Code review of ncat_exec_win.c requested

[David Fifield <david () bamsoftware com>]

Hi all,

One of the new abilities of Ncat in the 4.85BETA4 release is support for
--exec and --sh-exec on Windows. Getting this to work was difficult
because Windows doesn't have the fork system call, is weird with repect
to file handle inheritance, and doesn't let you select on anything but
sockets. My hope is that all the internal complexity that makes it work
is hidden from the user and command execution on Windows feels just like
it does on Unix.

I would like someone to review the Windows command execution code in
ncat_exec_win.c. That file is 440 lines with some fairly tricky bits.
Yesterday I discovered a potential race condition in the table of
running processes (we have to keep such a table in order to kill child
processes when Ncat exits). I am also concerned that there may be
resource leaks because the Windows API is still new to me. It's hard to
review your own code because you tend to mentally skip over the
problems. I'm looking for comments like: "This is a potential
problem..." or "I had trouble understanding this part..."

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org