[EGIT] [core/efl] master 02/02: efl/ecore exe - more paranoia - block sig handlers between fork + exec

Fri, 21 Aug 2020 01:30:54 -0700 

raster pushed a commit to branch master.

http://git.enlightenment.org/core/efl.git/commit/?id=31c343b77c7967f1c6c7eba4c8dca06c2df5ed89

commit 31c343b77c7967f1c6c7eba4c8dca06c2df5ed89
Author: Carsten Haitzler (Rasterman) <ras...@rasterman.com>
Date:   Fri Aug 21 09:06:34 2020 +0100

    efl/ecore exe - more paranoia - block sig handlers between fork + exec
    
    in theory signal handlers could kick in after fork and before exec...
    so block them until we're exec'd or exited so they don't change any
    program state.
---
 src/lib/ecore/ecore_exe_posix.c | 47 +++++++++++++++++++++++++++++++++++++----
 src/lib/ecore/efl_exe.c         | 45 ++++++++++++++++++++++++++++++++++++---
 2 files changed, 85 insertions(+), 7 deletions(-)

diff --git a/src/lib/ecore/ecore_exe_posix.c b/src/lib/ecore/ecore_exe_posix.c
index 895875c8c3..85b7adee45 100644
--- a/src/lib/ecore/ecore_exe_posix.c
+++ b/src/lib/ecore/ecore_exe_posix.c
@@ -300,6 +300,45 @@ _impl_ecore_exe_efl_object_finalize(Eo *obj, 
Ecore_Exe_Data *exe)
       }
       else if (pid == 0) /* child */
       {
+         sigset_t newset;
+
+         sigemptyset(&newset);
+         sigaddset(&newset, SIGPIPE);
+         sigaddset(&newset, SIGALRM);
+         sigaddset(&newset, SIGCHLD);
+         sigaddset(&newset, SIGUSR1);
+         sigaddset(&newset, SIGUSR2);
+         sigaddset(&newset, SIGHUP);
+         sigaddset(&newset, SIGQUIT);
+         sigaddset(&newset, SIGINT);
+         sigaddset(&newset, SIGTERM);
+         sigaddset(&newset, SIGBUS);
+         sigaddset(&newset, SIGCONT);
+         sigaddset(&newset, SIGWINCH);
+#ifdef SIGEMT
+         sigaddset(&newset, SIGEMT);
+#endif
+#ifdef SIGIO
+         sigaddset(&newset, SIGIO);
+#endif
+#ifdef SIGTSTP
+         sigaddset(&newset, SIGTSTP);
+#endif
+#ifdef SIGTTIN
+         sigaddset(&newset, SIGTTIN);
+#endif
+#ifdef SIGTTOU
+         sigaddset(&newset, SIGTTOU);
+#endif
+#ifdef SIGVTALRM
+         sigaddset(&newset, SIGVTALRM);
+#endif
+#ifdef SIGPWR
+         sigaddset(&newset, SIGPWR);
+#endif
+         // block all those nasty signals we don't want messing with things
+         // in signal handlers while we go from fork to exec in the child
+         pthread_sigmask(SIG_BLOCK, &newset, NULL);
 #ifdef HAVE_SYSTEMD
          char **env = NULL, **e;
 
@@ -326,16 +365,16 @@ _impl_ecore_exe_efl_object_finalize(Eo *obj, 
Ecore_Exe_Data *exe)
            }
 #endif
          if (run_pri != ECORE_EXE_PRIORITY_INHERIT)
-         {
+           {
 #ifdef PRIO_PROCESS
-            if ((run_pri >= -20) && (run_pri <= 19))
-              setpriority(PRIO_PROCESS, 0, run_pri);
+              if ((run_pri >= -20) && (run_pri <= 19))
+                setpriority(PRIO_PROCESS, 0, run_pri);
 #else
 #warning "Your OS/libc does not provide PRIO_PROCESS (and possibly 
setpriority())"
 #warning "This is a POSIX-1.2001 standard and it is highly encouraged that you"
 #warning "Have support for this"
 #endif
-         }
+           }
          if (ok && (flags & ECORE_EXE_ISOLATE_IO))
            {
               int devnull;
diff --git a/src/lib/ecore/efl_exe.c b/src/lib/ecore/efl_exe.c
index a0fd7d4608..445a3dfab2 100644
--- a/src/lib/ecore/efl_exe.c
+++ b/src/lib/ecore/efl_exe.c
@@ -467,6 +467,45 @@ _efl_exe_efl_task_run(Eo *obj, Efl_Exe_Data *pd)
      }
    // this code is in the child here, and is temporary setup until we
    // exec() the child to replace everything.
+   sigset_t newset;
+
+   sigemptyset(&newset);
+   sigaddset(&newset, SIGPIPE);
+   sigaddset(&newset, SIGALRM);
+   sigaddset(&newset, SIGCHLD);
+   sigaddset(&newset, SIGUSR1);
+   sigaddset(&newset, SIGUSR2);
+   sigaddset(&newset, SIGHUP);
+   sigaddset(&newset, SIGQUIT);
+   sigaddset(&newset, SIGINT);
+   sigaddset(&newset, SIGTERM);
+   sigaddset(&newset, SIGBUS);
+   sigaddset(&newset, SIGCONT);
+   sigaddset(&newset, SIGWINCH);
+# ifdef SIGEMT
+   sigaddset(&newset, SIGEMT);
+# endif
+# ifdef SIGIO
+   sigaddset(&newset, SIGIO);
+# endif
+# ifdef SIGTSTP
+   sigaddset(&newset, SIGTSTP);
+# endif
+# ifdef SIGTTIN
+   sigaddset(&newset, SIGTTIN);
+# endif
+# ifdef SIGTTOU
+   sigaddset(&newset, SIGTTOU);
+# endif
+# ifdef SIGVTALRM
+   sigaddset(&newset, SIGVTALRM);
+# endif
+# ifdef SIGPWR
+   sigaddset(&newset, SIGPWR);
+# endif
+   // block all those nasty signals we don't want messing with things
+   // in signal handlers while we go from fork to exec in the child
+   pthread_sigmask(SIG_BLOCK, &newset, NULL);
 
    if (td->flags & EFL_TASK_FLAGS_USE_STDIN)  close(pipe_stdin[1]);
    if (td->flags & EFL_TASK_FLAGS_USE_STDOUT) close(pipe_stdout[0]);
@@ -523,7 +562,7 @@ _efl_exe_efl_task_run(Eo *obj, Efl_Exe_Data *pd)
         close(devnull);
      }
 
-   if (!tdl) exit(1);
+   if (!tdl) _exit(1);
 
    // clear systemd notify socket... only relevant for systemd world,
    // otherwise shouldn't be trouble
@@ -599,8 +638,8 @@ _efl_exe_efl_task_run(Eo *obj, Efl_Exe_Data *pd)
    // we couldn't exec... uh oh. HAAAAAAAALP!
    if ((errno == EACCES)  || (errno == EINVAL) || (errno == ELOOP) ||
        (errno == ENOEXEC) || (errno == ENOMEM))
-     exit(126);
-   exit(127);
+     _exit(126);
+   _exit(127);
    return EINA_FALSE;
 #endif
 }

--

Reply via email to