SIGPIPE not caught in do_atfork_child()
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
nss_ldap |
Fix Released
|
Medium
|
|||
libnss-ldap (Ubuntu) |
Fix Released
|
High
|
Jon Grimm | ||
Trusty |
Fix Released
|
High
|
Jon Grimm | ||
Xenial |
Won't Fix
|
Undecided
|
Unassigned | ||
Yakkety |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
[Impact]
* If a process using libnss-ldap calls fork() and SIGPIPE was blocked,
the atfork() handler in the child process failed to catch the SIGPIPE
as it was supposed to do, that is in the call to do_close_
So that, the uncaught SIGPIPE will be eventually delivered when the
child unblocks signals. This usually make the child process die
unexpectedly.
* This is only reproducible when ldap is configured for STARTTLS.
* Upstream fix has been long integrated.
[Test Case]
* See https:/
[Regression Potential]
* Fix has been upstream since 2010, and limited to path of child
forking, and SIGPIPE is blocked. No consequent bugs or regressions
in the upstream blamed on this change.
[Other Info]
* I'm currently limiting my SRU to trusty, as I'm unable to
recreate the bug on xenial. Even so, I have tested the fixed
code on xenial to ensure there was no regression with the testcase.
* Will look at fixing xenial too, IFF someone comes forward able to
reproduce the bug/validate the fix.
Changed in nss-ldap: | |
importance: | Unknown → Medium |
status: | Unknown → Fix Released |
Changed in libnss-ldap (Ubuntu): | |
importance: | Undecided → High |
status: | New → Triaged |
Changed in libnss-ldap (Ubuntu): | |
assignee: | nobody → Jon Grimm (jgrimm) |
Changed in libnss-ldap (Ubuntu Trusty): | |
assignee: | nobody → Jon Grimm (jgrimm) |
status: | New → Confirmed |
Changed in libnss-ldap (Ubuntu): | |
status: | Triaged → Fix Committed |
description: | updated |
Changed in libnss-ldap (Ubuntu Trusty): | |
status: | Confirmed → In Progress |
Thank you for taking the time to report this bug and helping to make Ubuntu better.
Has this patch gone upstream at all, please? We'd prefer to not have to maintain patches indefinitely.