From 328c56379188c9f79401a181fc50f166474ef44c Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 4 Sep 2014 10:13:26 -0600 Subject: [PATCH] Check return value of sigaction(), even though it should never fail. --- src/exec.c | 52 +++++++++++++++++++++++++++++++-------------- src/exec_pty.c | 57 +++++++++++++++++++++++++++++++++----------------- src/signal.c | 22 +++++++++++++------ 3 files changed, 90 insertions(+), 41 deletions(-) diff --git a/src/exec.c b/src/exec.c index a73950ab1..68b07ed50 100644 --- a/src/exec.c +++ b/src/exec.c @@ -119,11 +119,13 @@ static int fork_cmnd(struct command_details *details, int sv[2]) #else sa.sa_handler = handler; #endif - sudo_sigaction(SIGCONT, &sa, NULL); + if (sudo_sigaction(SIGCONT, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGCONT); #ifdef SA_SIGINFO sa.sa_sigaction = handler_user_only; #endif - sudo_sigaction(SIGTSTP, &sa, NULL); + if (sudo_sigaction(SIGTSTP, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP); /* * The policy plugin's session init must be run before we fork @@ -412,14 +414,21 @@ sudo_execute(struct command_details *details, struct command_status *cstat) #else sa.sa_handler = handler; #endif - sudo_sigaction(SIGTERM, &sa, NULL); - sudo_sigaction(SIGALRM, &sa, NULL); /* XXX - only if there is a timeout */ - sudo_sigaction(SIGCHLD, &sa, NULL); - sudo_sigaction(SIGPIPE, &sa, NULL); - sudo_sigaction(SIGUSR1, &sa, NULL); - sudo_sigaction(SIGUSR2, &sa, NULL); + if (sudo_sigaction(SIGTERM, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTERM); + if (sudo_sigaction(SIGALRM, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGALRM); + if (sudo_sigaction(SIGCHLD, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGCHLD); + if (sudo_sigaction(SIGPIPE, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGPIPE); + if (sudo_sigaction(SIGUSR1, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGUSR1); + if (sudo_sigaction(SIGUSR2, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGUSR2); #ifdef SIGINFO - sudo_sigaction(SIGINFO, &sa, NULL); + if (sudo_sigaction(SIGINFO, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGINFO); #endif /* @@ -435,9 +444,12 @@ sudo_execute(struct command_details *details, struct command_status *cstat) sa.sa_sigaction = handler_user_only; } #endif - sudo_sigaction(SIGHUP, &sa, NULL); - sudo_sigaction(SIGINT, &sa, NULL); - sudo_sigaction(SIGQUIT, &sa, NULL); + if (sudo_sigaction(SIGHUP, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGHUP); + if (sudo_sigaction(SIGINT, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGINT); + if (sudo_sigaction(SIGQUIT, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGQUIT); /* * Child will run the command in the pty, parent will pass data @@ -584,12 +596,19 @@ dispatch_signal(struct sudo_event_base *evbase, pid_t child, sigemptyset(&sa.sa_mask); sa.sa_flags = SA_RESTART; sa.sa_handler = SIG_DFL; - sudo_sigaction(SIGTSTP, &sa, &osa); + if (sudo_sigaction(SIGTSTP, &sa, &osa) != 0) { + sudo_warn(U_("unable to set handler for signal %d"), + SIGTSTP); + } } if (kill(getpid(), signo) != 0) sudo_warn("kill(%d, SIG%s)", (int)getpid(), signame); - if (signo == SIGTSTP) - sudo_sigaction(SIGTSTP, &osa, NULL); + if (signo == SIGTSTP) { + if (sudo_sigaction(SIGTSTP, &osa, NULL) != 0) { + sudo_warn(U_("unable to restore handler for signal %d"), + SIGTSTP); + } + } if (fd != -1) { /* * Restore command's process group if different. @@ -772,7 +791,8 @@ dispatch_pending_signals(struct command_status *cstat) sigemptyset(&sa.sa_mask); sa.sa_flags = SA_RESTART; sa.sa_handler = SIG_DFL; - sudo_sigaction(SIGTSTP, &sa, NULL); + if (sudo_sigaction(SIGTSTP, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP); if (kill(getpid(), SIGTSTP) != 0) sudo_warn("kill(%d, SIGTSTP)", (int)getpid()); /* No need to reinstall SIGTSTP handler. */ diff --git a/src/exec_pty.c b/src/exec_pty.c index cdebfb431..04cec8660 100644 --- a/src/exec_pty.c +++ b/src/exec_pty.c @@ -456,7 +456,8 @@ suspend_parent(int signo) sigemptyset(&sa.sa_mask); sa.sa_flags = SA_RESTART; sa.sa_handler = SIG_DFL; - sudo_sigaction(signo, &sa, &osa); + if (sudo_sigaction(signo, &sa, &osa) != 0) + sudo_warn(U_("unable to set handler for signal %d"), signo); } sudo_debug_printf(SUDO_DEBUG_INFO, "kill parent SIG%s", signame); if (killpg(ppgrp, signo) != 0) @@ -488,8 +489,10 @@ suspend_parent(int signo) ttymode = TERM_COOKED; } - if (signo != SIGSTOP) - sudo_sigaction(signo, &osa, NULL); + if (signo != SIGSTOP) { + if (sudo_sigaction(signo, &osa, NULL) != 0) + sudo_warn(U_("unable to restore handler for signal %d"), signo); + } rval = ttymode == TERM_RAW ? SIGCONT_FG : SIGCONT_BG; break; } @@ -709,7 +712,8 @@ fork_pty(struct command_details *details, int sv[], sigset_t *omask) if (io_fds[SFD_USERTTY] != -1) { sa.sa_flags = SA_RESTART; sa.sa_handler = sigwinch; - sudo_sigaction(SIGWINCH, &sa, NULL); + if (sudo_sigaction(SIGWINCH, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGWINCH); } /* So we can block tty-generated signals */ @@ -778,8 +782,10 @@ fork_pty(struct command_details *details, int sv[], sigset_t *omask) /* We don't want to receive SIGTTIN/SIGTTOU, getting EIO is preferable. */ sa.sa_handler = SIG_IGN; - sudo_sigaction(SIGTTIN, &sa, NULL); - sudo_sigaction(SIGTTOU, &sa, NULL); + if (sudo_sigaction(SIGTTIN, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTTIN); + if (sudo_sigaction(SIGTTOU, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTTOU); /* Job control signals to relay from parent to child. */ sigfillset(&sa.sa_mask); @@ -790,7 +796,8 @@ fork_pty(struct command_details *details, int sv[], sigset_t *omask) #else sa.sa_handler = handler; #endif - sudo_sigaction(SIGTSTP, &sa, NULL); + if (sudo_sigaction(SIGTSTP, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP); if (foreground) { /* Copy terminal attrs from user tty -> pty slave. */ @@ -1277,13 +1284,17 @@ exec_monitor(struct command_details *details, int backchannel) sigemptyset(&sa.sa_mask); sa.sa_flags = SA_RESTART; sa.sa_handler = SIG_DFL; - sudo_sigaction(SIGWINCH, &sa, NULL); - sudo_sigaction(SIGALRM, &sa, NULL); + if (sudo_sigaction(SIGWINCH, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGWINCH); + if (sudo_sigaction(SIGALRM, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGALRM); /* Ignore any SIGTTIN or SIGTTOU we get. */ sa.sa_handler = SIG_IGN; - sudo_sigaction(SIGTTIN, &sa, NULL); - sudo_sigaction(SIGTTOU, &sa, NULL); + if (sudo_sigaction(SIGTTIN, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTTIN); + if (sudo_sigaction(SIGTTOU, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTTOU); /* Block all signals in mon_handler(). */ sigfillset(&sa.sa_mask); @@ -1296,7 +1307,8 @@ exec_monitor(struct command_details *details, int backchannel) #else sa.sa_handler = mon_handler; #endif - sudo_sigaction(SIGCHLD, &sa, NULL); + if (sudo_sigaction(SIGCHLD, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGCHLD); /* Catch common signals so we can cleanup properly. */ sa.sa_flags = SA_RESTART; @@ -1306,13 +1318,20 @@ exec_monitor(struct command_details *details, int backchannel) #else sa.sa_handler = mon_handler; #endif - sudo_sigaction(SIGHUP, &sa, NULL); - sudo_sigaction(SIGINT, &sa, NULL); - sudo_sigaction(SIGQUIT, &sa, NULL); - sudo_sigaction(SIGTERM, &sa, NULL); - sudo_sigaction(SIGTSTP, &sa, NULL); - sudo_sigaction(SIGUSR1, &sa, NULL); - sudo_sigaction(SIGUSR2, &sa, NULL); + if (sudo_sigaction(SIGHUP, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGHUP); + if (sudo_sigaction(SIGINT, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGINT); + if (sudo_sigaction(SIGQUIT, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGQUIT); + if (sudo_sigaction(SIGTERM, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTERM); + if (sudo_sigaction(SIGTSTP, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP); + if (sudo_sigaction(SIGUSR1, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGUSR1); + if (sudo_sigaction(SIGUSR2, &sa, NULL) != 0) + sudo_warn(U_("unable to set handler for signal %d"), SIGUSR2); /* * Start a new session with the parent as the session leader diff --git a/src/signal.c b/src/signal.c index 59b5cdb38..aa56a7e50 100644 --- a/src/signal.c +++ b/src/signal.c @@ -72,8 +72,10 @@ save_signals(void) struct signal_state *ss; debug_decl(save_signals, SUDO_DEBUG_MAIN) - for (ss = saved_signals; ss->signo != -1; ss++) - sigaction(ss->signo, NULL, &ss->sa); + for (ss = saved_signals; ss->signo != -1; ss++) { + if (sigaction(ss->signo, NULL, &ss->sa) != 0) + sudo_warn(U_("unable to save handler for signal %d"), ss->signo); + } debug_return; } @@ -88,8 +90,12 @@ restore_signals(void) debug_decl(restore_signals, SUDO_DEBUG_MAIN) for (ss = saved_signals; ss->signo != -1; ss++) { - if (ss->restore) - sigaction(ss->signo, &ss->sa, NULL); + if (ss->restore) { + if (sigaction(ss->signo, &ss->sa, NULL) != 0) { + sudo_warn(U_("unable to restore handler for signal %d"), + ss->signo); + } + } } debug_return; @@ -145,8 +151,12 @@ init_signals(void) /* Don't install these until exec time. */ break; default: - if (ss->sa.sa_handler != SIG_IGN) - sigaction(ss->signo, &sa, NULL); + if (ss->sa.sa_handler != SIG_IGN) { + if (sigaction(ss->signo, &sa, NULL) != 0) { + sudo_warn(U_("unable to set handler for signal %d"), + ss->signo); + } + } break; } } -- 2.50.1