[PATCH] Cygwin: signal: Do not copy context to stack area in call_signal_handler()

Takashi Yano Tue, 25 Mar 2025 03:16:46 -0700

After the commit 0210c77311ae, the context passed to signal handler
cannot be accessed from the signal handler that uses alternate stack.
This is because the context locally copied is on the stack that is
different area from the signal handler uses. With this patch, copy
the context to malloc'ed memory area to avoid this situation.


Addresses: https://cygwin.com/pipermail/cygwin/2025-March/257714.html
Fixes: 0210c77311ae ("Cygwin: signal: Use context locally copied in 
call_signal_handler()")
Reported-by: Bruno Haible <br...@clisp.org>
Reviewed-by:
Signed-off-by: Takashi Yano <takashi.y...@nifty.ne.jp>
---
 winsup/cygwin/exceptions.cc | 7 ++++++-
 winsup/cygwin/release/3.6.1 | 5 +++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/winsup/cygwin/exceptions.cc b/winsup/cygwin/exceptions.cc
index 2e25aa214..00dcb3dca 100644
--- a/winsup/cygwin/exceptions.cc
+++ b/winsup/cygwin/exceptions.cc
@@ -1660,7 +1660,11 @@ altstack_wrapper (int sig, siginfo_t *siginfo, 
ucontext_t *sigctx,
 int
 _cygtls::call_signal_handler ()
 {
-  ucontext_t context1 = context;
+  /* To copy the context, do not use auto variable allocated on the stack,
+     because it cannot be accessed by the signal handler that uses
+     alternate signal stack. Instead, use malloc()'ed area. */
+  ucontext_t &context1 = *(ucontext_t *) malloc (sizeof (ucontext_t));
+  context1 = context;
 
   int this_sa_flags = SA_RESTART;
   while (1)
@@ -1869,6 +1873,7 @@ _cygtls::call_signal_handler ()
        set_errno (this_errno);
     }
   context = context1;
+  free (&context1);
 
   /* FIXME: Since 2011 this return statement always returned 1 (meaning
      SA_RESTART is effective) if the thread we're running in is not the
diff --git a/winsup/cygwin/release/3.6.1 b/winsup/cygwin/release/3.6.1
index 40ef2973f..838f6d3ac 100644
--- a/winsup/cygwin/release/3.6.1
+++ b/winsup/cygwin/release/3.6.1
@@ -10,3 +10,8 @@ Fixes:
 - getlocalename_l: Fix a crash and handle LC_ALL according to final
   POSIX-1.2024 docs.
   Addresses: https://cygwin.com/pipermail/cygwin/2025-March/257715.html
+
+- Do not copy context to stack area in call_signal_handler() because
+  this may cause access violation if context is accessed in the signal
+  handler.
+  Addresses: https://cygwin.com/pipermail/cygwin/2025-March/257714.html
-- 
2.45.1

[PATCH] Cygwin: signal: Do not copy context to stack area in call_signal_handler()

Reply via email to