From: Dmitry V. Levin <ldv@altlinux.org>
Date: Sun, 6 Aug 2017 13:27:07 +0000 (+0000)
Subject: Fix handling of unexpected tracees when PTRACE_SEIZE is not in use
X-Git-Tag: v4.19~174
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7a35b711df127664e7430b2644ae92c75f3d5f67;p=strace

Fix handling of unexpected tracees when PTRACE_SEIZE is not in use

* strace.c (maybe_allocate_tcb) <WIFSTOPPED(status) && !followfork>:
The expected ptrace stop signal in case of !use seize is not
syscall_trap_sig but SIGSTOP.  An idea of using PTRACE_GETSIGINFO to
distinguish signal stops that should be re-injected from other kinds
of stops didn't work out due to kernel implementation peculiarities
of initial ptrace-stop.
---

diff --git a/strace.c b/strace.c
index 5a2adf02..9217efe4 100644
--- a/strace.c
+++ b/strace.c
@@ -2095,10 +2095,15 @@ maybe_allocate_tcb(const int pid, int status)
 		 * This can happen if a clone call misused CLONE_PTRACE itself.
 		 */
 		unsigned int sig = WSTOPSIG(status);
-		unsigned int event = (unsigned int) status >> 16;
 
-		if (event == PTRACE_EVENT_STOP || sig == syscall_trap_sig)
-			sig = 0;
+		if (use_seize) {
+			unsigned int event = (unsigned int) status >> 16;
+			if (event == PTRACE_EVENT_STOP)
+				sig = 0;
+		} else {
+			if (sig == SIGSTOP)
+				sig = 0;
+		}
 
 		ptrace(PTRACE_DETACH, pid, NULL, (unsigned long) sig);
 		error_msg("Detached unknown pid %d%s%s", pid,