From: Johannes Schindelin <[email protected]> When that function was introduced in bb42852062 (Cygwin: pty: Implement new pseudo console support., 2020-08-19) (back then, it was added to `spawn.cc`, later it was moved to `fhandler/termios.cc` in 32d6a6cb5f (Cygwin: pty, console: Encapsulate spawn.cc code related to pty/console., 2022-11-19)), it was implemented with strong assumptions that neither creating the file handle nor reading 1024 bytes from said handle could fail.
This assumption, however, is incorrect. Concretely, I encountered the case where `is_console_app()` needed to open an app execution alias, failed to do so, and still tried to read from the invalid handle. Let's add some error handling to that function. Signed-off-by: Johannes Schindelin <[email protected]> --- winsup/cygwin/fhandler/termios.cc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/winsup/cygwin/fhandler/termios.cc b/winsup/cygwin/fhandler/termios.cc index a3cecdb6f..808d0d435 100644 --- a/winsup/cygwin/fhandler/termios.cc +++ b/winsup/cygwin/fhandler/termios.cc @@ -707,10 +707,14 @@ is_console_app (const WCHAR *filename) HANDLE h; h = CreateFileW (filename, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL); + if (h == INVALID_HANDLE_VALUE) + return false; char buf[1024]; DWORD n; - ReadFile (h, buf, sizeof (buf), &n, 0); + BOOL res = ReadFile (h, buf, sizeof (buf), &n, 0); CloseHandle (h); + if (!res) + return false; /* The offset of Subsystem is the same for both IMAGE_NT_HEADERS32 and IMAGE_NT_HEADERS64, so only IMAGE_NT_HEADERS32 is used here. */ IMAGE_NT_HEADERS32 *p = (IMAGE_NT_HEADERS32 *) memmem (buf, n, "PE\0\0", 4); -- cygwingitgadget
