From 0453ad01468460d5fca09457ed7c862685076931 Mon Sep 17 00:00:00 2001 From: nicm Date: Wed, 12 Jul 2017 09:24:17 +0000 Subject: Move signal code into proc.c. --- job.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'job.c') diff --git a/job.c b/job.c index e69ba41b..ebf44595 100644 --- a/job.c +++ b/job.c @@ -68,7 +68,7 @@ job_run(const char *cmd, struct session *s, const char *cwd, close(out[1]); return (NULL); case 0: /* child */ - clear_signals(1); + proc_clear_signals(server_proc); if (cwd == NULL || chdir(cwd) != 0) { if ((home = find_home()) == NULL || chdir(home) != 0) -- cgit v1.2.3 From 51112221eeb31ced907f0dfcf077582996c20c07 Mon Sep 17 00:00:00 2001 From: nicm Date: Wed, 12 Jul 2017 10:04:51 +0000 Subject: Block signals between forking and clearing signal handlers (or calling event_reinit) - if the child gets a signal and fires the libevent signal handler during this period it could write a signal into the parent's signal pipe. GitHub issue 1001 from Aaron van Geffen. --- job.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'job.c') diff --git a/job.c b/job.c index ebf44595..9c6bba6e 100644 --- a/job.c +++ b/job.c @@ -51,6 +51,7 @@ job_run(const char *cmd, struct session *s, const char *cwd, pid_t pid; int nullfd, out[2]; const char *home; + sigset_t set, oldset; if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, out) != 0) return (NULL); @@ -61,14 +62,18 @@ job_run(const char *cmd, struct session *s, const char *cwd, */ env = environ_for_session(s, !cfg_finished); + sigfillset(&set); + sigprocmask(SIG_BLOCK, &set, &oldset); switch (pid = fork()) { case -1: + sigprocmask(SIG_SETMASK, &oldset, NULL); environ_free(env); close(out[0]); close(out[1]); return (NULL); - case 0: /* child */ + case 0: proc_clear_signals(server_proc); + sigprocmask(SIG_SETMASK, &oldset, NULL); if (cwd == NULL || chdir(cwd) != 0) { if ((home = find_home()) == NULL || chdir(home) != 0) @@ -100,7 +105,7 @@ job_run(const char *cmd, struct session *s, const char *cwd, fatal("execl failed"); } - /* parent */ + sigprocmask(SIG_SETMASK, &oldset, NULL); environ_free(env); close(out[1]); -- cgit v1.2.3