[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#12261: marked as done (xterm: closes its pty too early)

Your message dated Mon, 18 Jun 2007 13:47:09 +0000
with message-id <E1I0HZV-0003Wo-5S@ries.debian.org>
and subject line Bug#12261: fixed in xterm 226-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: xbase

In main.c:Exit(), xterm has this bit of code:

| #ifndef AMOEBA
|         close(term->screen.respond); /* close explicitly to avoid race with slave side */
| #endif
|         if(term->screen.logging)
|                 CloseLog(&term->screen);
| #endif
| #ifndef AMOEBA
|         if (!am_slave) {
|                 /* restore ownership of tty and pty */
|                 chown (ttydev, 0, 0);
| #if (!defined(__sgi) && !defined(__osf__))
|                 chown (ptydev, 0, 0);
| #endif
|                 /* restore modes of tty and pty */
|                 chmod (ttydev, 0666);
| #if (!defined(__sgi) && !defined(__osf__))
|                 chmod (ptydev, 0666);
| #endif
|         }
| #endif /* AMOEBA */

The variable term->screen.respond contains the file descriptor for the
pty device that corresponds to the filename in ptydev.  The variable
ttydev contains the filename of the tty device that corresponds to the
pty device.

Between the close(term->screen.respond) and the chown and chmod calls,
there is a window in which another process can open the now-freed pty,
set the appropriate ownership and permissions on the corresponding tty
device, and start using it.  Then xterm comes along and sets the tty
to world readable and writeable :)

Exchanging the close and the chmod calls will close that window, but
open another.  It will become possible for another process to jump in
and open the tty, then write to xterm's child process via that

I don't see a solution here.  Please refer to bugs #7112 and #988 for
similarly thorny pseudotty problems.

--- End Message ---
--- Begin Message ---
Source: xterm
Source-Version: 226-1

We believe that the bug you reported is fixed in the latest version of
xterm, which is due to be installed in the Debian FTP archive:

  to pool/main/x/xterm/xterm_226-1.diff.gz
  to pool/main/x/xterm/xterm_226-1.dsc
  to pool/main/x/xterm/xterm_226-1_i386.deb
  to pool/main/x/xterm/xterm_226.orig.tar.gz

A summary of the changes between this version and the previous one is

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 12261@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
Julien Cristau <jcristau@debian.org> (supplier of updated xterm package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)

Hash: SHA1

Format: 1.7
Date: Mon, 18 Jun 2007 14:02:22 +0100
Source: xterm
Binary: xterm
Architecture: source i386
Version: 226-1
Distribution: unstable
Urgency: low
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
 xterm      - X terminal emulator
Closes: 12261 349142 418324 420974 421523 422521 426364 426863
 xterm (226-1) unstable; urgency=low
   [ Branden Robinson ]
   * Remove debian/NEWS; the events it attested to (like the "upcoming 7.0
     modularization" are no longer news, and are in the past.
   [ Julien Cristau ]
   * Configure with --with-tty-group=tty, to prevent security problems in case
     of buggy build environment (closes: #349142).
   * New upstream release.
     + fix  an  infinite  loop  when  showing  a  2-column character in a
       1-column screen (closes: #426863).
     + add  XF86Paste  and  SunPaste  to the default translations
       (closes: #422521, patch by Bernhard R Link).
     + improve  permissions  logic  when  closing pseudo-terminal
       (closes: #12261, patch by Nathanael Nerode, analysis by Richard
     + add  a check in case someone tries to call the popup-menu() action
       on a menu which is not initialized (closes: #426364).
     + fix error-checking on internal font switching for "Selection" menu
       entry (closes: #421523).
     + amend select/paste change from patch #225 by limiting it to
       non-UTF-8/non-KOI8-R encoding (closes: #420974).
     + add  workaround  for  groff  ".URL" codes which are not present in
       some commonly-used bitmap fonts (closes: #418324).
   * Update reference to xlibs-data in xterm's description, refer to xbitmaps
   * Build-depend on desktop-file-utils to install the new desktop files for
     xterm and uxterm, and change debian/rules and debian/xterm.install to
     install these files and the icons.
 104129b8aabcf3498c64be24716de973 825 x11 optional xterm_226-1.dsc
 93d1f43ac3c13af86c598493f14a36f6 835862 x11 optional xterm_226.orig.tar.gz
 57ae2778e0a806deb01a41cc6fee0292 61616 x11 optional xterm_226-1.diff.gz
 94f81ecbb70c7cf120552b2a5a4bdeb2 452080 x11 optional xterm_226-1_i386.deb

Version: GnuPG v1.4.6 (GNU/Linux)


--- End Message ---

Reply to: