git.samba.org - samba.git/commit

author	Volker Lendecke <vl@samba.org>
	Tue, 18 May 2021 06:32:45 +0000 (08:32 +0200)
committer	Ralph Boehme <slow@samba.org>
	Tue, 18 May 2021 10:42:32 +0000 (10:42 +0000)
commit	adef87a621b17baf746d12f991c60a8a3ffcfcd3
tree	c6dcd8bc08cc03ca98d2dae98426b721d09e5528	tree
parent	f320d1a7ab0f81eefdb28b36bfe346eacb8980de	commit \| diff

ctdb: Fix a crash in run_proc_signal_handler()

If a script times out the caller can talloc_free() the script_list
output of run_event_recv, which talloc_free's proc->output from
run_proc.c as well. If the script generates further output after the
timeout and then exits after a while, the SIGCHLD handler in the
eventd tries to read into proc->output, which was already free'ed.

Fix this by not doing just a talloc_steal but a talloc_move. This way
proc_read_handler() called from run_proc_signal_handler() does not try
to realloc the stale reference to proc->output but gets a NULL
reference.

I don't really know how to do a knownfail in ctdb, so this commit
actually activates catching the signal by waiting long enough for
22.bar to exit and generate the SIGCHLD.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14475
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

ctdb/common/run_proc.c		diff \| blob \| history
ctdb/tests/src/run_event_test.c		diff \| blob \| history