| delorie.com/archives/browse.cgi | search |
| DMARC-Filter: | OpenDMARC Filter v1.4.2 delorie.com 50ALwAr61648693 |
| Authentication-Results: | delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com |
| Authentication-Results: | delorie.com; spf=pass smtp.mailfrom=cygwin.com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 delorie.com 50ALwAr61648693 |
| Authentication-Results: | delorie.com; |
| dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=rZsArOlL | |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org 7248F3858031 |
| DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; |
| s=default; t=1736546288; | |
| bh=ruuzrN42xJyGIDlETSXvfsz0JG5RDIKd9UaXz86U3Ss=; | |
| h=Date:To:Cc:Subject:In-Reply-To:References:List-Id: | |
| List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: | |
| From:Reply-To:From; | |
| b=rZsArOlLYbNwbHYetsSkuYag0tmODMykUYc/4x6h0HitB6OWwU03h200k1pyIrVmh | |
| ptoL7vL2YixWvxEKZsy8/bPPani1jJhs24yKuxnOgpvj/jYnlnEwbwdnmdVq4nCHdS | |
| ICK1Ja41LqjiU0rMRlKMSK714bjhMVlNNl51gmts= | |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DMARC-Filter: | OpenDMARC Filter v1.4.2 sourceware.org 01958385801B |
| ARC-Filter: | OpenARC Filter v1.0.0 sourceware.org 01958385801B |
| ARC-Seal: | i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1736546001; cv=none; |
| b=mv/xhl+PLC02txody3vg6m5M2jHqwUXXOYThB9A47AnR+U4lIUYVJHfLdi1+ETlUJrJVeucBCxhGNajJvyn1xxHBJyRwoiU3vpnqz1TFD/HryLxahhwLNbhycHFo6b5NTEwsn7XqnkphSbDgI3yIyrKfuWE7uVOcQBSyOgnrfFA= | |
| ARC-Message-Signature: | i=1; a=rsa-sha256; d=sourceware.org; s=key; |
| t=1736546001; c=relaxed/simple; | |
| bh=4t7nU8380oHktmgIhj3DSQTsYRjdq/kocDYcxYIXCYc=; | |
| h=MIME-Version:Date:From:To:Subject:Message-ID; | |
| b=AUPt9i7/ZRo9pAbTv1G/h+jsaB+M4akeowZHMh4BKJhf1qVXMDoMcAzo1tp1pqiZ2356N8JulW1lGUrW0KhM1i1WweCb/crjWqPsy+kYMsAKnCYQ27MzGRh6SahRzwv1PDb+ZUzNCWWQQRhj43BtaeHPOM0VSbGimarv6zp3QRM= | |
| ARC-Authentication-Results: | i=1; server2.sourceware.org |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org 01958385801B |
| MIME-Version: | 1.0 |
| Date: | Fri, 10 Jan 2025 13:52:31 -0800 |
| To: | Marco Atzeri <marco DOT atzeri AT gmail DOT com> |
| Cc: | cygwin AT cygwin DOT com |
| Subject: | Re: Cygwin main function: vulnerable to wchar_t to char conversion |
| attacks or not? | |
| In-Reply-To: | <f1aa49a0-35c0-4df6-997e-33de5517adbc@gmail.com> |
| References: | <2bc465c57c4826ff6eebbd566a92346e AT kylheku DOT com> |
| <176904400 DOT 20250110103307 AT yandex DOT ru> | |
| <f1aa49a0-35c0-4df6-997e-33de5517adbc AT gmail DOT com> | |
| User-Agent: | Roundcube Webmail/1.4.15 |
| Message-ID: | <58ddf2002fe1e33993102592eeb0c506@kylheku.com> |
| X-Sender: | kaz AT kylheku DOT com |
| X-MagicMail-OS: | Unknown |
| X-MagicMail-UUID: | 4e263016-cf9d-11ef-b16c-005056953255 |
| X-MagicMail-Authenticated: | fuck DOT telus AT novus DOT ca |
| X-MagicMail-SourceIP: | 104.37.63.7 |
| X-MagicMail-RegexMatch: | 1 |
| X-MagicMail-EnvelopeFrom: | <fuck DOT telus AT novus DOT ca> |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.30 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Unsubscribe: | <https://cygwin.com/mailman/options/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe> | |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| From: | Kaz Kylheku via Cygwin <cygwin AT cygwin DOT com> |
| Reply-To: | Kaz Kylheku <kaz AT kylheku DOT com> |
| Errors-To: | cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com> |
On 2025-01-09 23:52, Marco Atzeri wrote: > On 10/01/2025 08:33, Andrey Repin via Cygwin wrote: >> Greetings, Kaz Kylheku! >> >>> Hi all, >> >>> I'm reading an article on attacks that are evidently possible against some Windows >>> programs in the area of command line parsing. See below. >> >>> Does the Cygwin run-time rely on GetCommandLineA to get the char-based command >>> line that is parsed into argv[]? >> >> You can answer this question yourself. The code is open. > > Specifically on https://cygwin.com/git/newlib-cygwin.git > > /pub/Cygwin/git/newlib-cygwin > $ grep -rH GetCommandLineA . > ./winsup/CVSChangeLogs.old/cygwin/ChangeLog-2013: (cygwin_GetCommandLineA): Ditto. > ./winsup/cygwin/cygwin.din:GetCommandLineA AT 0 = cygwin_GetCommandLineA AT 0 NOSIGFE > ./winsup/cygwin/include/cygwin/version.h: 268: Export GetCommandLineA, GetCommandLineW > ./winsup/cygwin/kernel32.cc:/* Cygwin replacement for GetCommandLineA. Returns a concatenated string > ./winsup/cygwin/kernel32.cc:cygwin_GetCommandLineA (void) I see that the kernel32.cc function uses RtlUnicodeStringtoAnsiString. The article I linked to mentions this specific function. The function does the "BestFit" thing, converting Unicode characters to ASCII pseudo-equivalents. If Cygwin relies on this function for converting the process command line into main() arguments, it is likely susceptible to argument injection. -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |