Cygwin: fix potential SEGV in sigwaitinfo/signalfd scenario

On sigwaitinfo or reading from a signalfd, signal processing sets up
signal handling via sigdelayed even if the handler address is NULL.
This doesn't have any impact on sigwaitinfo scenarios (or at least, I
wasn't able to come up with a reproducer) but it breaks signalfd
scenarios, where eventually a call to call_signal_handler from
sigdelayed will try to call the NULL function.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen
2019-08-12 22:40:50 +02:00
parent 8ef2461000
commit 92115a83a4
2 changed files with 17 additions and 3 deletions

View File

@@ -1628,7 +1628,7 @@ _cygtls::call_signal_handler ()
if (retaddr () == (__tlsstack_t) sigdelayed)
pop ();
debug_only_printf ("dealing with signal %d", sig);
debug_only_printf ("dealing with signal %d, handler %p", sig, func);
this_sa_flags = sa_flags;
sigset_t this_oldmask = set_process_mask_delta ();
@@ -1647,8 +1647,12 @@ _cygtls::call_signal_handler ()
ucontext_t *thiscontext = NULL, context_copy;
/* Only make a context for SA_SIGINFO handlers */
if (this_sa_flags & SA_SIGINFO)
/* Only make a context for SA_SIGINFO handlers, only if a handler
exists. If handler is NULL, drop SA_SIGINFO flag to avoid
accidental context access later in the function. */
if (!thisfunc)
this_sa_flags &= ~SA_SIGINFO;
else if (this_sa_flags & SA_SIGINFO)
{
context.uc_link = 0;
context.uc_flags = 0;
@@ -1710,6 +1714,11 @@ _cygtls::call_signal_handler ()
sig = 0; /* Flag that we can accept another signal */
unlock (); /* unlock signal stack */
/* Handler may be NUll in sigwaitinfo/signalfd scenario. Avoid
crashing by calling a NULL function. */
if (!thisfunc)
goto skip_calling_handler;
/* Alternate signal stack requested for this signal and alternate signal
stack set up for this thread? */
if (this_sa_flags & SA_ONSTACK
@@ -1817,6 +1826,8 @@ _cygtls::call_signal_handler ()
signal handler. */
thisfunc (thissig, &thissi, thiscontext);
skip_calling_handler:
incyg = true;
set_signal_mask (_my_tls.sigmask, (this_sa_flags & SA_SIGINFO)