From 6b278252cd994a866bd4cf15025033dd8afbd02b Mon Sep 17 00:00:00 2001
From: Eric Wong <e@80x24.org>
Date: Mon, 11 Sep 2023 09:41:32 +0000
Subject: [PATCH] spawn: do not block ABRT/BUS/ILL/SEGV signals

SIGABRT, SIGBUS, SIGILL, and SIGSEGV may all happen if we
introduce bugs in the section where signals are blocked.

We can delay handling of SIGFPE, SIGXCPU and SIGXFSZ since
there's no floating point operations; while SIGXCPU and
SIGXFSZ are safe to delay, especially in the absence of
threads in our current code paths.
---
 lib/PublicInbox/Spawn.pm   | 11 ++++++++---
 lib/PublicInbox/SpawnPP.pm |  4 ++++
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/lib/PublicInbox/Spawn.pm b/lib/PublicInbox/Spawn.pm
index 17d87f57c..ed698afc6 100644
--- a/lib/PublicInbox/Spawn.pm
+++ b/lib/PublicInbox/Spawn.pm
@@ -92,18 +92,23 @@ int pi_fork_exec(SV *redirref, SV *file, SV *cmdref, SV *envref, SV *rlimref,
 	sigset_t set, old;
 	int ret, perrnum;
 	volatile int cerrnum = 0; /* shared due to vfork */
-	int chld_is_member;
+	int chld_is_member; /* needed due to shared memory w/ vfork */
 	I32 max_fd = av_len(redir);
 
 	AV2C_COPY(argv, cmd);
 	AV2C_COPY(envp, env);
 
 	if (sigfillset(&set)) return -1;
+	if (sigdelset(&set, SIGABRT)) return -1;
+	if (sigdelset(&set, SIGBUS)) return -1;
+	if (sigdelset(&set, SIGFPE)) return -1;
+	if (sigdelset(&set, SIGILL)) return -1;
+	if (sigdelset(&set, SIGSEGV)) return -1;
+	/* no XCPU/XFSZ here */
 	if (sigprocmask(SIG_SETMASK, &set, &old)) return -1;
 	chld_is_member = sigismember(&old, SIGCHLD);
 	if (chld_is_member < 0) return -1;
-	if (chld_is_member > 0)
-		sigdelset(&old, SIGCHLD);
+	if (chld_is_member > 0 && sigdelset(&old, SIGCHLD)) return -1;
 
 	pid = vfork();
 	if (pid == 0) {
diff --git a/lib/PublicInbox/SpawnPP.pm b/lib/PublicInbox/SpawnPP.pm
index d6c863f81..e7174d6f0 100644
--- a/lib/PublicInbox/SpawnPP.pm
+++ b/lib/PublicInbox/SpawnPP.pm
@@ -15,6 +15,10 @@ sub pi_fork_exec ($$$$$$$) {
 	my $old = POSIX::SigSet->new();
 	my $set = POSIX::SigSet->new();
 	$set->fillset or die "sigfillset: $!";
+	for (POSIX::SIGABRT, POSIX::SIGBUS, POSIX::SIGFPE,
+			POSIX::SIGILL, POSIX::SIGSEGV) {
+		$set->delset($_) or die "delset($_): $!";
+	}
 	sigprocmask(SIG_SETMASK, $set, $old) or die "SIG_SETMASK(set): $!";
 	my $syserr;
 	pipe(my ($r, $w)) or die "pipe: $!";
-- 
2.47.2