[lintian] 01/01: do_fork: Fix possible fork-bomb situation on error
This is an automated email from the git hooks/post-receive script.
nthykier pushed a commit to branch master
in repository lintian.
commit c28a134b64c11954810164c1e08817477796007e
Author: Niels Thykier <niels@thykier.net>
Date: Sat Apr 7 06:28:24 2018 +0000
do_fork: Fix possible fork-bomb situation on error
Signed-off-by: Niels Thykier <niels@thykier.net>
---
debian/changelog | 3 +++
lib/Lintian/Util.pm | 12 ++++++++++--
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 7c0ebeb..70d5015 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -68,6 +68,9 @@ lintian (2.5.81) UNRELEASED; urgency=medium
prevents, for example, "directory(s)" from triggering false-positive
whilst still warning about "directorys". Thanks to Patrick Matthäi
for the report. (Closes: #894077)
+ * lib/Lintian/Util.pm:
+ + [NT] Fix a bug in do_fork that could cause lintian to fork bomb.
+ (See #890873)
-- Chris Lamb <lamby@debian.org> Sun, 18 Mar 2018 22:55:23 -0400
diff --git a/lib/Lintian/Util.pm b/lib/Lintian/Util.pm
index bd18052..be8c6cb 100644
--- a/lib/Lintian/Util.pm
+++ b/lib/Lintian/Util.pm
@@ -904,8 +904,16 @@ sub do_fork() {
}
}
}
- sigprocmask(SIG_SETMASK, $orig_mask, undef)
- or die("sigprocmask failed: $!\n");
+ if (!sigprocmask(SIG_SETMASK, $orig_mask, undef)) {
+ # The child MUST NOT use die as the caller cannot distinguish
+ # the caller from the child via an exception.
+ my $sigproc_error = $!;
+ if (not defined($pid) or $pid != 0) {
+ die("sigprocmask failed (do_fork, parent): $sigproc_error\n");
+ }
+ print STDERR "sigprocmask failed (do_fork, child): $sigproc_error\n";
+ POSIX::_exit(255);
+ }
if (not defined($pid)) {
$! = $fork_error;
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: