From bbea88d05df828af1b84cde61e73a57f456eef37 Mon Sep 17 00:00:00 2001 From: "Andrey A. Chernov" Date: Sun, 9 Mar 1997 20:03:51 +0000 Subject: [PATCH] I remove pending signals completely, they are not useless, they are dangerous! Signal handlers themself must be fixed to not call malloc, but no pended handlers, it will be correct fix. In finite case each signal handler can set some variable which will be analized later, but calling handler functions manually is too dangerous (f.e. signals not blocked while the handler or handlers switch executed in this case). Of course this code can be fixed instead of removing, but it not worth fixing in any case. Should go into 2.2 In addition sig.c code shows following dangerous fragments (there can be more, but I stop after two): This fragment if (fn == SIG_DFL || fn == SIG_IGN) { handler[sig-1] = (sig_type)0; <------------- here signal(sig,fn); } else { cause NULL pointer reference when signal comes "here", but more worse fragment is below: void handle_signals() { int sig; if (caused) for (sig=0; sig<__MAXSIG; sig++, caused>>=1) if (caused&1) (*handler[sig])(sig+1); } caused is bitmask which set corresponding bit on each signal coming. And now imagine, what happens when some signal comes (bit sets) while loop is executed (see caused>>=1 !!!) In this light carrier drop situation was (as gdb shows) 1. SIGSEGV in handle_signals because some junk called as *handler reference. 2. Since SIGSEGV was pended too (== never happens), it can cause various range of disasters. --- usr.sbin/ppp/Makefile | 4 +- usr.sbin/ppp/chat.c | 3 +- usr.sbin/ppp/main.c | 23 +++++------ usr.sbin/ppp/sig.c | 91 ------------------------------------------- usr.sbin/ppp/sig.h | 41 ------------------- usr.sbin/ppp/timer.c | 3 +- 6 files changed, 13 insertions(+), 152 deletions(-) delete mode 100644 usr.sbin/ppp/sig.c delete mode 100644 usr.sbin/ppp/sig.h diff --git a/usr.sbin/ppp/Makefile b/usr.sbin/ppp/Makefile index 4109587d9c8..a0cf1d23184 100644 --- a/usr.sbin/ppp/Makefile +++ b/usr.sbin/ppp/Makefile @@ -1,11 +1,11 @@ -# $Id$ +# $Id: Makefile,v 1.14 1997/02/22 16:09:55 peter Exp $ PROG= ppp SRCS= async.c auth.c ccp.c chap.c chat.c command.c filter.c fsm.c hdlc.c \ ip.c ipcp.c lcp.c lqr.c log.c main.c mbuf.c modem.c os.c \ pap.c pred.c route.c slcompress.c timer.c systems.c uucplock.c vars.c \ vjcomp.c arp.c alias.c alias_db.c alias_ftp.c alias_util.c \ - passwdauth.c sig.c + passwdauth.c #CFLAGS+= -DHAVE_SHELL_CMD_WITH_ANY_MODE CFLAGS += -Wall -DUSE_PERROR -DMSEXT -DPASSWDAUTH LDADD += -lmd -lcrypt -lutil diff --git a/usr.sbin/ppp/chat.c b/usr.sbin/ppp/chat.c index 5835de8c757..acb57c0dc1e 100644 --- a/usr.sbin/ppp/chat.c +++ b/usr.sbin/ppp/chat.c @@ -18,7 +18,7 @@ * Columbus, OH 43221 * (614)451-1883 * - * $Id: chat.c,v 1.18 1997/03/08 10:04:11 ache Exp $ + * $Id: chat.c,v 1.19 1997/03/08 12:15:58 ache Exp $ * * TODO: * o Support more UUCP compatible control sequences. @@ -36,7 +36,6 @@ #include #include #include -#include "sig.h" #include #include "timeout.h" #include "vars.h" diff --git a/usr.sbin/ppp/main.c b/usr.sbin/ppp/main.c index b3ae33251b4..729af0d5a82 100644 --- a/usr.sbin/ppp/main.c +++ b/usr.sbin/ppp/main.