Bug#66417: [PATCH] Race condition when SIGINT is received
Package: nscd
Version: 2.1.3-10
Severity: normal
When multiple threads of nscd receive a SIGINT at the same time, nscd
segfaults. This bug is reproduceable by running nscd using "nscd -d"
and then pressing CTRL-C.
The problem is that the termination_handler is called for each thread
and doesn't check if the resources it frees are already freed. The
following patch tries to fix this. It compiles fine, but I could not
test if it really works. Even if it works, it's a temporary solution
only, tough. In general, the cleanup process needs to be rethought.
There are some provisions made in the code already (like the not-used
variable thread_info).
diff -u --recursive glibc-2.1.3.orig/nscd/nscd.c glibc-2.1.3/nscd/nscd.c
--- glibc-2.1.3.orig/nscd/nscd.c Mon Oct 4 21:51:37 1999
+++ glibc-2.1.3/nscd/nscd.c Wed Jun 28 02:10:51 2000
@@ -58,6 +58,8 @@
thread_info_t thread_info;
+pthread_t main_thread;
+
int do_shutdown;
int disabled_passwd;
int disabled_group;
@@ -153,6 +155,8 @@
signal (SIGTSTP, SIG_IGN);
}
+ main_thread = pthread_self();
+
signal (SIGINT, termination_handler);
signal (SIGQUIT, termination_handler);
signal (SIGTERM, termination_handler);
@@ -164,7 +168,7 @@
/* Init databases. */
nscd_init (conffile);
- /* Handle incoming requests */
+ /* Handle incoming requests. */
start_threads ();
return 0;
@@ -311,6 +315,17 @@
void
termination_handler (int signum)
{
+ if(pthread_self() != main_thread)
+ {
+ /* Signal main thread to quit itself. */
+ pthread_kill(main_thread, signum);
+
+ /* Kill this thread. */
+ pthread_exit(NULL);
+ }
+
+ /* We are the main thread. Do the cleanup. */
+
close_sockets ();
/* Clean up the file created by `bind'. */
-- System Information
Debian Release: 2.2
Architecture: i386
Kernel: Linux moby 2.3.99-pre3 #1 Son Apr 2 11:15:37 CEST 2000 i686
Versions of packages nscd depends on:
ii libc6 2.1.3-10 GNU C Library: Shared libraries an
Reply to: