Package: sudo
Version: 1.7.4p6-1
Severity: normal
Hello,
I've noticed that sudo uses unsafe SIGCHLD catching code in exec.c:
sig_atomic_t recvsig[NSIG];
int
sudo_execve(path, argv, envp, uid, cstat, dowait, bgmode)
{
...
sa.sa_flags = SA_INTERRUPT;
sa.sa_handler = handler;
sigaction(SIGCHLD, sa, NULL);
for (;;) {
...
if (recvsig[SIGCHLD])
continue;
nready = select(maxfd + 1, fdsr, fdsw, NULL, NULL);
...
}
...
}
void
handler(s)
int s;
{
recvsig[s] = TRUE;
}
Firstly, sig_atomic_t is indeed needed to get atomicity of update in the
recvsig array, but that is not sufficient to make sure that the C
compiler will not optimize tests away, see for instance:
#include signal.h
sig_atomic_t i;
int main(void ) {
while(i);
}
compile with -O3, and see that gcc optimizes into
0x004004aa +10:jmp0x4004aa main+10
The volatile qualifier needs to be added too.
Secondly, the SIGCHLD signal can be delivered between the
recvsig[SIGCHLD] test and blocking inside select. This is a very tiny
window, but it still exists. The signals should be blocked and pselect
be used instead to atomically unblock the signals and block waiting for
them.
As a side note, a SOCK_DGRAM socketpair is used. It is worth noting
that such sockets do not detect an EOF condition.
Samuel
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.37 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages sudo depends on:
ii libc6 2.11.2-11 Embedded GNU C Library: Shared lib
ii libpam-modules1.1.1-6.1 Pluggable Authentication Modules f
ii libpam0g 1.1.1-6.1 Pluggable Authentication Modules l
sudo recommends no packages.
sudo suggests no packages.
-- Configuration Files:
/etc/sudoers [Errno 13] Permission non accordée: u'/etc/sudoers'
/etc/sudoers.d/README [Errno 13] Permission non accordée:
u'/etc/sudoers.d/README'
-- no debconf information
--
Samuel Thibault samuel.thiba...@fnac.net
The only intuitive interface is the nipple. After that, it's all learned.
(Bruce Ediger, bedi...@teal.csn.org, in comp.os.linux.misc, on X interfaces.)
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org