Package: unhide
Version: 20071102-2
Severity: important
Tags: patch
"unhide sys" works like this:
* Do a syscall on a PID.
* If that PID exists:
* Launch ps using popen()
* Verify that the PID is listed
* Close the popen()ed stream with pclose()
* pclose() implicitly calls wait() to make sure the ps process has finished.
However, since the main() function does signal(SIGCHLD, SIG_IGN), the wait()
call will just return ECHILD, regardless of
whether ps has finished or not.
Then, the next syscall finds the ps process that is still alive. But before
launching the next ps process, the previous
one dies. And we have a hidden process!
Since this is a race, it behaves erratically, but I sometimes get a list of
over 20 hidden processes this way. This got
much more obvious after upgrading from 2.6.22 to 2.6.24.
Will attach patch, as well as strace output demonstrating the problem.
As it is now, I can't use unhide.
Regards //Johan
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (990, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores)
Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
-- no debconf information
diff -ur unhide-20071102.orig/unhide-linux26.c unhide-20071102/unhide-linux26.c
--- unhide-20071102.orig/unhide-linux26.c 2007-11-12 22:23:39.000000000 +0100
+++ unhide-20071102/unhide-linux26.c 2008-05-17 09:53:11.000000000 +0200
@@ -466,8 +466,6 @@
int main (int argc, char *argv[]) {
- signal(SIGCHLD, SIG_IGN);
-
printf ("Unhide 02-11-2007 \n") ;
printf ("[EMAIL PROTECTED]") ;
