From d0f09d16f3c4a7406cd20822c9d1a4ddbc6477f8 Mon Sep 17 00:00:00 2001
From: "H. Vetinari" <h.vetinari@gmx.com>
Date: Fri, 23 Aug 2024 19:14:24 +1100
Subject: [PATCH] document overall idea of win_forwarder.c

---
 recipe/win_forwarder.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/recipe/win_forwarder.c b/recipe/win_forwarder.c
index c08cbd3f..52945632 100644
--- a/recipe/win_forwarder.c
+++ b/recipe/win_forwarder.c
@@ -5,6 +5,18 @@
 #include <string.h>
 #include <tchar.h>
 
+// the idea here is as follows; this wrapper will be compiled and renamed into
+// a file corresponding to the versioned binaries created in install_llvm.bat.
+// For example, we'll have llc.exe and llc-19.exe, both under %LIBRARY_BIN%.
+// To avoid security holes, we ensure that the wrapper can only call binaries
+// in %LIBRARY_BIN%, otherwise we fail. For example:
+//  * user calls `llc -version`; argv[0] == "llc", argv[1] == "-version"
+//  * determine path of calling binary, i.e. %LIBRARY_BIN%\llc.exe
+//  * construct versioned path, i.e. %LIBRARY_BIN%\llc-19.exe
+//  * collect all other arguments & quote them, e.g. `"argv[1]" "argv[2]" ...`
+//  * invoke `%LIBRARY_BIN%\llc-19.exe "argv[1]" "argv[2]" ...`
+//  * collect return value from inner call and return the same from wrapper
+
 int _tmain( int argc, TCHAR *argv[] )
 {
     STARTUPINFO si;