This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Saving errno around signal handlers

From: Florian Weimer <fweimer at redhat dot com>
To: "Joseph S. Myers" <joseph at codesourcery dot com>
Cc: GNU C Library <libc-alpha at sourceware dot org>
Date: Mon, 03 Mar 2014 09:59:50 +0100
Subject: Re: Saving errno around signal handlers
Authentication-results: sourceware.org; auth=none
References: <531077D9 dot 2000308 at redhat dot com> <Pine dot LNX dot 4 dot 64 dot 1402282205090 dot 17634 at digraph dot polyomino dot org dot uk>

On 02/28/2014 11:12 PM, Joseph S. Myers wrote:

So the first question is whether we should take advantage of that POSIX
permission at all.  This seems similar to other cases of programs having
undefined behavior, where we don't try to make them do anything sensible,
such as not checking for invalid pointer arguments.  Maybe there should be
a non-default optional sigaction flag SA_SAVEERRNO (allocation of this
flag value would of course need coordinating with the kernel), and
_FORTIFY_SOURCE or similar could then map sigaction calls to a non-default
variant that always uses this flag (it's not clear this is really within
the scope of _FORTIFY_SOURCE, though)?

Making this opt-in is not very attractive because once you touchapplication sources to deal with this, you could just fix the signalhandler.


--
Florian Weimer / Red Hat Product Security Team

Follow-Ups:
- Re: Saving errno around signal handlers
  - From: Carlos O'Donell
- Re: Saving errno around signal handlers
  - From: Joseph S. Myers

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]