This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/21269] New: i386 sigaction sa_restorer handling is wrong
- From: "luto at kernel dot org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Fri, 17 Mar 2017 21:10:26 +0000
- Subject: [Bug libc/21269] New: i386 sigaction sa_restorer handling is wrong
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=21269
Bug ID: 21269
Summary: i386 sigaction sa_restorer handling is wrong
Product: glibc
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: luto at kernel dot org
CC: drepper.fsp at gmail dot com
Target Milestone: ---
glibc does this:
if (GLRO(dl_sysinfo_dso) == NULL)
{
kact.sa_flags |= SA_RESTORER;
kact.sa_restorer = ((act->sa_flags & SA_SIGINFO)
? &restore_rt : &restore);
}
This is correct for the vDSO-present case, but it's subtly wrong for the
vDSO-not-present case. For ancient historical reasons, x86_32 Linux (and
compat on x86_64) interprets SA_RESTORER clear with nonzero sa_restorer as a
request for stack switching if the SS segment is funny. This means that
anything that tries to mix glibc's signal handling with segmentation is
randomly broken depending on what garbage lands in sa_restorer. (Also, it's
just bad form to pass uninitialized data into the kernel.)
The fix should be trivial:
else
kact.sa_restorer = NULL;
or similar.
I can send a short test case if needed.
--
You are receiving this mail because:
You are on the CC list for the bug.