Home Esplora contacts
Accedi
LDA010
/
bug_ebuild
Segui 0
Vota 0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Ramo (Branch): master
Rami (Branch) Tag
bug_ebuild
/
gentoo
/
sys-libs
/
libnih
/
files
/
libnih-1.0.3-signal-race.patch

libnih-1.0.3-signal-race.patch 2.0 KB
Permalink Cronologia Originale

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 
  1. https://bugs.launchpad.net/libnih/+bug/518921
    2. 

  2. 

  3. fix race in signal processing leading to lost signals
    4. 

  4. 

  5. The current loop will walk all signals one by one and run the handler
    6. 

  6. for it if any signals were pending.  Then it clears the array.  But if
    7. 

  7. a signal comes in for an earlier checked signal, it will get clobbered
    8. 

  8. when the final clear runs.
    9. 

  9. 

  10. Change the logic so that we only clear entries for signals whose handler
    11. 

  11. we explicitly call.  If a different signal comes in, we'll process it
    12. 

  12. the next time around.
    13. 

  13. 

  14. This was discovered & triaged by Jeffy Chen from Rockchip.
    15. 

  15. 

  16. === modified file 'nih/signal.c'
    17. 

  17. --- nih/signal.c	2009-06-23 09:29:37 +0000
    18. 

  18. +++ nih/signal.c	2015-05-21 08:12:11 +0000
    19. 

  19. @@ -337,17 +337,37 @@
    20. 

  20.  
    21. 

  21.  	nih_signal_init ();
    22. 

  22.  
    23. 

  23. +	/* Since this poller runs w/out signals masked, we do not want to try
    24. 

  24. +	 * and clear any other signals (like zeroing the caught array at the
    25. 

  25. +	 * end).  If we do that, we open a race:
    26. 

  26. +	 * - Walk the list of signals.
    27. 

  27. +	 * - First one is not set so we move on to the second one.
    28. 

  28. +	 * - First signal comes in while processing second and increments the
    29. 

  29. +	 *   caught array entry.
    30. 

  30. +	 * - Finish walking the whole list.
    31. 

  31. +	 * - Zero out the whole list and thus throw away the first signal.
    32. 

  32. +	 * Since the signal handlers can take any length of time, this race
    33. 

  33. +	 * can be open for a variable amount of time.
    34. 

  34. +	 */
    35. 

  35. +
    36. 

  36.  	NIH_LIST_FOREACH_SAFE (nih_signals, iter) {
    37. 

  37.  		NihSignal *signal = (NihSignal *)iter;
    38. 

  38.  
    39. 

  39.  		if (! signals_caught[signal->signum])
    40. 

  40.  			continue;
    41. 

  41.  
    42. 

  42. +		/* Now that we know we're going to process this signal, clear
    43. 

  43. +		 * out all pending counts for it.  There is a slight race here
    44. 

  44. +		 * where the same signal can come in, but the API has never
    45. 

  45. +		 * guaranteed exact coverage since POSIX does not provide it --
    46. 

  46. +		 * more than one signal can be collapsed into one event.  All
    47. 

  47. +		 * we can guarantee is that we'll notice signals that come in
    48. 

  48. +		 * once the handler runs.
    49. 

  49. +		 */
    50. 

  50. +		signals_caught[signal->signum] = 0;
    51. 

  51. +
    52. 

  52.  		signal->handler (signal->data, signal);
    53. 

  53.  	}
    54. 

  54. -
    55. 

  55. -	for (s = 0; s < NUM_SIGNALS; s++)
    56. 

  56. -		signals_caught[s] = 0;
    57. 

  57.  }
    58. 

  58.  
    59. 

  59.  
    60. 

  60. 

  61.