fluencelabs/musl
1
0
Fork 0
mirror of https://github.com/fluencelabs/musl synced 2025-07-04 00:51:59 +00:00
Code Issues Projects Releases Wiki Activity

fix race condition in sigqueue

Browse Source 
this race is fundamentally due to linux's bogus requirement that
userspace, rather than kernelspace, fill in the siginfo structure. an
intervening signal handler that calls fork could cause both the parent
and child process to send signals claiming to be from the parent,
which could in turn have harmful effects depending on what the
recipient does with the signal. we simply block all signals for the
interval between getuid and sigqueue syscalls (much like what raise()
does already) to prevent the race and make the getuid/sigqueue pair
atomic.

this will be a non-issue if linux is fixed to validate the siginfo
structure or fill it in from kernelspace.
This commit is contained in:
Rich Felker
2011-07-30 21:11:31 -04:00
parent ad5881842e
commit 07827d1a82
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/signal/sigqueue.c
View File

@ -1,16 +1,22 @@
#include <signal.h> #include <signal.h>
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
#include <stdint.h>
#include "syscall.h" #include "syscall.h"
int sigqueue(pid_t pid, int sig, const union sigval value) int sigqueue(pid_t pid, int sig, const union sigval value)
{ {
siginfo_t si; siginfo_t si;
sigset_t set;
int r;
memset(&si, 0, sizeof si); memset(&si, 0, sizeof si);
si.si_signo = sig; si.si_signo = sig;
si.si_code = SI_QUEUE; si.si_code = SI_QUEUE;
si.si_value = value; si.si_value = value;
si.si_pid = getpid();
si.si_uid = getuid(); si.si_uid = getuid();
return syscall(SYS_rt_sigqueueinfo, pid, sig, &si); pthread_sigmask(SIG_BLOCK, (void *)(uint64_t[1]){-1}, &set);
si.si_pid = getpid();
r = syscall(SYS_rt_sigqueueinfo, pid, sig, &si);
pthread_sigmask(SIG_SETMASK, &set, 0);
return r;
} }