From patchwork Wed Mar 11 20:58:45 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tobias Stoeckmann <tobias@stoeckmann.org>
X-Patchwork-Id: 449189
X-Patchwork-Delegate: shemminger@vyatta.com
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id AB1A814012F
	for <patchwork-incoming@ozlabs.org>;
	Thu, 12 Mar 2015 07:58:51 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751565AbbCKU6r (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Wed, 11 Mar 2015 16:58:47 -0400
Received: from mout.kundenserver.de ([212.227.126.130]:58784 "EHLO
	mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751258AbbCKU6q (ORCPT
	<rfc822;netdev@vger.kernel.org>); Wed, 11 Mar 2015 16:58:46 -0400
Received: from localhost ([79.227.12.190]) by mrelayeu.kundenserver.de
	(mreue001) with ESMTPSA (Nemesis) id 0MROX9-1Z0LhT1iiV-00UYNN for
	<netdev@vger.kernel.org>; Wed, 11 Mar 2015 21:58:44 +0100
Date: Wed, 11 Mar 2015 21:58:45 +0100
From: Tobias Stoeckmann <tobias@stoeckmann.org>
To: netdev@vger.kernel.org
Subject: [PATCH] Avoid signal race in arpd initialization.
Message-ID: <20150311205845.GA23722@localhost>
MIME-Version: 1.0
Content-Disposition: inline
X-Provags-ID: V03:K0:dYoREgOAzw7zzbQhCC4INf0V4oCnB5VNuRhGIJllNqbSqJFWkPj
	E3o0/3TnaZGQetsUi5bILho8PLV+7fazBaML2MY0XzTzdykLFsXOrfiGIEsxCeCESBjYlJt
	w7H1X+hdNU8pXVIPAwLz+8JiRD9Gc9D18fKFrxvBAT2HUESMgy2bhFWzghgtyS0HmECdNS9
	aAgNbqSePxJLCb2vJtvow==
X-UI-Out-Filterresults: notjunk:1;
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Signal handlers in arpd use siglongjmp() to return into main function
during polls. The environment for the jumps is set after the signal
handlers are installed. This leaves a small time frame in which an
uninitialized environment could be used for a siglongjmp() call, leading
to undefined behavior.

While at it, define flag variables as sig_atomic_t instead of int.
---
 misc/arpd.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/misc/arpd.c b/misc/arpd.c
index 7919eb8..cfd1e39 100644
--- a/misc/arpd.c
+++ b/misc/arpd.c
@@ -64,9 +64,9 @@ struct rtnl_handle rth;
 struct pollfd pset[2];
 int udp_sock = -1;
 
-volatile int do_exit;
-volatile int do_sync;
-volatile int do_stats;
+volatile sig_atomic_t do_exit;
+volatile sig_atomic_t do_sync;
+volatile sig_atomic_t do_stats;
 
 struct {
 	unsigned long arp_new;
@@ -793,10 +793,6 @@ int main(int argc, char **argv)
 	}
 
 	openlog("arpd", LOG_PID | LOG_CONS, LOG_DAEMON);
-	catch_signal(SIGINT, sig_exit);
-	catch_signal(SIGTERM, sig_exit);
-	catch_signal(SIGHUP, sig_sync);
-	catch_signal(SIGUSR1, sig_stats);
 
 #define EVENTS (POLLIN|POLLPRI|POLLERR|POLLHUP)
 	pset[0].events = EVENTS;
@@ -804,7 +800,12 @@ int main(int argc, char **argv)
 	pset[1].events = EVENTS;
 	pset[1].revents = 0;
 
-	sigsetjmp(env, 1);
+	if (sigsetjmp(env, 1) == 0) {
+		catch_signal(SIGINT, sig_exit);
+		catch_signal(SIGTERM, sig_exit);
+		catch_signal(SIGHUP, sig_sync);
+		catch_signal(SIGUSR1, sig_stats);
+	}
 
 	for (;;) {
 		in_poll = 1;