https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=e206c39bb6bf91808dbcd2cfbd572525825982cd
commit e206c39bb6bf91808dbcd2cfbd572525825982cd Author: Corinna Vinschen <cori...@vinschen.de> Date: Thu Apr 12 09:43:12 2018 +0200 Cygwin: fix guard checking for current user's AuthZ context Signed-off-by: Corinna Vinschen <cori...@vinschen.de> Diff: --- winsup/cygwin/sec_helper.cc | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc index 3478360..a1d8cba 100644 --- a/winsup/cygwin/sec_helper.cc +++ b/winsup/cygwin/sec_helper.cc @@ -821,12 +821,16 @@ authz_ctx::get_user_attribute (mode_t *attribute, PSECURITY_DESCRIPTOR psd, if (RtlEqualSid (user_sid, cygheap->user.sid ()) && !cygheap->user.issetuid ()) { + /* Avoid lock in default case. */ if (!user_ctx_hdl) { authz_guard.acquire (); - if (!AuthzInitializeContextFromToken (0, hProcToken, authz, NULL, - authz_dummy_luid, NULL, - &user_ctx_hdl)) + /* Check user_ctx_hdl again under lock to avoid overwriting + user_ctx_hdl if it has already been initialized. */ + if (!user_ctx_hdl + && !AuthzInitializeContextFromToken (0, hProcToken, authz, NULL, + authz_dummy_luid, NULL, + &user_ctx_hdl)) debug_printf ("AuthzInitializeContextFromToken, %E"); authz_guard.release (); }