diff options
author | Simon Rozman <simon@rozman.si> | 2020-10-30 07:35:00 +0100 |
---|---|---|
committer | Simon Rozman <simon@rozman.si> | 2020-10-31 10:41:47 +0100 |
commit | 3dacd1c6ce4aa0c642fe19c79a30980701064e9a (patch) | |
tree | cd98fedde5b992e5f446b207ff6bb3c575741ec6 /api/adapter.c | |
parent | api: check the stdout reader thread exit status for failures (diff) | |
download | wintun-3dacd1c6ce4aa0c642fe19c79a30980701064e9a.tar.xz wintun-3dacd1c6ce4aa0c642fe19c79a30980701064e9a.zip |
api: make pipe handles non-inheritable by default
...and change to inheritable only the ones really needed, eliminating a
window where we'd have inheritable handles that are not supposed to be
inheritable.
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
Diffstat (limited to 'api/adapter.c')
-rw-r--r-- | api/adapter.c | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/api/adapter.c b/api/adapter.c index ba33e57..b7f2efa 100644 --- a/api/adapter.c +++ b/api/adapter.c @@ -1397,19 +1397,16 @@ ExecuteRunDll32( Result = ERROR_INVALID_PARAMETER; goto cleanupDelete; } - SECURITY_ATTRIBUTES sa = { .nLength = sizeof(SECURITY_ATTRIBUTES), - .bInheritHandle = TRUE, - .lpSecurityDescriptor = - SecurityAttributes ? SecurityAttributes->lpSecurityDescriptor : NULL }; HANDLE StreamRStdout = INVALID_HANDLE_VALUE, StreamRStderr = INVALID_HANDLE_VALUE, StreamWStdout = INVALID_HANDLE_VALUE, StreamWStderr = INVALID_HANDLE_VALUE; - if (!CreatePipe(&StreamRStdout, &StreamWStdout, &sa, 0) || !CreatePipe(&StreamRStderr, &StreamWStderr, &sa, 0)) + if (!CreatePipe(&StreamRStdout, &StreamWStdout, SecurityAttributes, 0) || + !CreatePipe(&StreamRStderr, &StreamWStderr, SecurityAttributes, 0)) { Result = LOG_LAST_ERROR(L"Failed to create pipes"); goto cleanupPipes; } - if (!SetHandleInformation(StreamRStdout, HANDLE_FLAG_INHERIT, 0) || - !SetHandleInformation(StreamRStderr, HANDLE_FLAG_INHERIT, 0)) + if (!SetHandleInformation(StreamWStdout, HANDLE_FLAG_INHERIT, HANDLE_FLAG_INHERIT) || + !SetHandleInformation(StreamWStderr, HANDLE_FLAG_INHERIT, HANDLE_FLAG_INHERIT)) { Result = LOG_LAST_ERROR(L"Failed to set handle info"); goto cleanupPipes; |