From 6e2c582323d667fec9b1859757515f932c6f8db2 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Thu, 11 Aug 2011 16:43:26 +0000
Subject: 	* fhandler_proc.cc (fhandler_proc::get_proc_fhandler): Don't
 allow to 	access process info by using the Windows PID. 	*
 fhandler_process.cc (fhandler_process::fstat): Ditto. 
 (fhandler_process::fill_filebuf): Ditto.

---
 winsup/cygwin/fhandler_process.cc | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'winsup/cygwin/fhandler_process.cc')

diff --git a/winsup/cygwin/fhandler_process.cc b/winsup/cygwin/fhandler_process.cc
index 09ca2c77c..eb36d9d56 100644
--- a/winsup/cygwin/fhandler_process.cc
+++ b/winsup/cygwin/fhandler_process.cc
@@ -143,8 +143,13 @@ fhandler_process::fstat (struct __stat64 *buf)
   fhandler_base::fstat (buf);
   path += proc_len + 1;
   pid = atoi (path);
+
   pinfo p (pid);
-  if (!p)
+  /* If p->pid != pid, then pid is actually the Windows PID for an execed
+     Cygwin process, and the pinfo entry is the additional entry created
+     at exec time.  We don't want to enable the user to access a process
+     entry by using the Win32 PID, though. */
+  if (!p || p->pid != pid)
     {
       set_errno (ENOENT);
       return -1;
@@ -320,8 +325,11 @@ fhandler_process::fill_filebuf ()
     pid = atoi (path);
 
   pinfo p (pid);
-
-  if (!p)
+  /* If p->pid != pid, then pid is actually the Windows PID for an execed
+     Cygwin process, and the pinfo entry is the additional entry created
+     at exec time.  We don't want to enable the user to access a process
+     entry by using the Win32 PID, though. */
+  if (!p || p->pid != pid)
     {
       set_errno (ENOENT);
       return false;
-- 
cgit v1.2.3