subject:"Re\: Localizing %SIG in Safe.pm 2.\{35,36,37\} crashes POE\:\:Wheel\:\:Run ..."

Re: Localizing %SIG in Safe.pm 2.{35,36,37} crashes POE::Wheel::Run ...

2013-07-16 Thread Rocco Caputo

Thank you for the alert.  Is there any reasonable way to work around this?

-- 
Rocco Caputo 

On Jul 16, 2013, at 12:00, Markus Jansen wrote:

> Hi,
> 
> FYI ... hope none of you wastes time with this really nasty trap ...
> 
> Best regards,
>Markus
> 
> -Original Message-
> From: Markus Jansen
> Sent: Tuesday, July 16, 2013 5:57 PM
> To: perl...@perl.org
> Cc: Markus Jansen
> Subject: Localizing %SIG in Safe.pm 2.{35,36,37} crashes POE::Wheel::Run ...
> 
> 
> This is a bug report for perl from markus.jan...@ericsson.com, generated with 
> the help of perlbug 1.39 running under perl 5.18.0.
> 
> 
> -
> [Please describe your issue here]
> 
> Dear Perl5 Porters,
> 
> localizing %SIG in Safe.pm 2.35 (on CPAN, 2.{35,36,37} in Perl core) may be a 
> great step for security, but it unfortunatately spoils POE::Wheel::Run 
> (basically POE and all other asynchronous frameworks dealing with external 
> processes).
> 
> The symptom experienced is that your application might sooner or later crash 
> (reliably when using POE::Component::Resolver upon exiting a Sidecar 
> subprocess) with the following famous last words:
> 
>Signal SIGCHLD received, but no signal handler set.
> 
> Please consider a version (also on CPAN) of Safe.pm which has e.g. the 
> localization of %SIG as a switchable feature.
> 
> Best regards,
>Markus
> 
> 
> 
> [Please do not change anything below this line]
> -
> ---
> Flags:
>category=library
>severity=critical
>module=Safe
> ---
> Site configuration information for perl 5.18.0:
> 
> Configured by ericsson at Fri Jul 12 19:17:48 CEST 2013.
> 
> Summary of my perl5 (revision 5 version 18 subversion 0) configuration:
> 
>  Platform:
>osname=linux, osvers=2.6.16.60-0.42.10-smp, 
> archname=x86_64-linux-thread-multi
>uname='linux sekix562 2.6.16.60-0.42.10-smp #1 smp tue apr 27 05:11:27 utc 
> 2010 x86_64 x86_64 x86_64 gnulinux '
>config_args='-d -e -O -D cc=gcc -D 
> prefix=/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/prod 
> -D usemultiplicity -U use5005threads -D usedl -D useshrplib -D 
> libperl=libcmacperl.so -U usemymalloc -D cf_by=ericsson -D 
> cf_email=scm...@clearcase.ericsson.se -D 
> perladmin=scm...@clearcase.ericsson.se -D uselargefiles -D usethreads -D 
> useithreads -D use64bitall -D ldcc=CC -D optimize=-O3 -D 
> locincpth=/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/include
>  
> /vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/apache/include
>  -D 
> loclibpth=/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/lib
>  
> /vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/apache/lib
>  -D lddlflags=-shared -lpthread 
> -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE
>  
> -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/prod/lib/5.18.0
> /x86_64-linux-thread-multi/CORE 
> -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/lib
>  
> -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/lib
>  
> -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/apache/lib
>  
> -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/apache/lib
>  -Wl,--enable-new-dtags -D ldflags=-lpthread 
> -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE
>  
> -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE
>  
> -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/lib
>  
> -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/lib
>  
> -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/apache/lib
>  -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/
> plib/apache/lib -Wl,--enable-new-dtags -D ccdlflags=-Bdynamic 
> -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE
>  
> -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE
>  
> -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/lib
>  
> -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/lib
>  
> -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/apache/lib
>  
> -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_path/plib/apache/lib
>  -D ldlibpthname=LD_LIBRARY_PATH -D cccdlflags=-fPIC -D dlsrc=dl_dlopen.xs -D 
> ccflags=-O2 -D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -pthread 
> -DPERL_IMPLICIT_CONTE

RE: Localizing %SIG in Safe.pm 2.{35,36,37} crashes POE::Wheel::Run ...

2013-07-16 Thread Markus Jansen

Hi Rocco,

I'll revert to Safe 2.32 or 2.33 - the code change between 2.33[_01] and 2.35 
and is minimal,
as you see from the diff below. The "local *SIG;" statement is the one and only 
that bites ...

Cheers, 
Markus

[6:48pm] [perl-git/dist/Safe] -> git diff 5df103ab ac4ec33e -- Safe.pm
diff --git a/dist/Safe/Safe.pm b/dist/Safe/Safe.pm
index 865a9dc..f00853e 100644
--- a/dist/Safe/Safe.pm
+++ b/dist/Safe/Safe.pm
@@ -3,7 +3,7 @@ package Safe;
 use 5.003_11;
 use Scalar::Util qw(reftype refaddr);
 
-$Safe::VERSION = "2.33_01";
+$Safe::VERSION = "2.35";
 
 # *** Don't declare any lexicals above this point ***
 #
@@ -21,7 +21,7 @@ sub lexless_anon_sub {
 # Uses a closure (on $__ExPr__) to pass in the code to be executed.
 # (eval on one line to keep line numbers as expected by caller)
 eval sprintf
-'package %s; %s sub { @_=(); eval q[my $__ExPr__;] . $__ExPr__; }',
+'package %s; %s sub { @_=(); eval q[local *SIG; my $__ExPr__;] . 
$__ExPr__; }',
 $_[0], $_[1] ? 'use strict;' : '';
 }
 
@@ -355,6 +355,8 @@ sub _clean_stash {
 
 sub reval {
 my ($obj, $expr, $strict) = @_;
+die "Bad Safe object" unless $obj->isa('Safe');
+
 my $root = $obj->{Root};
 
 my $evalsub = lexless_anon_sub($root, $strict, $expr);
@@ -405,6 +407,7 @@ sub _find_code_refs {
 
 sub wrap_code_ref {
 my ($obj, $sub) = @_;
+die "Bad safe object" unless $obj->isa('Safe');
 
 # wrap code ref $sub with _safe_call_sv so that, when called, the
 # execution will happen with the compartment fully 'in effect'.
@@ -440,6 +443,8 @@ sub wrap_code_ref {
 
 sub rdo {
 my ($obj, $file) = @_;
+die "Bad Safe object" unless $obj->isa('Safe');
+
 my $root = $obj->{Root};
 
 my $sg = sub_generation();

-Original Message-----
From: Rocco Caputo [mailto:rcap...@pobox.com] 
Sent: Tuesday, July 16, 2013 6:40 PM
To: Markus Jansen
Cc: r...@consttype.org; poe@perl.org
Subject: Re: Localizing %SIG in Safe.pm 2.{35,36,37} crashes POE::Wheel::Run ...

Thank you for the alert.  Is there any reasonable way to work around this?

--
Rocco Caputo 

On Jul 16, 2013, at 12:00, Markus Jansen wrote:

> Hi,
> 
> FYI ... hope none of you wastes time with this really nasty trap ...
> 
> Best regards,
>Markus
> 
> -Original Message-
> From: Markus Jansen
> Sent: Tuesday, July 16, 2013 5:57 PM
> To: perl...@perl.org
> Cc: Markus Jansen
> Subject: Localizing %SIG in Safe.pm 2.{35,36,37} crashes POE::Wheel::Run ...
> 
> 
> This is a bug report for perl from markus.jan...@ericsson.com, generated with 
> the help of perlbug 1.39 running under perl 5.18.0.
> 
> 
> -
> [Please describe your issue here]
> 
> Dear Perl5 Porters,
> 
> localizing %SIG in Safe.pm 2.35 (on CPAN, 2.{35,36,37} in Perl core) may be a 
> great step for security, but it unfortunatately spoils POE::Wheel::Run 
> (basically POE and all other asynchronous frameworks dealing with external 
> processes).
> 
> The symptom experienced is that your application might sooner or later crash 
> (reliably when using POE::Component::Resolver upon exiting a Sidecar 
> subprocess) with the following famous last words:
> 
>Signal SIGCHLD received, but no signal handler set.
> 
> Please consider a version (also on CPAN) of Safe.pm which has e.g. the 
> localization of %SIG as a switchable feature.
> 
> Best regards,
>Markus
> 
> 
> 
> [Please do not change anything below this line]
> -
> ---
> Flags:
>category=library
>severity=critical
>module=Safe
> ---
> Site configuration information for perl 5.18.0:
> 
> Configured by ericsson at Fri Jul 12 19:17:48 CEST 2013.
> 
> Summary of my perl5 (revision 5 version 18 subversion 0) configuration:
> 
>  Platform:
>osname=linux, osvers=2.6.16.60-0.42.10-smp, 
> archname=x86_64-linux-thread-multi
>uname='linux sekix562 2.6.16.60-0.42.10-smp #1 smp tue apr 27 05:11:27 utc 
> 2010 x86_64 x86_64 x86_64 gnulinux '
>config_args='-d -e -O -D cc=gcc -D 
> prefix=/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_pat
> h/prod -D usemultiplicity -U use5005threads -D usedl -D useshrplib -D 
> libperl=libcmacperl.so -U usemymalloc -D cf_by=ericsson -D 
> cf_email=scm...@clearcase.ericsson.se -D 
> perladmin=scm...@clearcase.ericsson.se -D uselargefiles -D usethreads 
> -D useithreads -D use64bitall -D ldcc=CC -D optimize=-O3 -D 
> locincpth=/vobs/cc/CCA-perl01/perl5_Linux_x64__sixtyfive_char_
> path/plib/include 
>

Re: Localizing %SIG in Safe.pm 2.{35,36,37} crashes POE::Wheel::Run ...

RE: Localizing %SIG in Safe.pm 2.{35,36,37} crashes POE::Wheel::Run ...

2 matches

Site Navigation

Mail list logo

Footer information