[uclibc-ng-devel] Race condition in LinuxThread's sigaction wrapper

Vladimir Murzin Tue, 25 May 2021 05:52:04 -0700

Hi

I got report about race condition in LinuxThread's sigaction wrapper
located in libpthread/linuxthreads/signals.c


In sigaction wrapper
 
A.1) override handler for new action to point at pthread_sighandler
A.2) __libc_sigaction
A.3) update global array (sighandler) used by pthread_sighandler with
     real action (from new)
 
pthread_sighandler

B.1) find real action (indexed by signal number)
B.2) unconditionally execute action

IIUC, if we receive signal in a window between A.2 and A.3 we are
missing executing real action (likely we try to execute NULL).

Does that make sense?

Cheers
Vladimir
_______________________________________________
devel mailing list
devel@uclibc-ng.org
https://mailman.uclibc-ng.org/cgi-bin/mailman/listinfo/devel

[uclibc-ng-devel] Race condition in LinuxThread's sigaction wrapper

Reply via email to