Wed Jan 12 11:19:29 2011: Request 64717 was acted upon.
Transaction: Ticket created by TIMBRODY
Queue: Win32-Daemon
Subject: GetStatus() resets timer
Broken in: 20101014
Severity: Important
Owner: Nobody
Requestors: [email protected]
Status: new
Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=64717 >
It looks like getting the service status (e.g. via
Win32::Service::GetStatus) resets the timer in Win32::Daemon. If a
process queries the service status more frequently than the timer period
set during StartService() the 'running' callback will never get executed.
This is an edge case but would allow a non-privileged user to trivially
DoS a Win32::Daemon service e.g.
while(1)
{
Win32::Service::GetStatus('','ServiceID',my $s);
sleep(1);
}
