From ba58e5f20ce9326ceb30baa461b53546acec9333 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Mon, 27 Jun 2016 17:56:16 +0200
Subject: [PATCH] Use PROCESS/THREAD_QUERY_LIMITED_INFORMATION where
 appropriate

Using PROCESS/THREAD_QUERY_INFORMATION may limit the number of
processes/threads we can inspect depending on their integrity level.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
---
 winsup/cygwin/fhandler_process.cc | 17 ++++++++++-------
 winsup/cygwin/pinfo.cc            |  8 +++++---
 winsup/cygwin/sched.cc            |  3 ++-
 winsup/cygwin/times.cc            |  5 +++--
 4 files changed, 20 insertions(+), 13 deletions(-)

diff --git a/winsup/cygwin/fhandler_process.cc b/winsup/cygwin/fhandler_process.cc
index f92decd50..9730fa768 100644
--- a/winsup/cygwin/fhandler_process.cc
+++ b/winsup/cygwin/fhandler_process.cc
@@ -702,7 +702,8 @@ struct thread_info
 	    free (buf);
 	    return;
 	  }
-	proc = (PSYSTEM_PROCESS_INFORMATION) ((PBYTE) proc + proc->NextEntryOffset);
+	proc = (PSYSTEM_PROCESS_INFORMATION) ((PBYTE) proc
+					      + proc->NextEntryOffset);
       }
     thread = proc->Threads;
     for (ULONG i = 0; i < proc->NumberOfThreads; ++i)
@@ -711,8 +712,9 @@ struct thread_info
 	TEB teb;
 	HANDLE thread_h;
 
-	if (!(thread_h = OpenThread (THREAD_QUERY_INFORMATION, FALSE,
-				     (ULONG) (ULONG_PTR) thread[i].ClientId.UniqueThread)))
+	thread_h = OpenThread (THREAD_QUERY_LIMITED_INFORMATION, FALSE,
+			 (ULONG) (ULONG_PTR) thread[i].ClientId.UniqueThread);
+	if (!thread_h)
 	  continue;
 	status = NtQueryInformationThread (thread_h, ThreadBasicInformation,
 					   &tbi, sizeof tbi, NULL);
@@ -722,7 +724,8 @@ struct thread_info
 	region *r = (region *) malloc (sizeof (region));
 	if (r)
 	  {
-	    *r = (region) { regions, (ULONG) (ULONG_PTR) thread[i].ClientId.UniqueThread,
+	    *r = (region) { regions,
+			    (ULONG) (ULONG_PTR) thread[i].ClientId.UniqueThread,
 			    (char *) tbi.TebBaseAddress,
 			    (char *) tbi.TebBaseAddress
 				     + 2 * wincap.page_size (),
@@ -792,8 +795,8 @@ static off_t
 format_process_maps (void *data, char *&destbuf)
 {
   _pinfo *p = (_pinfo *) data;
-  HANDLE proc = OpenProcess (PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
-			     FALSE, p->dwProcessId);
+  HANDLE proc = OpenProcess (PROCESS_QUERY_LIMITED_INFORMATION
+			     | PROCESS_VM_READ, FALSE, p->dwProcessId);
   if (!proc)
     return 0;
 
@@ -1075,7 +1078,7 @@ format_process_stat (void *data, char *&destbuf)
   QUOTA_LIMITS ql;
   SYSTEM_TIMEOFDAY_INFORMATION stodi;
   SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION spt;
-  hProcess = OpenProcess (PROCESS_VM_READ | PROCESS_QUERY_INFORMATION,
+  hProcess = OpenProcess (PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ,
 			  FALSE, p->dwProcessId);
   if (hProcess != NULL)
     {
diff --git a/winsup/cygwin/pinfo.cc b/winsup/cygwin/pinfo.cc
index 90be4a857..1ce680943 100644
--- a/winsup/cygwin/pinfo.cc
+++ b/winsup/cygwin/pinfo.cc
@@ -517,7 +517,8 @@ _pinfo::exists ()
 bool
 _pinfo::alive ()
 {
-  HANDLE h = OpenProcess (PROCESS_QUERY_INFORMATION, false, dwProcessId);
+  HANDLE h = OpenProcess (PROCESS_QUERY_LIMITED_INFORMATION, false,
+			  dwProcessId);
   if (h)
     CloseHandle (h);
   return !!h;
@@ -872,7 +873,8 @@ open_commune_proc_parms (DWORD pid, PRTL_USER_PROCESS_PARAMETERS prupp)
   PROCESS_BASIC_INFORMATION pbi;
   PEB lpeb;
 
-  proc = OpenProcess (PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, pid);
+  proc = OpenProcess (PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ,
+		      FALSE, pid);
   if (!proc)
     return NULL;
   status = NtQueryInformationProcess (proc, ProcessBasicInformation,
@@ -1243,7 +1245,7 @@ winpids::add (DWORD& nelem, bool winpid, DWORD pid)
     {
       /* Open a process to prevent a subsequent exit from invalidating the
 	 shared memory region. */
-      onreturn = OpenProcess (PROCESS_QUERY_INFORMATION, false, pid);
+      onreturn = OpenProcess (PROCESS_QUERY_LIMITED_INFORMATION, false, pid);
 
       /* If we couldn't open the process then we don't have rights to it and should
 	 make a copy of the shared memory area when it exists (it may not).  */
diff --git a/winsup/cygwin/sched.cc b/winsup/cygwin/sched.cc
index 085909ea4..3fd058ff0 100644
--- a/winsup/cygwin/sched.cc
+++ b/winsup/cygwin/sched.cc
@@ -88,7 +88,8 @@ sched_getparam (pid_t pid, struct sched_param *param)
       set_errno (ESRCH);
       return -1;
     }
-  process = OpenProcess (PROCESS_QUERY_INFORMATION, FALSE, p->dwProcessId);
+  process = OpenProcess (PROCESS_QUERY_LIMITED_INFORMATION, FALSE,
+			 p->dwProcessId);
   if (!process)
     {
       set_errno (ESRCH);
diff --git a/winsup/cygwin/times.cc b/winsup/cygwin/times.cc
index 2b1e63049..fb480513f 100644
--- a/winsup/cygwin/times.cc
+++ b/winsup/cygwin/times.cc
@@ -528,7 +528,8 @@ clock_gettime (clockid_t clk_id, struct timespec *tp)
 	  return -1;
 	}
 
-      hProcess = OpenProcess (PROCESS_QUERY_INFORMATION, 0, p->dwProcessId);
+      hProcess = OpenProcess (PROCESS_QUERY_LIMITED_INFORMATION, 0,
+			      p->dwProcessId);
       NtQueryInformationProcess (hProcess, ProcessTimes,
 				 &kut, sizeof kut, NULL);
 
@@ -550,7 +551,7 @@ clock_gettime (clockid_t clk_id, struct timespec *tp)
       if (thr_id == 0)
 	thr_id = pthread::self ()->getsequence_np ();
 
-      hThread = OpenThread (THREAD_QUERY_INFORMATION, 0, thr_id);
+      hThread = OpenThread (THREAD_QUERY_LIMITED_INFORMATION, 0, thr_id);
       if (!hThread)
 	{
 	  set_errno (EINVAL);