Its possible that we're calling Process_free_internal on a pseudo-han…

…dle. When we are not using SHM we use psuedo handles to return processes from pids, however we dont guard against pseudo-handles in CloseProcess, which could lead to calling unref on a fake handle.
mono · Oct 5, 2010 · 579a0ca · 579a0ca
1 parent 577dfd5
commit 579a0ca
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 5 deletions.
diff --git a/mono/io-layer/processes.c b/mono/io-layer/processes.c
@@ -1690,6 +1690,16 @@ static gboolean process_open_compare (gpointer handle, gpointer user_data)
 	}
 }
 
+gboolean CloseProcess(gpointer handle)
+{
+	if ((GPOINTER_TO_UINT (handle) & _WAPI_PROCESS_UNHANDLED) == _WAPI_PROCESS_UNHANDLED) {
+		/* This is a pseudo handle */
+		return(TRUE);
+	}
+
+	return CloseHandle (handle);
+}
+
 gpointer OpenProcess (guint32 req_access G_GNUC_UNUSED, gboolean inherit G_GNUC_UNUSED, guint32 pid)
 {
 	/* Find the process handle that corresponds to pid */
@@ -1701,10 +1711,9 @@ gpointer OpenProcess (guint32 req_access G_GNUC_UNUSED, gboolean inherit G_GNUC_
 	g_message ("%s: looking for process %d", __func__, pid);
 #endif
 
-	if (_wapi_shm_enabled ())
-		handle = _wapi_search_handle (WAPI_HANDLE_PROCESS,
-					      process_open_compare,
-					      GUINT_TO_POINTER (pid), NULL, TRUE);
+	handle = _wapi_search_handle (WAPI_HANDLE_PROCESS,
+				      process_open_compare,
+				      GUINT_TO_POINTER (pid), NULL, TRUE);
 	if (handle == 0) {
 #if defined(PLATFORM_MACOSX) || defined(__OpenBSD__)
 		if ((kill(pid, 0) == 0) || (errno == EPERM)) {

diff --git a/mono/io-layer/processes.h b/mono/io-layer/processes.h
@@ -190,6 +190,7 @@ extern gpointer GetCurrentProcess (void);
 extern guint32 GetProcessId (gpointer handle);
 extern guint32 GetCurrentProcessId (void);
 extern gboolean EnumProcesses (guint32 *pids, guint32 len, guint32 *needed);
+extern gboolean CloseProcess (gpointer handle);
 extern gpointer OpenProcess (guint32 access, gboolean inherit, guint32 pid);
 extern gboolean GetExitCodeProcess (gpointer process, guint32 *code);
 extern gboolean GetProcessTimes (gpointer process, WapiFileTime *create_time,

diff --git a/mono/metadata/process.c b/mono/metadata/process.c
@@ -65,7 +65,7 @@ void ves_icall_System_Diagnostics_Process_Process_free_internal (MonoObject *thi
 	g_message ("%s: Closing process %p, handle %p", __func__, this, process);
 #endif
 
-	CloseHandle (process);
+	CloseProcess (process);
 }
 
 #define STASH_SYS_ASS(this) \