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: main.c,v 1.34 1997/03/08 10:04:21 ache Exp $ + * $Id$ * * TODO: * o Add commands for traffic summary, version display, etc. @@ -28,9 +28,7 @@ #include #include #include -#include #include -#include "sig.h" #include #include #include @@ -213,8 +211,8 @@ int signo; static void TerminalCont() { - pending_signal(SIGCONT, SIG_DFL); - pending_signal(SIGTSTP, TerminalStop); + (void)signal(SIGCONT, SIG_DFL); + (void)signal(SIGTSTP, TerminalStop); TtyCommandMode(getpgrp() == tcgetpgrp(0)); } @@ -222,9 +220,9 @@ static void TerminalStop(signo) int signo; { - pending_signal(SIGCONT, TerminalCont); + (void)signal(SIGCONT, TerminalCont); TtyOldMode(); - pending_signal(SIGTSTP, SIG_DFL); + signal(SIGTSTP, SIG_DFL); kill(getpid(), signo); } @@ -364,13 +362,13 @@ char **argv; if(mode & MODE_INTER) { #ifdef SIGTSTP - pending_signal(SIGTSTP, TerminalStop); + signal(SIGTSTP, TerminalStop); #endif #ifdef SIGTTIN - pending_signal(SIGTTIN, TerminalStop); + signal(SIGTTIN, TerminalStop); #endif #ifdef SIGTTOU - pending_signal(SIGTTOU, SIG_IGN); + signal(SIGTTOU, SIG_IGN); #endif } @@ -792,8 +790,6 @@ DoLoop() #ifndef SIGALRM usleep(TICKUNIT); TimerService(); -#else - handle_signals(); #endif /* If there are aren't many packets queued, look for some more. */ @@ -829,8 +825,7 @@ DoLoop() if ( i < 0 ) { if ( errno == EINTR ) { - handle_signals(); - continue; + continue; /* Got a signal - should have been dealt with */ } perror("select"); break; diff --git a/usr.sbin/ppp/sig.c b/usr.sbin/ppp/sig.c deleted file mode 100644 index 9763dab5718..00000000000 --- a/usr.sbin/ppp/sig.c +++ /dev/null @@ -1,91 +0,0 @@ -/*- - * Copyright (c) 1997 - * Brian Somers . All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $Id: sig.c,v 1.3 1997/02/23 20:01:19 brian Exp $ - * - * TODO: - * - */ - -#include -#include "sig.h" -#include -#include -#include "mbuf.h" -#include "log.h" - -#define __MAXSIG (32) /* Sizeof u_long: Make life convenient.... */ -static u_long caused; /* A mask of pending signals */ -static sig_type handler[ __MAXSIG ]; /* all start at SIG_DFL */ - - -/* Record a signal in the "caused" mask */ - -static void signal_recorder(int sig) { - if (sig > 0 && sig <= __MAXSIG) - caused |= (1<<(sig-1)); -} - - -/* - set up signal_recorder, and record handler as the function to ultimately - call in handle_signal() -*/ - -sig_type pending_signal(int sig,sig_type fn) { - sig_type Result; - - if (sig <= 0 || sig > __MAXSIG) { - /* Oops - we must be a bit out of date (too many sigs ?) */ - logprintf("Eeek! %s:%s: I must be out of date!\n",__FILE__,__LINE__); - return signal(sig,fn); - } - - Result = handler[sig-1]; - if (fn == SIG_DFL || fn == SIG_IGN) { - handler[sig-1] = (sig_type)0; - signal(sig,fn); - } else { - handler[sig-1] = fn; - signal(sig,signal_recorder); - } - caused &= ~(1<<(sig-1)); - return Result; -} - - -/* Call the handlers for any pending signals */ - -void handle_signals() { - int sig; - - if (caused) - for (sig=0; sig<__MAXSIG; sig++, caused>>=1) - if (caused&1) - (*handler[sig])(sig+1); -} diff --git a/usr.sbin/ppp/sig.h b/usr.sbin/ppp/sig.h deleted file mode 100644 index cbc41d56453..00000000000 --- a/usr.sbin/ppp/sig.h +++ /dev/null @@ -1,41 +0,0 @@ -/*- - * Copyright (c) 1997 - * Brian Somers . All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $Id: sig.h,v 1.4 1997/02/23 20:01:20 brian Exp $ - * - * TODO: - * - */ - -typedef void (*sig_type)(int); - -/* Call this instead of signal() */ -extern sig_type pending_signal __P((int, sig_type)); - -/* Call this when you want things to *actually* happen */ -extern void handle_signals __P((void)); diff --git a/usr.sbin/ppp/timer.c b/usr.sbin/ppp/timer.c index 236bdbe169f..978ea63a0f2 100644 --- a/usr.sbin/ppp/timer.c +++ b/usr.sbin/ppp/timer.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: timer.c,v 1.10 1997/02/25 14:05:17 brian Exp $ + * $Id: timer.c,v 1.11 1997/03/08 09:55:42 ache Exp $ * * TODO: */ @@ -26,7 +26,6 @@ #include #include "timeout.h" #include -#include "sig.h" #ifdef SIGALRM #include #endif