Fwd: Windows shmem fix: makes shared memory fully ASLR and DEP compliant (ea. cache zone, limit zone, etc.)

Maxim Dounin mdounin at mdounin.ru
Tue Jun 9 14:20:09 UTC 2015


Hello!

On Tue, Jun 09, 2015 at 03:43:09PM +0200, Sergey Brester wrote:

> 09.06.2015 14:44, Maxim Dounin:
> 
> >I don't see how CreateProcess() bInheritHandles affects handles
> >created by worker processes. It is documented to only control
> >whether inheritable handles will be inherited by a new process or
> >not. Either way, worker processes are not expected to start other
> >processes, so you probably shouldn't care at all.
> 
> The problem is, some handles are frequently default inheritable in windows.
> And if any process in combination parent/children was exited (ex. creashed)
> without closing this handle - it would be not closed, as long as last
> process of this "group" is still alive (can potentially inherit this leak
> handle).

You mean - one process exited without closing the handle, all other 
processes closed the handle - and the handle is still open?  If 
this is really happens, this is probably a bug in Windows.

Either way, it doesn't looks blocking for nginx, as opens only a 
small number of handles in the master process, and in most cases 
we want them to be shared among all processes.

> Very bad thing is this "bInheritHandles", have very bad experience with it.

The bInheritHandles switch looks more or less like what fork() 
does with file descriptors on Unix, and related problems are very 
well known (and mitigated with things like FD_CLOEXEC and/or 
careful use of file descriptors).

-- 
Maxim Dounin
http://nginx.org/



More information about the nginx-devel mailing list