VirtualBox

Changeset 78234 in vbox for trunk/src


Ignore:
Timestamp:
Apr 20, 2019 11:49:01 PM (6 years ago)
Author:
vboxsync
Message:

Main/GuestCtrl: Fixed three i_waitForStatusChange() methods that would return VERR_GSTCTL_GUEST_ERROR without setting prcGuest, making the caller use uninitialized stack as status code for the operation. bugref:9320

Location:
trunk/src/VBox/Main/src-client
Files:
5 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/Main/src-client/GuestCtrlPrivate.cpp

    r77586 r78234  
    12661266 *
    12671267 * @return  VBox status code.
     1268 * @retval  VERR_GSTCTL_GUEST_ERROR may be returned, call GuestResult() to get
     1269 *          the actual result.
     1270 *
    12681271 * @param   pWaitEvt                Pointer to event to wait for.
    12691272 * @param   msTimeout               Timeout (in ms) for waiting.
     
    14781481 *
    14791482 * @returns VBox status code.
     1483 * @retval  VERR_GSTCTL_GUEST_ERROR may be returned, call GuestResult() to get
     1484 *          the actual result.
     1485 *
    14801486 * @param   msTimeout           Timeout (in ms) to wait.
    14811487 *                              Specifiy 0 to wait indefinitely.

  • trunk/src/VBox/Main/src-client/GuestFileImpl.cpp

    r77587 r78234  
    10761076}
    10771077
     1078/**
     1079 * Undocumented, use with great care.
     1080 *
     1081 * @note Similar code in GuestProcess::i_waitForStatusChange() and
     1082 *       GuestSession::i_waitForStatusChange().
     1083 */
    10781084int GuestFile::i_waitForStatusChange(GuestWaitEvent *pEvent, uint32_t uTimeoutMS,
    10791085                                     FileStatus_T *pFileStatus, int *prcGuest)
     
    11161122            *prcGuest = (int)lGuestRc;
    11171123    }
     1124    /* waitForEvent may also return VERR_GSTCTL_GUEST_ERROR like we do above, so make prcGuest is set. */
     1125    /** @todo r=bird: Andy, you seem to have forgotten this scenario.  Showed up occasionally when
     1126     * using the wrong password with a copyto command in a debug  build on windows, error info
     1127     * contained "Unknown Status -858993460 (0xcccccccc)".  As you know windows fills the stack frames
     1128     * with 0xcccccccc in debug builds to highlight use of uninitialized data, so that's what happened
     1129     * here.  It's actually good you didn't initialize lGuest, as it would be heck to find otherwise.
     1130     *
     1131     * I'm still not very impressed with the error managment or the usuefullness of the documentation
     1132     * in this code, though the latter is getting better! */
     1133    else if (vrc == VERR_GSTCTL_GUEST_ERROR && prcGuest)
     1134        *prcGuest = pEvent->GuestResult();
     1135    Assert(vrc != VERR_GSTCTL_GUEST_ERROR || !prcGuest || *prcGuest != (int)0xcccccccc);
    11181136
    11191137    return vrc;

  • trunk/src/VBox/Main/src-client/GuestImpl.cpp

    r77436 r78234  
    173173    {
    174174# ifdef DEBUG
     175/** @todo r=bird: hit a use-after-free situation here while debugging the
     176 * 0xcccccccc status code issue in copyto.  My bet is that this happens
     177 * because of an uninit race, where GuestSession::close(), or someone, does
     178 * not ensure that the parent object (Guest) is okay to use (in the AutoCaller
     179 * sense), only their own object. */
    175180        ULONG cRefs = itSessions->second->AddRef();
    176181        LogFlowThisFunc(("sessionID=%RU32, cRefs=%RU32\n", itSessions->first, cRefs > 1 ? cRefs - 1 : 0));

  • trunk/src/VBox/Main/src-client/GuestProcessImpl.cpp

    r77587 r78234  
    16091609}
    16101610
     1611/**
     1612 * Undocumented, you guess what it does.
     1613 *
     1614 * @note Similar code in GuestFile::i_waitForStatusChange() and
     1615 *       GuestSession::i_waitForStatusChange().
     1616 */
    16111617int GuestProcess::i_waitForStatusChange(GuestWaitEvent *pEvent, uint32_t uTimeoutMS,
    16121618                                        ProcessStatus_T *pProcessStatus, int *prcGuest)
     
    16491655            *prcGuest = (int)lGuestRc;
    16501656    }
     1657    /* waitForEvent may also return VERR_GSTCTL_GUEST_ERROR like we do above, so make prcGuest is set. */
     1658    else if (vrc == VERR_GSTCTL_GUEST_ERROR && prcGuest)
     1659        *prcGuest = pEvent->GuestResult();
     1660    Assert(vrc != VERR_GSTCTL_GUEST_ERROR || !prcGuest || *prcGuest != (int)0xcccccccc);
    16511661
    16521662    LogFlowFuncLeaveRC(vrc);

  • trunk/src/VBox/Main/src-client/GuestSessionImpl.cpp

    r78112 r78234  
    28842884}
    28852885
     2886/**
     2887 * Undocumented, you guess what it does.
     2888 *
     2889 * @note Similar code in GuestFile::i_waitForStatusChange() and
     2890 *       GuestProcess::i_waitForStatusChange().
     2891 */
    28862892int GuestSession::i_waitForStatusChange(GuestWaitEvent *pEvent, uint32_t fWaitFlags, uint32_t uTimeoutMS,
    28872893                                        GuestSessionStatus_T *pSessionStatus, int *prcGuest)
     
    29222928                         RT_SUCCESS((int)lGuestRc) ? VINF_SUCCESS : (int)lGuestRc));
    29232929    }
     2930    /* waitForEvent may also return VERR_GSTCTL_GUEST_ERROR like we do above, so make prcGuest is set. */
     2931    else if (vrc == VERR_GSTCTL_GUEST_ERROR && prcGuest)
     2932        *prcGuest = pEvent->GuestResult();
     2933    Assert(vrc != VERR_GSTCTL_GUEST_ERROR || !prcGuest || *prcGuest != (int)0xcccccccc);
    29242934
    29252935    LogFlowFuncLeaveRC(vrc);
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette