isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check return value of sigaction(), even though it should never fail.

Browse Source
This commit is contained in:
Todd C. Miller
2014-09-04 10:13:26 -06:00
parent 111136dc8b
commit 328c563791
3 changed files with 90 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
src/exec.c
View File

@@ -119,11 +119,13 @@ static int fork_cmnd(struct command_details *details, int sv[2])
#else #else
sa.sa_handler = handler; sa.sa_handler = handler;
#endif #endif
sudo_sigaction(SIGCONT, &sa, NULL); if (sudo_sigaction(SIGCONT, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGCONT);
#ifdef SA_SIGINFO #ifdef SA_SIGINFO
sa.sa_sigaction = handler_user_only; sa.sa_sigaction = handler_user_only;
#endif #endif
sudo_sigaction(SIGTSTP, &sa, NULL); if (sudo_sigaction(SIGTSTP, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP);
/* /*
* The policy plugin's session init must be run before we fork * The policy plugin's session init must be run before we fork
@@ -412,14 +414,21 @@ sudo_execute(struct command_details *details, struct command_status *cstat)
#else #else
sa.sa_handler = handler; sa.sa_handler = handler;
#endif #endif
sudo_sigaction(SIGTERM, &sa, NULL); if (sudo_sigaction(SIGTERM, &sa, NULL) != 0)
sudo_sigaction(SIGALRM, &sa, NULL); /* XXX - only if there is a timeout */ sudo_warn(U_("unable to set handler for signal %d"), SIGTERM);
sudo_sigaction(SIGCHLD, &sa, NULL); if (sudo_sigaction(SIGALRM, &sa, NULL) != 0)
sudo_sigaction(SIGPIPE, &sa, NULL); sudo_warn(U_("unable to set handler for signal %d"), SIGALRM);
sudo_sigaction(SIGUSR1, &sa, NULL); if (sudo_sigaction(SIGCHLD, &sa, NULL) != 0)
sudo_sigaction(SIGUSR2, &sa, NULL); sudo_warn(U_("unable to set handler for signal %d"), SIGCHLD);
if (sudo_sigaction(SIGPIPE, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGPIPE);
if (sudo_sigaction(SIGUSR1, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGUSR1);
if (sudo_sigaction(SIGUSR2, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGUSR2);
#ifdef SIGINFO #ifdef SIGINFO
sudo_sigaction(SIGINFO, &sa, NULL); if (sudo_sigaction(SIGINFO, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGINFO);
#endif #endif
/* /*
@@ -435,9 +444,12 @@ sudo_execute(struct command_details *details, struct command_status *cstat)
sa.sa_sigaction = handler_user_only; sa.sa_sigaction = handler_user_only;
} }
#endif #endif
sudo_sigaction(SIGHUP, &sa, NULL); if (sudo_sigaction(SIGHUP, &sa, NULL) != 0)
sudo_sigaction(SIGINT, &sa, NULL); sudo_warn(U_("unable to set handler for signal %d"), SIGHUP);
sudo_sigaction(SIGQUIT, &sa, NULL); if (sudo_sigaction(SIGINT, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGINT);
if (sudo_sigaction(SIGQUIT, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGQUIT);
/* /*
* Child will run the command in the pty, parent will pass data * Child will run the command in the pty, parent will pass data
@@ -584,12 +596,19 @@ dispatch_signal(struct sudo_event_base *evbase, pid_t child,
sigemptyset(&sa.sa_mask); sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESTART; sa.sa_flags = SA_RESTART;
sa.sa_handler = SIG_DFL; sa.sa_handler = SIG_DFL;
sudo_sigaction(SIGTSTP, &sa, &osa); if (sudo_sigaction(SIGTSTP, &sa, &osa) != 0) {
sudo_warn(U_("unable to set handler for signal %d"),
SIGTSTP);
}
} }
if (kill(getpid(), signo) != 0) if (kill(getpid(), signo) != 0)
sudo_warn("kill(%d, SIG%s)", (int)getpid(), signame); sudo_warn("kill(%d, SIG%s)", (int)getpid(), signame);
if (signo == SIGTSTP) if (signo == SIGTSTP) {
sudo_sigaction(SIGTSTP, &osa, NULL); if (sudo_sigaction(SIGTSTP, &osa, NULL) != 0) {
sudo_warn(U_("unable to restore handler for signal %d"),
SIGTSTP);
}
}
if (fd != -1) { if (fd != -1) {
/* /*
* Restore command's process group if different. * Restore command's process group if different.
@@ -772,7 +791,8 @@ dispatch_pending_signals(struct command_status *cstat)
sigemptyset(&sa.sa_mask); sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESTART; sa.sa_flags = SA_RESTART;
sa.sa_handler = SIG_DFL; sa.sa_handler = SIG_DFL;
sudo_sigaction(SIGTSTP, &sa, NULL); if (sudo_sigaction(SIGTSTP, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP);
if (kill(getpid(), SIGTSTP) != 0) if (kill(getpid(), SIGTSTP) != 0)
sudo_warn("kill(%d, SIGTSTP)", (int)getpid()); sudo_warn("kill(%d, SIGTSTP)", (int)getpid());
/* No need to reinstall SIGTSTP handler. */ /* No need to reinstall SIGTSTP handler. */

57
src/exec_pty.c
View File

@@ -456,7 +456,8 @@ suspend_parent(int signo)
sigemptyset(&sa.sa_mask); sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESTART; sa.sa_flags = SA_RESTART;
sa.sa_handler = SIG_DFL; sa.sa_handler = SIG_DFL;
sudo_sigaction(signo, &sa, &osa); if (sudo_sigaction(signo, &sa, &osa) != 0)
sudo_warn(U_("unable to set handler for signal %d"), signo);
} }
sudo_debug_printf(SUDO_DEBUG_INFO, "kill parent SIG%s", signame); sudo_debug_printf(SUDO_DEBUG_INFO, "kill parent SIG%s", signame);
if (killpg(ppgrp, signo) != 0) if (killpg(ppgrp, signo) != 0)
@@ -488,8 +489,10 @@ suspend_parent(int signo)
ttymode = TERM_COOKED; ttymode = TERM_COOKED;
} }
if (signo != SIGSTOP) if (signo != SIGSTOP) {
sudo_sigaction(signo, &osa, NULL); if (sudo_sigaction(signo, &osa, NULL) != 0)
sudo_warn(U_("unable to restore handler for signal %d"), signo);
}
rval = ttymode == TERM_RAW ? SIGCONT_FG : SIGCONT_BG; rval = ttymode == TERM_RAW ? SIGCONT_FG : SIGCONT_BG;
break; break;
} }
@@ -709,7 +712,8 @@ fork_pty(struct command_details *details, int sv[], sigset_t *omask)
if (io_fds[SFD_USERTTY] != -1) { if (io_fds[SFD_USERTTY] != -1) {
sa.sa_flags = SA_RESTART; sa.sa_flags = SA_RESTART;
sa.sa_handler = sigwinch; sa.sa_handler = sigwinch;
sudo_sigaction(SIGWINCH, &sa, NULL); if (sudo_sigaction(SIGWINCH, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGWINCH);
} }
/* So we can block tty-generated signals */ /* So we can block tty-generated signals */
@@ -778,8 +782,10 @@ fork_pty(struct command_details *details, int sv[], sigset_t *omask)
/* We don't want to receive SIGTTIN/SIGTTOU, getting EIO is preferable. */ /* We don't want to receive SIGTTIN/SIGTTOU, getting EIO is preferable. */
sa.sa_handler = SIG_IGN; sa.sa_handler = SIG_IGN;
sudo_sigaction(SIGTTIN, &sa, NULL); if (sudo_sigaction(SIGTTIN, &sa, NULL) != 0)
sudo_sigaction(SIGTTOU, &sa, NULL); sudo_warn(U_("unable to set handler for signal %d"), SIGTTIN);
if (sudo_sigaction(SIGTTOU, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGTTOU);
/* Job control signals to relay from parent to child. */ /* Job control signals to relay from parent to child. */
sigfillset(&sa.sa_mask); sigfillset(&sa.sa_mask);
@@ -790,7 +796,8 @@ fork_pty(struct command_details *details, int sv[], sigset_t *omask)
#else #else
sa.sa_handler = handler; sa.sa_handler = handler;
#endif #endif
sudo_sigaction(SIGTSTP, &sa, NULL); if (sudo_sigaction(SIGTSTP, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP);
if (foreground) { if (foreground) {
/* Copy terminal attrs from user tty -> pty slave. */ /* Copy terminal attrs from user tty -> pty slave. */
@@ -1277,13 +1284,17 @@ exec_monitor(struct command_details *details, int backchannel)
sigemptyset(&sa.sa_mask); sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESTART; sa.sa_flags = SA_RESTART;
sa.sa_handler = SIG_DFL; sa.sa_handler = SIG_DFL;
sudo_sigaction(SIGWINCH, &sa, NULL); if (sudo_sigaction(SIGWINCH, &sa, NULL) != 0)
sudo_sigaction(SIGALRM, &sa, NULL); sudo_warn(U_("unable to set handler for signal %d"), SIGWINCH);
if (sudo_sigaction(SIGALRM, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGALRM);
/* Ignore any SIGTTIN or SIGTTOU we get. */ /* Ignore any SIGTTIN or SIGTTOU we get. */
sa.sa_handler = SIG_IGN; sa.sa_handler = SIG_IGN;
sudo_sigaction(SIGTTIN, &sa, NULL); if (sudo_sigaction(SIGTTIN, &sa, NULL) != 0)
sudo_sigaction(SIGTTOU, &sa, NULL); sudo_warn(U_("unable to set handler for signal %d"), SIGTTIN);
if (sudo_sigaction(SIGTTOU, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGTTOU);
/* Block all signals in mon_handler(). */ /* Block all signals in mon_handler(). */
sigfillset(&sa.sa_mask); sigfillset(&sa.sa_mask);
@@ -1296,7 +1307,8 @@ exec_monitor(struct command_details *details, int backchannel)
#else #else
sa.sa_handler = mon_handler; sa.sa_handler = mon_handler;
#endif #endif
sudo_sigaction(SIGCHLD, &sa, NULL); if (sudo_sigaction(SIGCHLD, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGCHLD);
/* Catch common signals so we can cleanup properly. */ /* Catch common signals so we can cleanup properly. */
sa.sa_flags = SA_RESTART; sa.sa_flags = SA_RESTART;
@@ -1306,13 +1318,20 @@ exec_monitor(struct command_details *details, int backchannel)
#else #else
sa.sa_handler = mon_handler; sa.sa_handler = mon_handler;
#endif #endif
sudo_sigaction(SIGHUP, &sa, NULL); if (sudo_sigaction(SIGHUP, &sa, NULL) != 0)
sudo_sigaction(SIGINT, &sa, NULL); sudo_warn(U_("unable to set handler for signal %d"), SIGHUP);
sudo_sigaction(SIGQUIT, &sa, NULL); if (sudo_sigaction(SIGINT, &sa, NULL) != 0)
sudo_sigaction(SIGTERM, &sa, NULL); sudo_warn(U_("unable to set handler for signal %d"), SIGINT);
sudo_sigaction(SIGTSTP, &sa, NULL); if (sudo_sigaction(SIGQUIT, &sa, NULL) != 0)
sudo_sigaction(SIGUSR1, &sa, NULL); sudo_warn(U_("unable to set handler for signal %d"), SIGQUIT);
sudo_sigaction(SIGUSR2, &sa, NULL); if (sudo_sigaction(SIGTERM, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGTERM);
if (sudo_sigaction(SIGTSTP, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP);
if (sudo_sigaction(SIGUSR1, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGUSR1);
if (sudo_sigaction(SIGUSR2, &sa, NULL) != 0)
sudo_warn(U_("unable to set handler for signal %d"), SIGUSR2);
/* /*
* Start a new session with the parent as the session leader * Start a new session with the parent as the session leader

22
src/signal.c
View File

@@ -72,8 +72,10 @@ save_signals(void)
struct signal_state *ss; struct signal_state *ss;
debug_decl(save_signals, SUDO_DEBUG_MAIN) debug_decl(save_signals, SUDO_DEBUG_MAIN)
for (ss = saved_signals; ss->signo != -1; ss++) for (ss = saved_signals; ss->signo != -1; ss++) {
sigaction(ss->signo, NULL, &ss->sa); if (sigaction(ss->signo, NULL, &ss->sa) != 0)
sudo_warn(U_("unable to save handler for signal %d"), ss->signo);
}
debug_return; debug_return;
} }
@@ -88,8 +90,12 @@ restore_signals(void)
debug_decl(restore_signals, SUDO_DEBUG_MAIN) debug_decl(restore_signals, SUDO_DEBUG_MAIN)
for (ss = saved_signals; ss->signo != -1; ss++) { for (ss = saved_signals; ss->signo != -1; ss++) {
if (ss->restore) if (ss->restore) {
sigaction(ss->signo, &ss->sa, NULL); if (sigaction(ss->signo, &ss->sa, NULL) != 0) {
sudo_warn(U_("unable to restore handler for signal %d"),
ss->signo);
}
}
} }
debug_return; debug_return;
@@ -145,8 +151,12 @@ init_signals(void)
/* Don't install these until exec time. */ /* Don't install these until exec time. */
break; break;
default: default:
if (ss->sa.sa_handler != SIG_IGN) if (ss->sa.sa_handler != SIG_IGN) {
sigaction(ss->signo, &sa, NULL); if (sigaction(ss->signo, &sa, NULL) != 0) {
sudo_warn(U_("unable to set handler for signal %d"),
ss->signo);
}
}
break; break;
} }
} }