aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/golang-create-environment-block-process-creation-token.patch
diff options
context:
space:
mode:
Diffstat (limited to 'golang-create-environment-block-process-creation-token.patch')
-rw-r--r--golang-create-environment-block-process-creation-token.patch181
1 files changed, 0 insertions, 181 deletions
diff --git a/golang-create-environment-block-process-creation-token.patch b/golang-create-environment-block-process-creation-token.patch
deleted file mode 100644
index 16eba589..00000000
--- a/golang-create-environment-block-process-creation-token.patch
+++ /dev/null
@@ -1,181 +0,0 @@
-From 04a4a755d8835d7b05373c19977c4d8f31cbe119 Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason@zx2c4.com>
-Date: Sun, 12 May 2019 14:34:30 +0200
-Subject: [PATCH] os: pass correct environment when creating Windows processes
-
-This is CVE-2019-11888.
-
-Previously, passing a nil environment but a non-nil token would result
-in the new potentially unprivileged process inheriting the parent
-potentially privileged environment, or would result in the new
-potentially privileged process inheriting the parent potentially
-unprivileged environment. Either way, it's bad. In the former case, it's
-an infoleak. In the latter case, it's a possible EoP, since things like
-PATH could be overwritten.
-
-Not specifying an environment currently means, "use the existing
-environment". This commit amends the behavior to be, "use the existing
-environment of the token the process is being created for." The behavior
-therefore stays the same when creating processes without specifying a
-token. And it does the correct thing when creating processes when
-specifying a token.
-
-Fixes #32000
-
-Change-Id: Ia57f6e89b97bdbaf7274d6a89c1d9948b6d40ef5
----
- .../syscall/windows/syscall_windows.go | 3 ++
- .../syscall/windows/zsyscall_windows.go | 32 +++++++++++++++
- src/os/env_default.go | 13 ++++++
- src/os/env_windows.go | 41 +++++++++++++++++++
- src/os/exec_posix.go | 5 ++-
- 5 files changed, 93 insertions(+), 1 deletion(-)
- create mode 100644 src/os/env_default.go
- create mode 100644 src/os/env_windows.go
-
-diff --git a/src/internal/syscall/windows/syscall_windows.go b/src/internal/syscall/windows/syscall_windows.go
-index 121132f6f7..099e91ed68 100644
---- a/src/internal/syscall/windows/syscall_windows.go
-+++ b/src/internal/syscall/windows/syscall_windows.go
-@@ -305,3 +305,6 @@ const (
- func LoadGetFinalPathNameByHandle() error {
- return procGetFinalPathNameByHandleW.Find()
- }
-+
-+//sys CreateEnvironmentBlock(block **uint16, token syscall.Token, inheritExisting bool) (err error) = userenv.CreateEnvironmentBlock
-+//sys DestroyEnvironmentBlock(block *uint16) (err error) = userenv.DestroyEnvironmentBlock
-diff --git a/src/internal/syscall/windows/zsyscall_windows.go b/src/internal/syscall/windows/zsyscall_windows.go
-index 9527a370a4..ca5b4e6f16 100644
---- a/src/internal/syscall/windows/zsyscall_windows.go
-+++ b/src/internal/syscall/windows/zsyscall_windows.go
-@@ -58,6 +58,8 @@ var (
- procNetShareAdd = modnetapi32.NewProc("NetShareAdd")
- procNetShareDel = modnetapi32.NewProc("NetShareDel")
- procGetFinalPathNameByHandleW = modkernel32.NewProc("GetFinalPathNameByHandleW")
-+ procCreateEnvironmentBlock = moduserenv.NewProc("CreateEnvironmentBlock")
-+ procDestroyEnvironmentBlock = moduserenv.NewProc("DestroyEnvironmentBlock")
- procImpersonateSelf = modadvapi32.NewProc("ImpersonateSelf")
- procRevertToSelf = modadvapi32.NewProc("RevertToSelf")
- procOpenThreadToken = modadvapi32.NewProc("OpenThreadToken")
-@@ -220,6 +222,36 @@ func GetFinalPathNameByHandle(file syscall.Handle, filePath *uint16, filePathSiz
- return
- }
-
-+func CreateEnvironmentBlock(block **uint16, token syscall.Token, inheritExisting bool) (err error) {
-+ var _p0 uint32
-+ if inheritExisting {
-+ _p0 = 1
-+ } else {
-+ _p0 = 0
-+ }
-+ r1, _, e1 := syscall.Syscall(procCreateEnvironmentBlock.Addr(), 3, uintptr(unsafe.Pointer(block)), uintptr(token), uintptr(_p0))
-+ if r1 == 0 {
-+ if e1 != 0 {
-+ err = errnoErr(e1)
-+ } else {
-+ err = syscall.EINVAL
-+ }
-+ }
-+ return
-+}
-+
-+func DestroyEnvironmentBlock(block *uint16) (err error) {
-+ r1, _, e1 := syscall.Syscall(procDestroyEnvironmentBlock.Addr(), 1, uintptr(unsafe.Pointer(block)), 0, 0)
-+ if r1 == 0 {
-+ if e1 != 0 {
-+ err = errnoErr(e1)
-+ } else {
-+ err = syscall.EINVAL
-+ }
-+ }
-+ return
-+}
-+
- func ImpersonateSelf(impersonationlevel uint32) (err error) {
- r1, _, e1 := syscall.Syscall(procImpersonateSelf.Addr(), 1, uintptr(impersonationlevel), 0, 0)
- if r1 == 0 {
-diff --git a/src/os/env_default.go b/src/os/env_default.go
-new file mode 100644
-index 0000000000..c11ccce7e3
---- /dev/null
-+++ b/src/os/env_default.go
-@@ -0,0 +1,13 @@
-+// Copyright 2019 The Go Authors. All rights reserved.
-+// Use of this source code is governed by a BSD-style
-+// license that can be found in the LICENSE file.
-+
-+// +build !windows
-+
-+package os
-+
-+import "syscall"
-+
-+func environForSysProcAttr(sys *syscall.SysProcAttr) ([]string, error) {
-+ return Environ(), nil
-+}
-diff --git a/src/os/env_windows.go b/src/os/env_windows.go
-new file mode 100644
-index 0000000000..2a5b82010e
---- /dev/null
-+++ b/src/os/env_windows.go
-@@ -0,0 +1,41 @@
-+// Copyright 2019 The Go Authors. All rights reserved.
-+// Use of this source code is governed by a BSD-style
-+// license that can be found in the LICENSE file.
-+
-+package os
-+
-+import (
-+ "internal/syscall/windows"
-+ "syscall"
-+ "unicode/utf16"
-+ "unsafe"
-+)
-+
-+func environForSysProcAttr(sys *syscall.SysProcAttr) (env []string, err error) {
-+ if sys == nil || sys.Token == 0 {
-+ env = Environ()
-+ return
-+ }
-+ var block *uint16
-+ err = windows.CreateEnvironmentBlock(&block, sys.Token, false)
-+ if err != nil {
-+ return
-+ }
-+ blockp := uintptr(unsafe.Pointer(block))
-+ for {
-+ entry := (*[(1 << 30) - 1]uint16)(unsafe.Pointer(blockp))[:]
-+ for i, v := range entry {
-+ if v == 0 {
-+ entry = entry[:i]
-+ break
-+ }
-+ }
-+ if len(entry) == 0 {
-+ break
-+ }
-+ env = append(env, string(utf16.Decode(entry)))
-+ blockp += 2 * (uintptr(len(entry)) + 1)
-+ }
-+ windows.DestroyEnvironmentBlock(block)
-+ return
-+}
-diff --git a/src/os/exec_posix.go b/src/os/exec_posix.go
-index 7b1ef67d1c..5c1dcc3801 100644
---- a/src/os/exec_posix.go
-+++ b/src/os/exec_posix.go
-@@ -38,7 +38,10 @@ func startProcess(name string, argv []string, attr *ProcAttr) (p *Process, err e
- Sys: attr.Sys,
- }
- if sysattr.Env == nil {
-- sysattr.Env = Environ()
-+ sysattr.Env, err = environForSysProcAttr(sysattr.Sys)
-+ if err != nil {
-+ return
-+ }
- }
- sysattr.Files = make([]uintptr, 0, len(attr.Files))
- for _, f := range attr.Files {
---
-2.21.0
-
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.