This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
RE: Signal Handler
- From: "Mathew, Tisson K" <tisson dot k dot mathew at intel dot com>
- To: "'Roland McGrath'" <roland at redhat dot com>
- Cc: "'libc-alpha at sources dot redhat dot com'" <libc-alpha at sources dot redhat dot com>
- Date: Mon, 25 Nov 2002 14:27:18 -0800
- Subject: RE: Signal Handler
Thanks Roland,
Does msgsnd use any of the heap-management routines like 'malloc'?
Referencing to an article at
http://razor.bindview.com/publish/papers/signals.txt about signal-handling
related vulnerabilities. A quote from this article
"
A) re-entering libc functions:
Every function that is not listed as reentry-safe is a potential source
of vulnerabilities. Indeed, numerous library functions are operating
on global variables, and/or modify global state in non-atomic way.
Once again, heap-management routines are probably the best example.
By delivering a signal when malloc(), free() or any other libcall of
this kind is being called, all subsequent calls to the heap management
routines made from signal handler would have unpredictable effect,
as heap state is completely unpredictable for the programmer.
"
Is this true for glibc as well ?
-Tisson
-----Original Message-----
From: Roland McGrath [mailto:roland@redhat.com]
Sent: Monday, November 25, 2002 1:39 PM
To: Mathew, Tisson K
Cc: 'libc-alpha@sources.redhat.com'
Subject: Re: Signal Handler
> Is it safe to invoke memset and msgsnd inside a signal handler? (I'm
> thinking of using them inside SIGALRM handler)
You are not guaranteed this, but in practice it will be ok for those two.