Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix segfault if high-entropy 64-bit ASLR is enabled #28

Merged
merged 1 commit into from Nov 30, 2020
Merged

Fix segfault if high-entropy 64-bit ASLR is enabled #28

merged 1 commit into from Nov 30, 2020

Conversation

GabrielNagy
Copy link
Contributor

If the High-entropy ASLR setting is enabled on Windows, win32/dir will segfault when calling SHGetFileInfo.

Enabling high-entropy ASLR will cause processes to use the entire 64-bit address space, and the long data type is not large enough to hold a 64-bit address for the PIDL structure (which is the first argument of SHGetFileInfo[1]). As a result, the call segfaults.

[1] https://docs.microsoft.com/en-us/windows/win32/api/shellapi/nf-shellapi-shgetfileinfow

Description

Change the parameter's data type to uint64 to ensure the PIDL address will always fit.

Issues Resolved

https://tickets.puppetlabs.com/browse/PUP-10622

Check List

@djberg96
Copy link
Collaborator

djberg96 commented Sep 25, 2020
edited

Nice catch. Can you check this with JRuby? I seem to recall having problems in the past with uint64 using JRuby, but maybe it's fixed by now.

Update: aha, yep, I ended up doing this for sys-proctable: https://github.com/djberg96/sys-proctable/blob/master/lib/darwin/sys/proctable.rb#L298-L303

@GabrielNagy
Copy link
Contributor Author

Traced that back to jruby/jruby#5948. I'll add the workaround to account for older JRuby versions, thanks for the heads-up 😄.

@GabrielNagy
Fix segfault if high-entropy 64-bit ASLR is enabled
cf3e31e 
If the High-entropy ASLR setting is enabled on Windows, `win32/dir` will
segfault when calling `SHGetFileInfo`.

Enabling high-entropy ASLR will cause processes to use the entire 64-bit
address space, and the `long` data type is not large enough to hold a
64-bit address for the PIDL structure (which is the first argument of
`SHGetFileInfo`[1]). As a result, the call segfaults.

Change the parameter's data type to `uint64` to ensure that the address
will always fit.

[1] https://docs.microsoft.com/en-us/windows/win32/api/shellapi/nf-shellapi-shgetfileinfow

Signed-off-by: Gabriel Nagy <gabriel.nagy@puppet.com>
@tas50 tas50 requested a review from mwrock September 25, 2020 16:10
mwrock
mwrock approved these changes Sep 25, 2020
View reviewed changes
Copy link
Member

@mwrock mwrock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice catch.

@mwrock mwrock mentioned this pull request Nov 30, 2020
Closed
@tas50 tas50 merged commit 9539d2a into chef:master Nov 30, 2020
@joshcooper
Copy link
Contributor

joshcooper commented Apr 20, 2021
edited

Hi folks, it looks like Windows github runners enabled ASLR causing our puppet#6.x builds to fail. We're still pinned to win32-dir 0.4.9 due to still supporting ruby 2.3 and up. Would it be possible to get a release of win32-dir 0.4.10 with only this change? We've worked around the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mwrock mwrock mwrock approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@GabrielNagy @djberg96 @joshcooper @mwrock @tas50