Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: 0.4.3
Component/s: None
Labels:
- PATCH

Description

Hello,

I noticed that the lock/unlock order done by functions SeLockSubjectContext/SeUnlockSubjectContext is incorrect:

SeLockSubjectContext locks in the following order:

SepAcquireTokenLockShared(PrimaryToken);

SepAcquireTokenLockShared(ClientToken);

SeUnlockSubjectContext unlocks in the following order:

SepReleaseTokenLock(PrimaryToken);

SepReleaseTokenLock(ClientToken);

As you can see in SeUnlockSubjectContext there is a problem with lock order, because it should be inversed:

SepReleaseTokenLock(ClientToken);

SepReleaseTokenLock(PrimaryToken);

The general rule of thumb to prevent deadlocks is:
1. Use locks in the same order when multiple locks are involved
2. When unlocking unlock them in inverse order, for example

Correct usage:

Lock A

Lock B

Lock C

[...]

Unlock C

Unlock B

Unlock A

Incorrect usage:

Lock A

Lock B

Lock C

[...]

Unlock A

Unlock C

Unlock B

The attached patch fixes the problem. I've tested it in debugger to make sure that the locks execute in the correct order and there are no deadlocks present.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

access.c.patch
0.6 kB
2016-09-10 11:21

Activity

People

Assignee:: ekohl

Reporter:: vshcherbyna

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2016-09-10 11:21

Updated:: 2016-09-11 13:04

Resolved:: 2016-09-10 13:54