command-group icon indicating copy to clipboard operation
command-group copied to clipboard
verified publisher icon watchexec

Possible soundness issue in JobPort::Drop

Open gigaroby opened this issue 2 years ago • 1 comments

While conducting an internal unsafe review, we identified a possible soundness issue in JobPort::Drop

https://github.com/watchexec/command-group/blob/b88296fed10b18aebb7ad5889dab5e43b621297f/src/winres.rs#L35

This is highly suspect when combined with #[derive(Clone)] on the struct: any use of Clone is likely to lead to a double-free. This will usually produce a harmless "invalid handle" error which this code will silently ignore, but if either HANDLE value is reused by the kernel before the second clone is dropped, undefined behavior seems possible.

gigaroby avatar Sep 07 '23 11:09 gigaroby

Huh, yeah, that does look likely. Unfortunately very busy elsewhere currently but if you want to submit a PR to clear that I'll merge and release asap.

passcod avatar Sep 07 '23 21:09 passcod