misc/69768: SEGV in killall
bronek
bronek at anax.pl
Thu Jul 29 10:20:40 PDT 2004
>Number: 69768
>Category: misc
>Synopsis: SEGV in killall
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jul 29 17:20:29 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: bronek
>Release: 4.10-STABLE
>Organization:
>Environment:
FreeBSD bronek 4.10-STABLE FreeBSD 4.10-STABLE #17: Tue Jul 27 08:43:17 CEST 2004 root at bronek:/usr/obj/usr/src/sys/BRONEK i386
>Description:
killall is Segmention Fault if killing process is zombie
bronek# grep -nR NSIG /usr/src | more
..
/usr/src/usr.bin/killall/killall.c:203: if (sig < 0 || sig > NSIG)
..
/usr/src/usr.sbin/ppp/sig.c:68: if (sig <= 0 || sig > NSIG) {
..
the same bug propably in sig.c, but not vuln.
>How-To-Repeat:
bronek# ps wuax | grep -w cu
uucp 419 0.0 0.3 1044 760 v0 IE+ 1:09PM 0:00.02 cu -hl /dev/cuaa0
uucp 420 0.0 0.0 0 0 v0 Z+ 1:09PM 0:00.00 (cu)
bronek# kill -9 419
bronek# kill -9 419
bronek# kill -9 420
420: No such process
bronek# kill -9 419
bronek# ps wuax | grep -w cu
uucp 419 0.0 0.3 1044 760 v0 IE+ 1:09PM 0:00.02 cu -hl /dev/cuaa0
uucp 420 0.0 0.0 0 0 v0 Z+ 1:09PM 0:00.00 (cu)
bronek# killall -9 cu
killall: kill -KILL 420: No such process
bronek# killall -32 cu
Segmentation fault (core dumped)
>Fix:
*** killall.c xxx
--- killall.c Fri Jul 23 14:31:42 2004
***************
*** 200,206 ****
sig = strtol(*av, &ep, 10);
if (!*av || *ep)
errx(1, "illegal signal number: %s", *av);
! if (sig < 0 || sig > NSIG)
nosig(*av);
} else
nosig(*av);
--- 200,206 ----
sig = strtol(*av, &ep, 10);
if (!*av || *ep)
errx(1, "illegal signal number: %s", *av);
! if (sig < 0 || sig >= NSIG)
nosig(*av);
} else
nosig(*av);
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list