HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS361112

sh: Fix double INTON with vfork
rS361112
Actions

Description

sh: Fix double INTON with vfork

The shell maintains a count of the number of times SIGINT processing has
been disabled via INTOFF, so SIGINT processing resumes when all disables
have enabled again (INTON).

If an error occurs in a vfork() child, the processing of the error enables
SIGINT processing again, and the INTON in vforkexecshell() causes the count
to become negative.

As a result, a later INTOFF may not actually disable SIGINT processing. This
might cause memory corruption if a SIGINT arrives at an inopportune time. As
of r360452, it causes the shell to abort when it would unsafely allocate or
free memory in certain ways.

Note that various places such as errors in non-special builtins
unconditionally reset the count to 0, so the problem might still not always
be visible.

PR: 246497
Reported by: jbeich
MFC after: 2 weeks

Details

Provenance
jillesAuthored on
Parents
rS361111: cam: ANSIfy 0-argument function definitions
Branches
Unknown
Tags
Unknown

Changes (3)

PathSize
head/
bin/
sh/
tests/
execution/

rS361112

View Options

head/bin/sh/jobs.c

Loading...
View Options

head/bin/sh/tests/execution/Makefile

Loading...
View Options

head/bin/sh/tests/execution/unknown2.0

Loading...