Bug#498678: sigdie must not be called from a signal handler context
Package: openssh-server
Version: 4.3p2-9etch2
This code:
void
sigdie(const char *fmt,...)
{
va_list args;
va_start(args, fmt);
do_log(SYSLOG_LEVEL_FATAL, fmt, args);
va_end(args);
_exit(1);
}
is not safe to call from signal handlers (mainly due to snprintf-type
formatting and syslog calls in do_log). However, it is called from a
signal handler in sshd.c:
/*
* Signal handler for the alarm after the login grace period has expired.
*/
static void
grace_alarm_handler(int sig)
{
if (use_privsep && pmonitor != NULL && pmonitor->m_pid > 0)
kill(pmonitor->m_pid, SIGALRM);
/* Log error and exit. */
sigdie("Timeout before authentication for %s", get_remote_ipaddr());
}
Reply to: