This is the mail archive of the
ecos-bugs@sourceware.org
mailing list for the eCos project.
[Bug 1002142] New: sigtimedwait not POSIX compliant, crash when passing NULL info parameter.
- From: bugzilla-daemon at ecoscentric dot com
- To: ecos-bugs at ecos dot sourceware dot org
- Date: Tue, 19 Apr 2016 15:20:46 +0000
- Subject: [Bug 1002142] New: sigtimedwait not POSIX compliant, crash when passing NULL info parameter.
- Authentication-results: sourceware.org; auth=none
- Authentication-results: mail.ecoscentric.com; dkim=permerror (bad message/signature format)
- Auto-submitted: auto-generated
Please do not reply to this email, use the link below.
http://bugs.ecos.sourceware.org/show_bug.cgi?id=1002142
Bug ID: 1002142
Summary: sigtimedwait not POSIX compliant, crash when passing
NULL info parameter.
Product: eCos
Version: 3.0
Target: All
Architecture/Host_ Other
OS:
Status: UNCONFIRMED
Severity: enhancement
Priority: low
Component: POSIX
Assignee: unassigned@bugs.ecos.sourceware.org
Reporter: ehoffman@positronaccess.com
QA Contact: ecos-bugs@ecos.sourceware.org
CC: ecos-bugs@ecos.sourceware.org
Hi, I think found a bug in POSIX compatibility package.
For the function sigtimedwait, and also affecting the function sigwaitinfo
(which just wrap sigtimedwait), if you pass a NULL pointer to the info
parameter, eCos crash because it tries to blindly write to that reference
(without checking if it's NULL or not).
POSIX say:
[...]
The sigwaitinfo() function shall be equivalent to the sigwait() function if the
info argument is NULL. If the info argument is non-NULL, the sigwaitinfo()
function shall be equivalent to sigwait(), except that the selected signal
number shall be stored in the si_signo member, and the cause of the signal
shall be stored in the si_code member. If any value is queued to the selected
signal, the first such queued value shall be dequeued and, if the info argument
is non-NULL, the value shall be stored in the si_value member of info. The
system resource used to queue the signal shall be released and returned to the
system for other use. If no value is queued, the content of the si_value member
is undefined. If no further signals are queued for the selected signal, the
pending indication for that signal shall be reset.
[...]
So, according to the description, it should be allowed to pass NULL for the
info parameter, and indeed, it is quite common to just wait for a signal with
timeout, without needing the info (just needing the return value).
Error is in packages/compat/posix/current/src/signal.cxx function
sigtimedwait. At a few places, it sets *info to some values without checking
if info is null. Also, the return value is took directly from info->si_signo
(that is set in the function).
Regards,
Eric Hoffman
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are on the CC list for the bug.