Is it safe to call non-reentrant functions in signal processing functions?

sudo-project / sudo

Utility to execute a command as another user

https://www.sudo.ws

Other

1.19k stars 221 forks source link

Is it safe to call non-reentrant functions in signal processing functions? #181

Closed BornThisWay closed 2 years ago

BornThisWay commented 2 years ago

https://github.com/sudo-project/sudo/blob/63efad271a13124d739d536e9f5bf1dd110c3a1a/lib/util/event.c#L346

In this function:

It uses a static data structure. (Is it possible to be modified by others during use?)
Standard I/O functions are called. (non-reentrant)

The UNIX Specification describes the functions that guarantee call security in the signal processing program. Therefore, I have some doubts about the implementation of this function, please help to solve it, thank you.

millert commented 2 years ago

Sudo is single-threaded so there is no problem with multiple access. Also, standard I/O is not used, only the write(2) system call which is safe to use from a signal handler.

millert commented 2 years ago

Also, access to signal_base->siginfo[] from outside the signal handler is done with all signals blocked.

BornThisWay commented 2 years ago

Okay, thank you for your answer.