1256,6 +1256,12 @@ fhandler_pipe::get_query_hdl_per_process (WCHAR *name, HeapAlloc (GetProcessHeap (), 0, nbytes); if (!phi) goto close_proc; + /* NtQueryInformationProcess can return STATUS_SUCCESS with + invalid handle data for certain processes. See + https://github.com/processhacker/processhacker/blob/master/phlib/native.c#L5754. + We need to ensure that NumberOfHandles is zero in this + case to avoid a crash in the loop below. */ + phi->NumberOfHandles = 0; status = NtQueryInformationProcess (proc, ProcessHandleInformation, phi, nbytes, &len); if (NT_SUCCESS (status)) diff --git a/winsup/cygwin/release/3.3.4 b/winsup/cygwin/release/3.3.4 index a15684fdb..048426942 100644 --- a/winsup/cygwin/release/3.3.4 +++ b/winsup/cygwin/release/3.3.4 @@ -14,3 +14,6 @@ Bug Fixes rather than io_handle while neither read() nor select() is called after the cygwin app is started from non-cygwin app. Addresses: https://cygwin.com/pipermail/cygwin-patches/2021q4/011587.html + +- Avoid a crash when NtQueryInformationProcess returns invalid handle data. + Addresses: https://cygwin.com/pipermail/cygwin-patches/2021q4/011611.html -- 2.34.1