public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "nmiell at comcast dot net" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sources.redhat.com
Subject: [Bug libc/4737] fork is not async-signal-safe
Date: Thu, 06 Nov 2008 23:10:00 -0000 [thread overview]
Message-ID: <20081106230854.27682.qmail@sourceware.org> (raw)
In-Reply-To: <20070704013541.4737.nmiell@comcast.net>
------- Additional Comments From nmiell at comcast dot net 2008-11-06 23:08 -------
The purpose of aborting on detection of heap corruption is to prevent deliberate
heap corruption attacks. As such, allowing further use of the allocator after
detection of corruption has the potential to open up security holes that the
fail fast behavior designed to prevent.
Furthermore, being async-signal-safe requires that fork be callable from any
signal handler at any time, which means that in addition to being able to fork
from a SIGABRT resulting from heap corruption, we must also be able to fork from
e.g. a SIGALRM handler that can interrupt the allocator at any time.
As such, making the mutexes recursive would allow
malloc-from-fork-from-signal-handler to potentially see inconsistent allocator
state and lead to heap corruption or other errors.
fork probably needs to stop allocating memory at all.
--
http://sourceware.org/bugzilla/show_bug.cgi?id=4737
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
next prev parent reply other threads:[~2008-11-06 23:10 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-04 1:35 [Bug libc/4737] New: " nmiell at comcast dot net
2008-10-11 18:47 ` [Bug libc/4737] " morten+sources dot redhat dot com at afdelingp dot dk
2008-10-20 11:47 ` morten+sources dot redhat dot com at afdelingp dot dk
2008-10-21 5:13 ` nmiell at comcast dot net
2008-10-30 14:55 ` morten+sources dot redhat dot com at afdelingp dot dk
2008-11-05 9:00 ` tom dot honermann at oracle dot com
2008-11-05 9:57 ` tom dot honermann at oracle dot com
2008-11-06 23:10 ` nmiell at comcast dot net [this message]
2008-11-07 1:10 ` morten+sources dot redhat dot com at afdelingp dot dk
2008-11-11 21:35 ` tom dot honermann at oracle dot com
2008-11-11 21:41 ` tom dot honermann at oracle dot com
2008-11-11 22:04 ` tom dot honermann at oracle dot com
2008-11-18 22:30 ` tom dot honermann at oracle dot com
2008-11-18 23:45 ` rsa at us dot ibm dot com
2008-11-18 23:57 ` rsa at us dot ibm dot com
2008-11-19 1:39 ` tom dot honermann at oracle dot com
2008-11-19 16:23 ` rsa at us dot ibm dot com
2009-01-14 1:22 ` tom dot honermann at oracle dot com
2009-01-14 8:46 ` jakub at redhat dot com
2009-01-14 9:44 ` tom dot honermann at oracle dot com
2009-01-16 17:19 ` tom dot honermann at oracle dot com
[not found] <bug-4737-131@http.sourceware.org/bugzilla/>
2011-10-13 17:53 ` llucax at gmail dot com
2011-10-13 17:54 ` llucax at gmail dot com
2011-10-13 17:56 ` llucax at gmail dot com
2011-10-14 14:06 ` bugdal at aerifal dot cx
2012-03-27 13:43 ` krebbel1 at de dot ibm.com
2012-04-11 7:58 ` aj at suse dot de
2014-02-16 19:42 ` jackie.rosen at hushmail dot com
2014-05-28 19:41 ` schwab at sourceware dot org
2014-08-25 2:25 ` naesten at gmail dot com
2015-05-07 15:27 ` gbenson at redhat dot com
2021-06-28 19:00 ` adhemerval.zanella at linaro dot org
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081106230854.27682.qmail@sourceware.org \
--to=sourceware-bugzilla@sourceware.org \
--cc=glibc-bugs@sources.redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).