bogofilter -- Fast Bayesian Spam Filter / Bugs / #104 Fix signal handler

#104 Fix signal handler

Status: open-later

Owner: Matthias Andree

Labels: None

Priority: 7

Updated: 2007-02-09

Created: 2007-02-07

Creator: Markus Elfring

Private: No

The function "exit()" does not belong to the list of async-signal-safe functions.
See section "2.4.3 Signal Actions" from the document "2.4 Signal Concepts".
http://opengroup.org/onlinepubs/009695399/functions/xsh_chap02_04.html#tag_02_04_03
http://opengroup.org/onlinepubs/009695399/functions/_Exit.html

Should this call be replaced by a safe alternative in your function "mysigdie"?
http://bogofilter.cvs.sourceforge.net/bogofilter/bogofilter/src/sighandler.c?revision=1.7&view=markup
http://groups.google.de/group/comp.unix.programmer/browse_frm/thread/3ab94f021cf9a43c/af93e23fe1234e05

Discussion

David Relson - 2007-02-08

Logged In: YES
user_id=30510
Originator: NO

Markus,

The link applies to multi-threaded apps, right? Bogofilter is not multi-threaded.

If you care to submit a patch, it will be considered.

David

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Markus Elfring - 2007-02-08

Logged In: YES
user_id=572001
Originator: YES

How much are you used to the advices on the topic "safe signal handling" by Marc Rochkind?
http://groups.google.de/group/comp.unix.programmer/msg/af93e23fe1234e05

The function "exit()" must not be called from inside a signal handler. This fact has got some consequences on your program design.
- http://www.slamb.org/projects/sigsafe/
- http://safari.oreilly.com/0596003943/secureprgckbk-CHP-13-SECT-5

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Markus Elfring - 2007-02-08

assigned_to: nobody --> relson
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Matthias Andree - 2007-02-09

Logged In: YES
user_id=2788
Originator: NO

Hi Markus, thanks for the report.

David, signal handlers are worse than threads and can really mess up the code, as all involved functions (those we "rip" the program flow out of and those we execute and all their callees) have to be reentrant. I'm grabbing this bug and will look into it.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Matthias Andree - 2007-02-09

priority: 5 --> 7

assigned_to: relson --> m-a

status: open --> open-later
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Matthias Andree - 2007-02-14

Logged In: YES
user_id=2788
Originator: NO

Turns out to be a non-trivial fix that requires

(a) some policy decisions internally

(b) major code changes - not necessarily considering lines touched, but rather with respect to the power or invasiveness of the changes.

We won't have a quick fix unfortunately.

If and only if you are either using sqlite3, or berkeleydb in transactional mode, as a temporary solution, replace exit() by _exit() in said function. If you're using this on a non-transactional berkeleydb or QDBM database, you can corrupt the database this way. (Although it is not clear to me if this won't happen anyways if you interrupt the application at the wrong point in time.)

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.