Bug/Array index out of bounds

Hendrik Baecker andurin at process-zero.de
Tue Jun 30 22:24:43 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Andreas Ericsson schrieb:
> Tilo Renz wrote:
>> Analyzing the code from ndoutils-1.4b7 I found another error.
>> In ndoutils-1.4b7/src/ndo2db.c:625  _one_ childprocess-status is cleared.
>> But before the signalhandler is executed another child may have finished its job. 
>> There won't be a second signal for it, as a SIGCHLD is already pending. 
>> One of the two child processes will remain an uncleared zombie until somebody terminates the ndo2db-daemon.
>> Possible Fix:
>> current code:
>> 623		/* cleanup children that exit, so we don't have zombies */
>> 624		if(sig==SIGCHLD){
>> 625			waitpid(-1,NULL,WNOHANG);
>> 626			return;
>> 627		        }
>>
>> should become something like:
>> 623		/* cleanup children that exit, so we don't have zombies */
>> 624		if(sig==SIGCHLD){
>> 625			while( waitpid(-1,NULL,WNOHANG)>0 ) ;
>> 626			return;
>> 627		        }
>>
>> Nagios itself does not contain this flaw. Most times waitpid is called with an explicit
>> pid and without WNOHANG. In events.c:988 waitpid(-1,NULL,WNOHANG) is called, but protected
>> with the suggested while-loop.)
>>
> 
> This is a real bug though. I'll make sure this comes to Ethan's attention.
> Thanks for reporting this.
> 

Patch just applied to CVS.
Thanks for this.

- -
Hendrik
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkpKdIsACgkQlI0PwfxLQjn2bwCfcNfNslWng+vOXcQJiozmhElZ
6K4An1DoRY/xx7tOadE2ozsipUVYEacF
=cNpW
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------




More information about the Developers mailing list