Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pass NULL pointer to LXSS_CONSOLE_DATA will crash other bash process #790

Closed
Yangff opened this issue Aug 6, 2016 · 2 comments
Closed

Pass NULL pointer to LXSS_CONSOLE_DATA will crash other bash process #790

Yangff opened this issue Aug 6, 2016 · 2 comments

Comments

@Yangff
Copy link

Yangff commented Aug 6, 2016
edited
Loading

I'm playing lxss and trying to run a process without bash as easy as possible, and I found if I pass zero for LXSS_CONSOLE_DATA to ILxssInstance->CreateLxProcess for example, rst = ins->CreateLxProcess("/usr/bin/whois", 2, args, 4, CODE, "/root/", 0, &std_handle, NULL, 0, &hProcess);

The function returns -2147024832 and then my running bash crash. I think this function is not designed to be that..

If I pass a pointer to LXSS_CONSOLE_DATA (fill with zero) the function return with error but it will not crash other process.

I'm using 14393.10

PS. I guess this function looks like (I'm not sure about this, but I means you can crush it by using these arguments)

struct LXSS_STD_HANDLES {
    /* For old console ? */
    /* HI POS === 1 */
    HANDLE STDIN; /* STDIN (create pipe) */
    HANDLE STDOUT; /* STDOUT */
    HANDLE STDERR; /* STDERR */
    /* all zero if LXSS_CONSOLE_DATA used */
};
struct LXSS_CONSOLE_DATA { 
    /* unclear... */
    /* low 32 bits of LXSS_STD_HANDLES (?) */
    DWORD IN_BUF; /* For keys (arrors...) */
    DWORD OUT_BUF; /* STDOUT (console) */
    DWORD IN_EVENT; /* for example resize.... */
    /* Buffer.EventType != 1, Buffer.EventType == 4 */

    WORD SCREEN_WIDTH;
    WORD SCREEN_HEIGHT;
    /* GetConsoleScreenBufferInfo */
    /*
      ConsoleScreenBufferInfo.srWindow.Right - ConsoleScreenBufferInfo.srWindow.Left + 1;
      ConsoleScreenBufferInfo.srWindow.Bottom - ConsoleScreenBufferInfo.srWindow.Top + 1;
    */
};
    virtual int CreateLxProcess(
        char const * exec /* in linux */ ,
        unsigned long argc, 
        char const ** args,
        unsigned long env_count, 
        char const ** env,
        char const * current_path /* maybe */,
        unsigned long keep_runing, /* 0 for bash -c xxx 1 for other */
        LXSS_STD_HANDLES *_LXSS_STD_HANDLES,
        LXSS_CONSOLE_DATA *_LXSS_CONSOLE_DATA,
        unsigned long uid /* =0 or read from reg */, 
        HANDLE * process /* &v =0 */) = 0;
@fpqc
Copy link

fpqc commented Aug 6, 2016

Cool project hope MS documents more of this!

@benhillis benhillis mentioned this issue Aug 9, 2016
Closed
@benhillis
Copy link
Member

I was not able to reproduce this. When I pass NULL as that parameter I get the expected COM error message:

Error code: (HRESULT) 0x800706f4 (2147944180) - A null reference pointer was passed to the stub.

If you are still able to reproduce this behavior on Creator's Update could you please reopen?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Yangff @fpqc @benhillis