git.ipfire.org Git - thirdparty/coreutils.git/commit

author	Tobias Stoeckmann <tobias@stoeckmann.org>
	Sun, 5 Feb 2017 12:23:22 +0000 (13:23 +0100)
committer	Pádraig Brady <P@draigBrady.com>
	Fri, 10 Feb 2017 06:15:43 +0000 (22:15 -0800)
commit	2f69dba5df8caaf9eda658c1808b1379e9949f22
tree	06b6591378063be7c68882eb1cac0698eb25b20b	tree
parent	99deaff7e804298cecc326142bbe7263e2576224	commit \| diff

timeout: fix race possibly terminating wrong process

The race is unlikely, as timeout(1) needs to receive a signal
in the few operations between waitpid() returning and exit().
Also the system needs to have reallocated the just released pid
in this time window.

Previously we never disabled the signal handler that sent
the termination signal to the "child" pid. However once waitpid()
has reaped the child, the system is free to allocate that pid,
so we must ensure we don't process any further signals.

* build-aux/gen-lists-of-programs.sh: Build timeout(1) optionally...
* configure.ac: ...predicated on sigsuspend() being available.
* src/timeout.c (block_cleanup): A new function to ensure the
cleanup() handler is disabled after waitpid has returned.
(main): Use sigsuspend() to wait with cleanup() enabled but
disabled once it returns, and thus disabled for the waitpid() call.
(monitored_pid): Change to the more accurate pid_t.
* NEWS: Mention the fix.

Fixes http://bugs.gnu.org/25624

NEWS		diff \| blob \| blame \| history
build-aux/gen-lists-of-programs.sh		diff \| blob \| blame \| history
configure.ac		diff \| blob \| blame \| history
src/timeout.c		diff \| blob \| blame \| history