The following patch increases from 10 to 63, per Windows spec https://learn.microsoft.com/en-us/windows/win32/fileio/reparse-points
Security impact is minor, SYMLOOP_MAX is just an artificial limiter to prevent endless loops. But with a value of 10 it is a real world problem, because production scripts ported from other platforms hit this on a regular basis. Neither Powershell nor JAVA have such a limit, they all rely on the Windows object manager to report back if more than 63 reparse points are traversed. Thus, the limit should be increased to 63, which is the maximum supported by the Windows object manager. ---cut---cut---cut--- diff --git a/winsup/cygwin/include/cygwin/limits.h b/winsup/cygwin/include/cygwin/limits.h index 204154da9..c61466368 100644 --- a/winsup/cygwin/include/cygwin/limits.h +++ b/winsup/cygwin/include/cygwin/limits.h @@ -43,7 +43,13 @@ details. */ #define __SEM_VALUE_MAX 1147483648 #define __SIGQUEUE_MAX 1024 #define __STREAM_MAX 20 -#define __SYMLOOP_MAX 10 +/* __SYMLOOP_MAX + https://learn.microsoft.com/en-us/windows/win32/fileio/reparse-points + ... There is a limit of 63 reparse points on any given path. + NOTE: The limit can be reduced depending on the length of the + reparse point. For example, if your reparse point targets a fully + qualified path, the limit becomes 31. */ +#define __SYMLOOP_MAX 63 #define __TIMER_MAX 32 #define __TTY_NAME_MAX 32 #define __FILESIZEBITS 64 ---cut---cut---cut--- What is the next step to get this patch committed and pushed? Sebi -- Sebastian Feld - IT security consultant -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
