Package: unhide Version: 20071102-2 Severity: important Tags: patch
"unhide sys" works like this: * Do a syscall on a PID. * If that PID exists: * Launch ps using popen() * Verify that the PID is listed * Close the popen()ed stream with pclose() * pclose() implicitly calls wait() to make sure the ps process has finished. However, since the main() function does signal(SIGCHLD, SIG_IGN), the wait() call will just return ECHILD, regardless of whether ps has finished or not. Then, the next syscall finds the ps process that is still alive. But before launching the next ps process, the previous one dies. And we have a hidden process! Since this is a race, it behaves erratically, but I sometimes get a list of over 20 hidden processes this way. This got much more obvious after upgrading from 2.6.22 to 2.6.24. Will attach patch, as well as strace output demonstrating the problem. As it is now, I can't use unhide. Regards //Johan -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores) Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- no debconf information
diff -ur unhide-20071102.orig/unhide-linux26.c unhide-20071102/unhide-linux26.c --- unhide-20071102.orig/unhide-linux26.c 2007-11-12 22:23:39.000000000 +0100 +++ unhide-20071102/unhide-linux26.c 2008-05-17 09:53:11.000000000 +0200 @@ -466,8 +466,6 @@ int main (int argc, char *argv[]) { - signal(SIGCHLD, SIG_IGN); - printf ("Unhide 02-11-2007 \n") ; printf ("[EMAIL PROTECTED]") ;