Re: bin/51267 (NETBSD 3.1 crashes on continuous ping)

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,divyadv2010%gmail.com@localhost
Subject: Re: bin/51267 (NETBSD 3.1 crashes on continuous ping)
From: "Greg A. Woods" <woods%planix.ca@localhost>
Date: Thu, 30 Jun 2016 21:45:01 +0000 (UTC)

The following reply was made to PR bin/51267; it has been noted by GNATS.

From: "Greg A. Woods" <woods%planix.ca@localhost>
To: NetBSD GNATS <gnats-bugs%NetBSD.org@localhost>
Cc: 
Subject: Re: bin/51267 (NETBSD 3.1 crashes on continuous ping)
Date: Thu, 30 Jun 2016 13:32:17 -0700

 --pgp-sign-Multipart_Thu_Jun_30_13:32:17_2016-1
 Content-Type: text/plain; charset=ISO-8859-1
 Content-Transfer-Encoding: quoted-printable

 Turns out this is almost certainly due to the signal handlers in ping
 calling non-reentrant functions (stdio, and malloc via stdio).

 See the related question, which has been updated with additional
 information, along with my answer here:

   http://stackoverflow.com/a/38131441/816536

 A good quick mostly fix would be to import OpenBSD's ping (and to keep
 in mind tracking it as it appears they will end up with a merged
 ping/ping6 at some point (soon?)).

 I say "mostly" because it appears on quick inspection that rev. 1.139 of
 OpenBSD ping still has a call to summary(signo) in a signal handler, and
 though their summary() avoids malloc() and stdout if called from a
 signal handler, I think on first glance it may still not be 100%
 reentrant due to the libc calls it does still make.  It's still 110%
 better than what we have in NetBSD now though.  (I think I've seen a
 crash from a signal handler calling NetBSD's snprintf(), but I'm not
 completely sure my memory is correct about that, and I have no notes
 about it that I can find.)

 The OpenBSD ping could have the SIGCONT feature patched into it, but
 that's hardly a critical feature that would go missing.

 BTW, this probably isn't a security-critical fix given that ping drops
 privs before setting up signal handlers, and I don't think it opens any
 avenues for remote exploitation.

 --=20
 						Greg A. Woods
 						Planix, Inc.

 <woods%planix.com@localhost>       +1 250 762-7675        http://www.planix.com/

 --pgp-sign-Multipart_Thu_Jun_30_13:32:17_2016-1
 Content-Type: application/pgp-signature
 Content-Transfer-Encoding: 7bit

 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (NetBSD)

 iEYEABECAAYFAld1gdEACgkQZn1xt3i/9H91cgCfUYWywxwunm4bh+8OOTNui18N
 lH8AnA1vb1Ie2WklWXXr06/joLJRpy/b
 =bPdD
 -----END PGP SIGNATURE-----

 --pgp-sign-Multipart_Thu_Jun_30_13:32:17_2016-1--

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: Re: PR/51287 CVS commit: src
Previous by Thread: Re: bin/51267 (NETBSD 3.1 crashes on continuous ping)
Next by Thread: Re: bin/51267 (NETBSD 3.1 crashes on continuous ping)
Indexes:

Home | Main Index | Thread Index | Old Index