delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2012/03/21/05:40:25

X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-0.7 required=5.0 tests=AWL,BAYES_00,TW_IX
X-Spam-Check-By: sourceware.org
Date: Wed, 21 Mar 2012 10:39:35 +0100
From: Denis Excoffier <cygwin AT Denis-Excoffier DOT org>
To: cygwin AT cygwin DOT com
Subject: Re: BLODA detection code in latest snapshot
Message-ID: <20120321093959.GA4608@qp9482>
References: <20120227122614 DOT GB31025 AT calimero DOT vinschen DOT de> <4F4C41B5 DOT 7040804 AT acm DOT org> <20120228092144 DOT GB23052 AT calimero DOT vinschen DOT de>
MIME-Version: 1.0
In-Reply-To: <20120228092144.GB23052@calimero.vinschen.de>
User-Agent: Mutt/1.5.21 (2010-09-15)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com 

On Tue, Feb 28, 2012 at 10:21:44AM +0100, Corinna Vinschen wrote:
>> On Feb 27 18:53, David Rothenberger wrote:
>> > On 2/27/2012 4:26 AM, Corinna Vinschen wrote:
>> > >   Of course this is not foolproof.  The only filtered system DLLs so
>> > >   far are kernel32.dll, ntdll.dll, mswsock.dll, amd ws2_32.dll.  If you
>> > >   playing around with this, and if you find that a core system DLL is
>> > >   reported (like, say, advapi32.dll), then please notify this list, too.
>> > 
>> > On one of my Windows XP 32 boxes, it is reporting
>> > 
>> > Potential BLODA detected!  Thread function called outside of Cygwin DLL:
>> >   C:\WINDOWS\system32\advapi32.dll
>> > 
>> > when I ssh to another host. The machine DOES have potential BLODA,
>> > though: Symantec Endpoint Protection. It's never caused me any problems.
>> 
>> Weird!  I can't reproduce this on my XP box so I have to assume
>> this is a result of SEPs influence.  Hmm.  That's a bit disappointing.
>> How on earth can SEP call a thread function in advapi32?  I don't
>> think any of them are documented...
>> 
I had the same with script+xinit (using snapshot 20120314 and the
new xorg-server 1.12, although i don't think this makes any difference):

% script
% xinit      <- this is an alias
...
Welcome to the XWin X Server
Vendor: The Cygwin/X Project
Release: 1.12.0.0
OS: Windows XP Service Pack 3 [Windows NT 5.1 build 2600] (Win32)
Package: version 1.12.0-1 built 2012-03-12

XWin was started with the following command line:

/usr/bin/XWin -emulate3buttons -unixkill :0

_XSERVTransSocketOpenCOTSServer: Unable to open socket for inet6
_XSERVTransOpen: transport open failed for inet6/po8371:0
_XSERVTransMakeAllCOTSServerListeners: failed to open listener for inet6


Potential BLODA detected!  Thread function called outside of Cygwin DLL:
  D:\WINDOWS\system32\ADVAPI32.DLL
(II) xorg.conf is not supported
(II) See http://x.cygwin.com/docs/faq/cygwin-x-faq.html for more information
LoadPreferences: /tmp/myh/.XWinrc not found
LoadPreferences: Loading /etc/X11/system.XWinrc

...

% exit
exit
Script done, file is typescript



Hope this helps,

Denis Excoffier.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019