[sys] windows: do not overflow key memory in GetQueuedCompletionStatus

Jason A. Donenfeld (Gerrit)

unread,

Feb 23, 2021, 7:33:12 AM2/23/21

to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com

Jason A. Donenfeld has uploaded this change for review.

windows: do not overflow key memory in GetQueuedCompletionStatus

The third argument to GetQueuedCompletionStatus is a pointer to a
uintptr, not a uint32. Users of this functions have therefore been
corrupting their memory every time they used it. Either that memory
corruption was silent (dangerous), or their programs didn't work so they
chose a different API to use.

Updates golang/go#44538.

Change-Id: Ie1f66de11001cf9c8195afaa61f003a86f821a95
---
M windows/syscall_windows.go
M windows/zsyscall_windows.go
2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/syscall_windows.go b/windows/syscall_windows.go
index a278c5f..e6c995d 100644
--- a/windows/syscall_windows.go
+++ b/windows/syscall_windows.go
@@ -209,7 +209,7 @@
 //sys	GetSystemTimePreciseAsFileTime(time *Filetime)
 //sys	GetTimeZoneInformation(tzi *Timezoneinformation) (rc uint32, err error) [failretval==0xffffffff]
 //sys	CreateIoCompletionPort(filehandle Handle, cphandle Handle, key uint32, threadcnt uint32) (handle Handle, err error)
-//sys	GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uint32, overlapped **Overlapped, timeout uint32) (err error)
+//sys	GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uintptr, overlapped **Overlapped, timeout uint32) (err error)
 //sys	PostQueuedCompletionStatus(cphandle Handle, qty uint32, key uint32, overlapped *Overlapped) (err error)
 //sys	CancelIo(s Handle) (err error)
 //sys	CancelIoEx(s Handle, o *Overlapped) (err error)
diff --git a/windows/zsyscall_windows.go b/windows/zsyscall_windows.go
index 316157e..db633fc 100644
--- a/windows/zsyscall_windows.go
+++ b/windows/zsyscall_windows.go
@@ -2066,7 +2066,7 @@
 	return
 }
 
-func GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uint32, overlapped **Overlapped, timeout uint32) (err error) {
+func GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uintptr, overlapped **Overlapped, timeout uint32) (err error) {
 	r1, _, e1 := syscall.Syscall6(procGetQueuedCompletionStatus.Addr(), 5, uintptr(cphandle), uintptr(unsafe.Pointer(qty)), uintptr(unsafe.Pointer(key)), uintptr(unsafe.Pointer(overlapped)), uintptr(timeout), 0)
 	if r1 == 0 {
 		err = errnoErr(e1)

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Jason A. Donenfeld (Gerrit)

unread,

Feb 23, 2021, 7:33:50 AM2/23/21

to goph...@pubsubhelper.golang.org, Alex Brainman, Brad Fitzpatrick, golang-co...@googlegroups.com

Attention is currently required from: Alex Brainman, Brad Fitzpatrick.

Patch set 1:Run-TryBot +1Trust +1

View Change

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Jason A. Donenfeld (Gerrit)

unread,

Feb 23, 2021, 4:50:38 PM2/23/21

to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com

Attention is currently required from: Alex Brainman, Brad Fitzpatrick.

Jason A. Donenfeld uploaded patch set #2 to this change.

View Change

windows: do not overflow key memory in GetQueuedCompletionStatus

The third argument to GetQueuedCompletionStatus is a pointer to a
uintptr, not a uint32. Users of this functions have therefore been
corrupting their memory every time they used it. Either that memory
corruption was silent (dangerous), or their programs didn't work so they
chose a different API to use.

Updates golang/go#44538.

Change-Id: Ie1f66de11001cf9c8195afaa61f003a86f821a95
---
M windows/syscall_windows.go
M windows/zsyscall_windows.go

2 files changed, 6 insertions(+), 6 deletions(-)

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Jason A. Donenfeld (Gerrit)

unread,

Feb 23, 2021, 4:53:13 PM2/23/21

to goph...@pubsubhelper.golang.org, Go Bot, Alex Brainman, Brad Fitzpatrick, golang-co...@googlegroups.com

Attention is currently required from: Alex Brainman, Brad Fitzpatrick.

Patch set 2:Run-TryBot +1Trust +1

View Change

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Jason A. Donenfeld (Gerrit)

unread,

Feb 24, 2021, 1:04:41 PM2/24/21

to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com

Attention is currently required from: Alex Brainman, Brad Fitzpatrick, Ian Lance Taylor.

Jason A. Donenfeld uploaded patch set #3 to this change.

View Change

windows: do not overflow key memory in GetQueuedCompletionStatus

The third argument to GetQueuedCompletionStatus is a pointer to a
uintptr, not a uint32. Users of this functions have therefore been
corrupting their memory every time they used it. Either that memory
corruption was silent (dangerous), or their programs didn't work so they
chose a different API to use.

This corresponds with syscall CL 295371.



Change-Id: Ie1f66de11001cf9c8195afaa61f003a86f821a95
---
M windows/syscall_windows.go
M windows/zsyscall_windows.go
2 files changed, 6 insertions(+), 6 deletions(-)

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Jason A. Donenfeld (Gerrit)

unread,

Feb 24, 2021, 1:04:52 PM2/24/21

to goph...@pubsubhelper.golang.org, Ian Lance Taylor, Go Bot, Alex Brainman, Brad Fitzpatrick, golang-co...@googlegroups.com

Attention is currently required from: Alex Brainman, Brad Fitzpatrick, Ian Lance Taylor.

Patch set 3:Run-TryBot +1Trust +1

View Change

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Bryan C. Mills (Gerrit)

unread,

Feb 24, 2021, 5:01:00 PM2/24/21

to Jason A. Donenfeld, goph...@pubsubhelper.golang.org, Bryan C. Mills, Go Bot, Ian Lance Taylor, Alex Brainman, Brad Fitzpatrick, golang-co...@googlegroups.com

Attention is currently required from: Jason A. Donenfeld, Alex Brainman, Brad Fitzpatrick, Ian Lance Taylor.

Patch set 3:Code-Review -2

View Change

1 comment:

Patchset:
- Patch Set #3:
  Temporary -2 pending discussion on #44538.

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Jason A. Donenfeld (Gerrit)

unread,

Feb 24, 2021, 5:20:58 PM2/24/21

to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com

Attention is currently required from: Jason A. Donenfeld, Alex Brainman, Brad Fitzpatrick, Ian Lance Taylor.

Jason A. Donenfeld uploaded patch set #4 to this change.

View Change

windows: do not overflow key memory in GetQueuedCompletionStatus

The third argument to GetQueuedCompletionStatus is a pointer to a
uintptr, not a uint32. Users of this functions have therefore been
corrupting their memory every time they used it. Either that memory
corruption was silent (dangerous), or their programs didn't work so they
chose a different API to use.

Updates golang/go#44538.



Change-Id: Ie1f66de11001cf9c8195afaa61f003a86f821a95
---
M windows/syscall_windows.go
M windows/zsyscall_windows.go
2 files changed, 6 insertions(+), 6 deletions(-)

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Jason A. Donenfeld (Gerrit)

unread,

Feb 24, 2021, 5:21:05 PM2/24/21

to goph...@pubsubhelper.golang.org, Bryan C. Mills, Go Bot, Ian Lance Taylor, Alex Brainman, Brad Fitzpatrick, golang-co...@googlegroups.com

Attention is currently required from: Alex Brainman, Brad Fitzpatrick, Ian Lance Taylor.

Patch set 4:Run-TryBot +1Trust +1

View Change

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Bryan C. Mills (Gerrit)

unread,

Feb 24, 2021, 5:23:12 PM2/24/21

to Jason A. Donenfeld, goph...@pubsubhelper.golang.org, Bryan C. Mills, Go Bot, Ian Lance Taylor, Alex Brainman, Brad Fitzpatrick, golang-co...@googlegroups.com

Attention is currently required from: Jason A. Donenfeld, Alex Brainman, Brad Fitzpatrick, Ian Lance Taylor.

Patch set 4:Code-Review -1

View Change

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Bryan C. Mills (Gerrit)

unread,

Feb 24, 2021, 8:29:06 PM2/24/21

to Jason A. Donenfeld, goph...@pubsubhelper.golang.org, Go Bot, Bryan C. Mills, Ian Lance Taylor, Alex Brainman, Brad Fitzpatrick, golang-co...@googlegroups.com

Attention is currently required from: Jason A. Donenfeld, Alex Brainman, Brad Fitzpatrick, Ian Lance Taylor.

Bryan C. Mills removed a vote from this change.

View Change

Removed Code-Review-1 by Bryan C. Mills <bcm...@google.com>

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Bryan C. Mills (Gerrit)

unread,

Feb 24, 2021, 8:31:44 PM2/24/21

to Jason A. Donenfeld, goph...@pubsubhelper.golang.org, Go Bot, Bryan C. Mills, Ian Lance Taylor, Alex Brainman, Brad Fitzpatrick, golang-co...@googlegroups.com

Attention is currently required from: Jason A. Donenfeld, Alex Brainman, Brad Fitzpatrick, Ian Lance Taylor.

Patch set 4:Code-Review +2

View Change

1 comment:

Patchset:

- Patch Set #3:
  Temporary -2 pending discussion on #44538.

- Per discussion on the issue, I'm ok with this approach for x/sys.
  Jason has sent https://github.com/criyle/go-judge/pull/10 to fix the only known call site outside of the code that he regularly maintains.

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Jason A. Donenfeld (Gerrit)

unread,

Feb 24, 2021, 8:42:13 PM2/24/21

to goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Go Bot, Bryan C. Mills, Ian Lance Taylor, Alex Brainman, Brad Fitzpatrick, golang-co...@googlegroups.com

Jason A. Donenfeld submitted this change.

View Change

Approvals:
  Bryan C. Mills: Looks good to me, approved
  Jason A. Donenfeld: Trusted; Run TryBots
  Go Bot: TryBots succeeded

windows: do not overflow key memory in GetQueuedCompletionStatus

The third argument to GetQueuedCompletionStatus is a pointer to a
uintptr, not a uint32. Users of this functions have therefore been
corrupting their memory every time they used it. Either that memory
corruption was silent (dangerous), or their programs didn't work so they
chose a different API to use.

Updates golang/go#44538.

Change-Id: Ie1f66de11001cf9c8195afaa61f003a86f821a95

Reviewed-on: https://go-review.googlesource.com/c/sys/+/295174
Trust: Jason A. Donenfeld <Ja...@zx2c4.com>
Run-TryBot: Jason A. Donenfeld <Ja...@zx2c4.com>
TryBot-Result: Go Bot <go...@golang.org>
Reviewed-by: Bryan C. Mills <bcm...@google.com>


---
M windows/syscall_windows.go
M windows/zsyscall_windows.go
2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/syscall_windows.go b/windows/syscall_windows.go
index b8916ae..25c6efd 100644
--- a/windows/syscall_windows.go
+++ b/windows/syscall_windows.go
@@ -208,9 +208,9 @@
 //sys	GetSystemTimeAsFileTime(time *Filetime)


 //sys	GetSystemTimePreciseAsFileTime(time *Filetime)
 //sys	GetTimeZoneInformation(tzi *Timezoneinformation) (rc uint32, err error) [failretval==0xffffffff]

-//sys	CreateIoCompletionPort(filehandle Handle, cphandle Handle, key uint32, threadcnt uint32) (handle Handle, err error)


-//sys	GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uint32, overlapped **Overlapped, timeout uint32) (err error)

-//sys	PostQueuedCompletionStatus(cphandle Handle, qty uint32, key uint32, overlapped *Overlapped) (err error)
+//sys	CreateIoCompletionPort(filehandle Handle, cphandle Handle, key uintptr, threadcnt uint32) (handle Handle, err error)


+//sys	GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uintptr, overlapped **Overlapped, timeout uint32) (err error)

+//sys	PostQueuedCompletionStatus(cphandle Handle, qty uint32, key uintptr, overlapped *Overlapped) (err error)


 //sys	CancelIo(s Handle) (err error)
 //sys	CancelIoEx(s Handle, o *Overlapped) (err error)

 //sys	CreateProcess(appName *uint16, commandLine *uint16, procSecurity *SecurityAttributes, threadSecurity *SecurityAttributes, inheritHandles bool, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *StartupInfo, outProcInfo *ProcessInformation) (err error) = CreateProcessW
diff --git a/windows/zsyscall_windows.go b/windows/zsyscall_windows.go
index ca558ea..3f8952d 100644
--- a/windows/zsyscall_windows.go
+++ b/windows/zsyscall_windows.go
@@ -1481,7 +1481,7 @@
 	return
 }
 
-func CreateIoCompletionPort(filehandle Handle, cphandle Handle, key uint32, threadcnt uint32) (handle Handle, err error) {
+func CreateIoCompletionPort(filehandle Handle, cphandle Handle, key uintptr, threadcnt uint32) (handle Handle, err error) {
 	r0, _, e1 := syscall.Syscall6(procCreateIoCompletionPort.Addr(), 4, uintptr(filehandle), uintptr(cphandle), uintptr(key), uintptr(threadcnt), 0, 0)
 	handle = Handle(r0)
 	if handle == 0 {
@@ -2067,7 +2067,7 @@


 	return
 }
 
-func GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uint32, overlapped **Overlapped, timeout uint32) (err error) {
+func GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uintptr, overlapped **Overlapped, timeout uint32) (err error) {
 	r1, _, e1 := syscall.Syscall6(procGetQueuedCompletionStatus.Addr(), 5, uintptr(cphandle), uintptr(unsafe.Pointer(qty)), uintptr(unsafe.Pointer(key)), uintptr(unsafe.Pointer(overlapped)), uintptr(timeout), 0)
 	if r1 == 0 {
 		err = errnoErr(e1)

@@ -2399,7 +2399,7 @@
 	return
 }
 
-func PostQueuedCompletionStatus(cphandle Handle, qty uint32, key uint32, overlapped *Overlapped) (err error) {
+func PostQueuedCompletionStatus(cphandle Handle, qty uint32, key uintptr, overlapped *Overlapped) (err error) {
 	r1, _, e1 := syscall.Syscall6(procPostQueuedCompletionStatus.Addr(), 4, uintptr(cphandle), uintptr(qty), uintptr(key), uintptr(unsafe.Pointer(overlapped)), 0, 0)


 	if r1 == 0 {
 		err = errnoErr(e1)

To view, visit change 295174. To unsubscribe, or for help writing mail filters, visit settings.

Reply all

Reply to author

Forward