From df93a948b1b9f8106a6f0581e214c81496b4a5a2 Mon Sep 17 00:00:00 2001
From: Ralf Habacker <ralf.habacker@freenet.de>
Date: Tue, 24 Apr 2018 10:37:15 +0200
Subject: [PATCH] On windows lock client pid to avoid pid reusage

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83499
---
 dbus/dbus-credentials.c | 28 ++++++++++++++++++++++++++++
 dbus/dbus-credentials.h |  5 +++++
 dbus/dbus-sysdeps-win.c | 12 ++++++++++++
 3 files changed, 45 insertions(+)

diff --git a/dbus/dbus-credentials.c b/dbus/dbus-credentials.c
index 4a7bafd1..f453ad56 100644
--- a/dbus/dbus-credentials.c
+++ b/dbus/dbus-credentials.c
@@ -56,6 +56,10 @@ struct DBusCredentials {
   char *linux_security_label;
   void *adt_audit_data;
   dbus_int32_t adt_audit_data_size;
+#ifdef DBUS_WIN
+  /** handle to lock client pid */
+  HANDLE process_handle;
+#endif
 };
 
 /** @} */
@@ -88,6 +92,9 @@ _dbus_credentials_new (void)
   creds->linux_security_label = NULL;
   creds->adt_audit_data = NULL;
   creds->adt_audit_data_size = 0;
+#ifdef DBUS_WIN
+  creds->process_handle = 0;
+#endif
 
   return creds;
 }
@@ -143,6 +150,9 @@ _dbus_credentials_unref (DBusCredentials    *credentials)
       dbus_free (credentials->windows_sid);
       dbus_free (credentials->linux_security_label);
       dbus_free (credentials->adt_audit_data);
+#ifdef DBUS_WIN
+      CloseHandle(credentials->process_handle);
+#endif
       dbus_free (credentials);
     }
 }
@@ -163,6 +173,21 @@ _dbus_credentials_add_pid (DBusCredentials    *credentials,
 }
 
 /**
+ * Add a Windows process handle to the credentials.
+ *
+ * @param credentials the object
+ * @param process_handle the process handle
+ * @returns #FALSE if no memory
+ */
+dbus_bool_t
+_dbus_credentials_add_process_handle (DBusCredentials    *credentials,
+                                      HANDLE             process_handle)
+{
+  credentials->process_handle = process_handle;
+  return TRUE;
+}
+
+/**
  * Add a UNIX user ID to the credentials.
  *
  * @param credentials the object
@@ -604,6 +629,9 @@ _dbus_credentials_clear (DBusCredentials    *credentials)
   dbus_free (credentials->adt_audit_data);
   credentials->adt_audit_data = NULL;
   credentials->adt_audit_data_size = 0;
+#ifdef DBUS_WIN
+  credentials->process_handle = 0;
+#endif
 }
 
 /**
diff --git a/dbus/dbus-credentials.h b/dbus/dbus-credentials.h
index 3407b725..d7e07fea 100644
--- a/dbus/dbus-credentials.h
+++ b/dbus/dbus-credentials.h
@@ -50,6 +50,11 @@ void             _dbus_credentials_unref                    (DBusCredentials
 DBUS_PRIVATE_EXPORT
 dbus_bool_t      _dbus_credentials_add_pid                  (DBusCredentials    *credentials,
                                                              dbus_pid_t          pid);
+#ifdef DBUS_WIN
+DBUS_PRIVATE_EXPORT
+dbus_bool_t     _dbus_credentials_add_process_handle        (DBusCredentials    *credentials,
+                                                             HANDLE              process_handle);
+#endif
 DBUS_PRIVATE_EXPORT
 dbus_bool_t      _dbus_credentials_add_unix_uid             (DBusCredentials    *credentials,
                                                              dbus_uid_t          uid);
diff --git a/dbus/dbus-sysdeps-win.c b/dbus/dbus-sysdeps-win.c
index c1eb073e..10e25d4e 100644
--- a/dbus/dbus-sysdeps-win.c
+++ b/dbus/dbus-sysdeps-win.c
@@ -2073,6 +2073,18 @@ _dbus_read_credentials_socket  (DBusSocket       handle,
     return TRUE;
 
   _dbus_credentials_add_pid (credentials, pid);
+#ifdef DBUS_WIN
+  {
+    HANDLE process_handle = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, pid);
+    if (process_handle == NULL)
+      {
+        dbus_set_error (error, DBUS_ERROR_IO_ERROR,
+                        "could not get peer's process handle");
+        goto out;
+      }
+      _dbus_credentials_add_process_handle (credentials, process_handle);
+    }
+#endif
 
   if (_dbus_getsid (&sid, pid))
     {
-- 
2.12.3