Block signals between forking and clearing signal handlers (or calling

event_reinit) - if the child gets a signal and fires the libevent signal handler during this period it could write a signal into the parent's signal pipe. GitHub issue 1001 from Aaron van Geffen.
author: nicm <nicm> 2017-07-12 10:04:51 +0000
committer: nicm <nicm> 2017-07-12 10:04:51 +0000
commit: 51112221eeb31ced907f0dfcf077582996c20c07 (patch)
tree: a4920177e843248ced12e53de2777260191796ca /job.c
parent: 0453ad01468460d5fca09457ed7c862685076931 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/job.c b/job.c
index ebf44595..9c6bba6e 100644
--- a/job.c
+++ b/job.c
@@ -51,6 +51,7 @@ job_run(const char *cmd, struct session *s, const char *cwd,
 	pid_t		 pid;
 	int		 nullfd, out[2];
 	const char	*home;
+	sigset_t	 set, oldset;
 
 	if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, out) != 0)
 		return (NULL);
@@ -61,14 +62,18 @@ job_run(const char *cmd, struct session *s, const char *cwd,
 	 */
 	env = environ_for_session(s, !cfg_finished);
 
+	sigfillset(&set);
+	sigprocmask(SIG_BLOCK, &set, &oldset);
 	switch (pid = fork()) {
 	case -1:
+		sigprocmask(SIG_SETMASK, &oldset, NULL);
 		environ_free(env);
 		close(out[0]);
 		close(out[1]);
 		return (NULL);
-	case 0:		/* child */
+	case 0:
 		proc_clear_signals(server_proc);
+		sigprocmask(SIG_SETMASK, &oldset, NULL);
 
 		if (cwd == NULL || chdir(cwd) != 0) {
 			if ((home = find_home()) == NULL || chdir(home) != 0)
@@ -100,7 +105,7 @@ job_run(const char *cmd, struct session *s, const char *cwd,
 		fatal("execl failed");
 	}
 
-	/* parent */
+	sigprocmask(SIG_SETMASK, &oldset, NULL);
 	environ_free(env);
 	close(out[1]);
author	nicm <nicm>	2017-07-12 10:04:51 +0000
committer	nicm <nicm>	2017-07-12 10:04:51 +0000
commit	51112221eeb31ced907f0dfcf077582996c20c07 (patch)
tree	a4920177e843248ced12e53de2777260191796ca /job.c
parent	0453ad01468460d5fca09457ed7c862685076931 (diff)