-
Notifications
You must be signed in to change notification settings - Fork 463
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix signal handler #4671
Comments
CUPS.org User: mike Please be more specific - all of these bug reports are useless without context, and really I am not going to search and chase after vague references to potential issues. WRT sig_atomic_t, it is just int on most platforms and we are using it to set a flag - there is no atomicy issue. We shouldn't be calling exit or fprintf from signal handlers - please provide specific source file references. |
CUPS.org User: elfring Does your content management system provide a direct link interface for the affected source files? Would your source code become a bit safer if a portable data type definition will be reused? |
CUPS.org User: mike Markus, no we don't have a direct link interface - a plain old unified diff would be fine, a list of source files, etc. As for using a "portable" data type definition, CUPS is still used on platforms that don't define the newer C11 data types - we'd need to add a configure check with a backup typedef to int. And then we'd likely want to do a shadow definition (cups_sigatomic_t) to avoid interactions with system headers that autoconf misses. And after all of that we won't be any better off - we are just setting a flag when a signal is received so the code outside the signal handler is just looking for non-zero. This usage is safe on all platforms that CUPS supports, and certainly on all platforms I've ever worked on over the last 25 years of my professional career (and 8 years before that going back to 8-bit processors). From the glibc manual on sig_atomic_t (http://www.gnu.org/software/libc/manual/html_node/Atomic-Types.html):
In short, the amount of time we'd waste making this change (and the amount of time I'm spending responding to you) will not improve CUPS in the least but will increase code complexity and add to the already too large autoconf nonsense we have to deal with. So please, if you have found instances where we are calling non-async safe functions from signal handlers, please tell me where those instances are (list of files or a diff) and I'll take a look. But let's avoid being pedantic for pedantistry's sake... |
CUPS.org User: elfring Do any special C/C++ compilers need an attribute like "volatile" in the data type for the mentioned variables? Are the following function implementations update candidates? sigterm_handler|backend/dnssd.c:1287 |
CUPS.org User: elfring Would you like to try a specific source code search out with a script like the following which reuses the semantic patch language? @show_unsafe@
|
CUPS.org User: mike Fixed in Subversion repository. |
"str4671.patch": Index: backend/dnssd.c--- backend/dnssd.c (revision 12817) if (job_canceled)
Index: backend/usb-darwin.c--- backend/usb-darwin.c (revision 12817) if (WIFEXITED(status))
|
CUPS.org User: elfring Is the implementation of the function "sigterm_handler" from the source file "backend/ipp.c" another update candidate according to the commit ef416fc on 2006-01-13? |
Will the mentioned implementation details get another look? |
Thanks for another small source code improvement. |
Version: 2.1b1
CUPS.org User: elfring
I guess that a different program design will be needed for your function "sigterm_handler".
https://www.securecoding.cert.org/confluence/display/seccode/SIG30-C.+Call+only+asynchronous-safe+functions+within+signal+handlers
The text was updated successfully, but these errors were encountered: