1 /* Tries to exploit bug in pselect mask handling: 2 https://bugs.kde.org/show_bug.cgi?id=359871 3 where client program was able to successfully block VG_SIGVGKILL. */ 4 5 #include <sys/select.h> 6 #include <assert.h> 7 #include <errno.h> 8 #include <pthread.h> 9 #include <signal.h> 10 #include <stdio.h> 11 #include <unistd.h> 12 13 static int ready = 0; 14 static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; 15 static pthread_cond_t cond = PTHREAD_COND_INITIALIZER; 16 17 static void * 18 mythr(void *ignore) 19 { 20 pthread_mutex_lock(&mutex); 21 ready = 1; 22 pthread_cond_signal(&cond); 23 pthread_mutex_unlock(&mutex); 24 25 sigset_t ss; 26 sigfillset(&ss); 27 while (1) { 28 struct timespec ts = {10000, 0}; 29 pselect(0, NULL, NULL, NULL, &ts, &ss); 30 } 31 32 return NULL; 33 } 34 35 int 36 main() 37 { 38 pthread_t thr; 39 int ret = pthread_create(&thr, NULL, mythr, NULL); 40 if (ret != 0) { 41 fprintf(stderr, "pthread_create failed\n"); 42 return 1; 43 } 44 45 pthread_mutex_lock(&mutex); 46 while (ready == 0) { 47 pthread_cond_wait(&cond, &mutex); 48 } 49 pthread_mutex_unlock(&mutex); 50 51 #if defined(VGO_linux) 52 assert(pselect(0, NULL, NULL, NULL, NULL, (sigset_t *)12) == -1); 53 assert(errno == EFAULT); 54 #endif 55 56 alarm(1); /* Unhandled SIGALRM should cause exit. */ 57 while (1) 58 sleep(1); 59 60 return 0; 61 } 62
