diff options
author | Thomas Powell <powell@progress.com> | 2023-04-05 12:29:04 -0400 |
---|---|---|
committer | Thomas Powell <powell@progress.com> | 2023-04-11 12:00:06 -0400 |
commit | 16119312661695e60a2ca0e23092947e38b6f61c (patch) | |
tree | cfff412db5687a6c13b7892ec9154656d74a83fb | |
parent | 846b1e828f574239d548a0b7a248c584d5b2b323 (diff) | |
download | chef-16119312661695e60a2ca0e23092947e38b6f61c.tar.gz |
Guard case in which FFI::Pointer gets to finalizer
Signed-off-by: Thomas Powell <powell@progress.com>
-rw-r--r-- | lib/chef/win32/handle.rb | 5 | ||||
-rw-r--r-- | lib/chef/win32/security.rb | 6 |
2 files changed, 10 insertions, 1 deletions
diff --git a/lib/chef/win32/handle.rb b/lib/chef/win32/handle.rb index a677b4021e..08242375fe 100644 --- a/lib/chef/win32/handle.rb +++ b/lib/chef/win32/handle.rb @@ -42,7 +42,10 @@ class Chef # to close the pseudo handle returned by the GetCurrentProcess function. The docs also say that it doesn't hurt to call # CloseHandle on it. However, doing so from inside of Ruby always seems to produce an invalid handle error. # The recommendation is to use GetCurrentProcess instead of the const (HANDLE)-1, to ensure we're making the correct comparison. - return if handle == GetCurrentProcess() + + # Chef::ReservedNames::Win32::Security.logon_user() creates a token with a handle this is an FFI::Pointer + # and not a valid handle. + return if handle.is_a?(FFI::Pointer) || handle == GetCurrentProcess() unless CloseHandle(handle) Chef::ReservedNames::Win32::Error.raise! diff --git a/lib/chef/win32/security.rb b/lib/chef/win32/security.rb index 3894c65b21..01d793b047 100644 --- a/lib/chef/win32/security.rb +++ b/lib/chef/win32/security.rb @@ -721,6 +721,12 @@ class Chef unless LogonUserW(username, domain, password, logon_type, logon_provider, token) Chef::ReservedNames::Win32::Error.raise! end + + # Handle.new(_non handle value_) is not ideal because the finalizer for Handle + # was silently failing when comparing the parameter with the return from + # `GetCurrentProcess()`. In this case, the value is an FFI::Pointer, but the logic + # for Token.new works the same otherwise, so I'm leaving this as is and guarding against + # trying to treat an FFI::Pointer as a Win32 handle in the finalizer. Token.new(Handle.new(token.read_pointer)) end |