Hi Veronica & Cygwin list (please keep me Cc:ed, I am not subscribed), On Sat, 11 Jan 2025, Veronica Giaudrone wrote:
> I'm part of the Visual Studio team at Microsoft which includes > mingit/Git for Windows in our product for Git tooling integration (I'm > copying a couple of folks from my team in this email too). One of our > API scanning tools has identified msys2.0.dll calling undocumented > Windows APIs like ntdll.dll!NtAssignProcessToJobObject: > > * In cygwin - > > https://github.com/search?q=repo%3Acygwin%2Fcygwin+NtAssignProcessToJobObject&type=code > with a caller: cygwin/winsup/cygwin/resource.cc at > 21a2c9db6952954608cdf92638b411b15e7606c6 * > > cygwin/cygwin<https://github.com/cygwin/cygwin/blob/21a2c9db6952954608cdf92638b411b15e7606c6/winsup/cygwin/resource.cc#L246> > * Looks like it was introduced ~3 years ago: > > https://github.com/cygwin/cygwin/commit/1c7384f9d1b692c8b58af4db8c81d2ce0b10ad06#diff-bc84d57ac99958a694cb56b977bac1360e35040f9aa421972702219e11055ae8R290 > * The code indicates to have come from > oneTBB/test/tbbmalloc/test_malloc_compliance.cpp at > bd291eb0d1c7f802ca5081a8755562ab786db2a2 * > > uxlfoundation/oneTBB<https://github.com/uxlfoundation/oneTBB/blob/bd291eb0d1c7f802ca5081a8755562ab786db2a2/test/tbbmalloc/test_malloc_compliance.cpp#L56-L78>, > though in that case the usage is of the documented API instead. > > We believe the above call should get replaced by the following > documented API - AssignProcessToJobObject function (jobapi2.h) - Win32 > apps | Microsoft > Learn<https://learn.microsoft.com/en-us/windows/win32/api/jobapi2/nf-jobapi2-assignprocesstojobobject> > > Are you aware of this undocumented API call or a reason to not attempt > updating them to documented ones? > > The scan identified a few others like: > > * NtOpenJobObject > * NtCreateJobObject > * NtQueryInformationJobObject > * NtSetInformationJobObject These seem to have been introduced in the very same commit as `NtAssignProcessToJobObject()`. Seeing as the original code on oneBB did not require undocumented function calls, I could imagine that it might be an obvious and uncontroversial change to use documented functions. > * NtOpenMutant - we're not sure yet of the documented call for this one. There are multiple mentions of this (and of `NtCreateMutant()`, also an undocumented function) in Cygwin's source code, most notably in `winsup/cygwin/kernel32.cc`, where the `CreateMutexW()` and `OpenMutexW()` function are reimplemented, preceded with this informative comment: /* Implement CreateMutex/OpenMutex so that named objects are * always created in Cygwin shared object namespace. */ Specifically, if `NULL` was passed in as `lpName`, the code calls `InitializeObjectAttributes()` with `get_shared_parent_dir()` as root object directory. I am too unfamiliar with such internals to tell whether there is a way to accomplish this exclusively using documented functions. Ciao, Johannes -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
