[PATCH 0/6] Buffer fuzzing and pipe deadlock fixes

Ian Jackson ijackson at chiark.greenend.org.uk
Mon Sep 22 16:45:07 BST 2014

I used and developed these 6 patches while testing the proper fix (as
in 0.3.4) to the recent buffer bugs:

 1/6 fds: Provide cloexec() and use it in udp.c
 2/6 fds: Set cloexec on logging pipe reading end
 3/6 slip: Do not malloc the userv activation context
 4/6 slip: Use c_stdin and c_stdout in er everywhere
 5/6 slip: Close and cloexec fds as appropriate
 6/6 test-example: Provide a fuzzer for the slip decoder

The fuzzer almost instantly reproduces the bug in 0.3.3, and
works with 0.3.4.

Without the fd handling fixes, I found that the fuzzer would hang
after secnet crashed, leaving the process group deadlocked.  The fd
handling fixes are _not_ included in 0.3.4, because I felt it best not
to send stuff like that out in an urgent security fix.

More information about the sgo-software-discuss mailing list