GNU bug report logs - #25624
[PATCH] timeout: Fix signal race in SIGALRM handling

Previous Next

Package: coreutils;

Reported by: Tobias Stoeckmann <tobias <at> stoeckmann.org>

Date: Sun, 5 Feb 2017 12:24:01 UTC

Severity: normal

Tags: patch

Done: Pádraig Brady <P <at> draigBrady.com>

Bug is archived. No further changes may be made.

Full log

Message #14 received at 25624 <at> debbugs.gnu.org (full text, mbox):

From: Tobias Stoeckmann <tobias <at> stoeckmann.org>
To: Paul Eggert <eggert <at> cs.ucla.edu>
Cc: Pádraig Brady <P <at> draigBrady.com>, 25624 <at> debbugs.gnu.org
Subject: Re: bug#25624: [PATCH] timeout: Fix signal race in SIGALRM handling
Date: Sun, 5 Feb 2017 19:50:14 +0100

On Sun, Feb 05, 2017 at 10:26:35AM -0800, Paul Eggert wrote:
> Pádraig Brady wrote:
> > In general this is a largely theoretical race right?
> > I.E. pids would need to be recycled between the waitpid() and exit()?
> 
> Not that theoretical, in the common case of systems with wraparaound PIDs
> and a small PID space. All you need is a long-running child on a busy
> system.

Yes, normally it is small enough to overflow in less than a minute if an
attacker runs fork() kill() in a loop.

I have updated the patch so it passes the test. As I don't have enough
experience in portable #ifdef's for all supported systems, I hope you can
adjust the patch as needed.

Tobias

This bug report was last modified 8 years and 183 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #25624 [PATCH] timeout: Fix signal race in SIGALRM handling

GNU bug report logs - #25624
[PATCH] timeout: Fix signal race in SIGALRM handling