This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

1.5.24-2: zero-length write() and ioctl() on fd -1 cause crashes uses Cygwin to provide Windows support, and it's been most useful. i just thought i'd mention a couple of things that caused crashes in cygwin1.dll 1.5.24-2 where that might not have been Cygwin's intent (in both cases the application's skating on thin ice anyway).

first, if i do a zero-byte write(2) to a pty, i get a crash. POSIX says the behavior in that situation is undefined. i haven't tested with a regular file (where POSIX explicitly says that "write() will return 0 and have no other results").

second, if i try to set the window size on fd -1, i get a crash:

int fd = -1;
struct winsize size;
// set size.ws_col, size.ws_row, size.ws_xpixel, and size.ws_ypixel...
if (ioctl(fd, TIOCSWINSZ, &size) < 0) {

my interpretation of POSIX is that i should get return value -1 and errno set to EBADF in that case. i haven't tested with other invalid file descriptors or other requests.

i haven't tested earlier versions of cygwin1.dll.

strangely, a quick look at the Cygwin source suggests that these cases should be taken care of. ""'s ioctl starts with a cygheap_fdget, and check_iovec would appear to take care of the 0- byte write case for write(2).

let me know if you'd like me to investigate further. i don't have a Windows machine myself, or i'd have done some non-source poking about already. [i'm also not a subscriber to this list, so don't forget to "reply all".]


-- Unsubscribe info: Problem reports: Documentation: FAQ:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]