Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #14691
| Path | csiph.com!goblin3!goblin1!goblin.stu.neva.ru!usenet.stanford.edu!not-for-mail |
|---|---|
| From | Mike Gerwitz <mtg@gnu.org> |
| Newsgroups | gnu.bash.bug |
| Subject | Re: Segfault on recursive trap/kill |
| Date | Sat, 06 Oct 2018 19:53:25 -0400 |
| Lines | 60 |
| Approved | bug-bash@gnu.org |
| Message-ID | <mailman.1777.1538870104.1284.bug-bash@gnu.org> (permalink) |
| References | <8736tj3llu.fsf@gnu.org> <25389056-9fcf-1d31-36d8-13098769a43a@case.edu> |
| NNTP-Posting-Host | lists.gnu.org |
| Mime-Version | 1.0 |
| Content-Type | multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" |
| X-Trace | usenet.stanford.edu 1538870105 32719 208.118.235.17 (6 Oct 2018 23:55:05 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| Cc | bug-bash@gnu.org |
| To | Chet Ramey <chet.ramey@case.edu> |
| Envelope-to | bug-bash@gnu.org |
| In-Reply-To | <25389056-9fcf-1d31-36d8-13098769a43a@case.edu> (Chet Ramey's message of "Sat, 6 Oct 2018 12:33:22 -0400") |
| User-Agent | Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) |
| OpenPGP | id=22175B02E626BC98D7C0C2E5F22BB8158EE30EAB |
| X-detected-operating-system | by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] |
| X-Received-From | 2001:4830:134:3::e |
| X-BeenThere | bug-bash@gnu.org |
| X-Mailman-Version | 2.1.21 |
| Precedence | list |
| List-Id | Bug reports for the GNU Bourne Again SHell <bug-bash.gnu.org> |
| List-Unsubscribe | <https://lists.gnu.org/mailman/options/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=unsubscribe> |
| List-Archive | <http://lists.gnu.org/archive/html/bug-bash/> |
| List-Post | <mailto:bug-bash@gnu.org> |
| List-Help | <mailto:bug-bash-request@gnu.org?subject=help> |
| List-Subscribe | <https://lists.gnu.org/mailman/listinfo/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=subscribe> |
| Xref | csiph.com gnu.bash.bug:14691 |
Show key headers only | View raw
[Multipart message — attachments visible in raw view] - view raw
On Sat, Oct 06, 2018 at 12:33:22 -0400, Chet Ramey wrote:
> On 10/5/18 9:33 PM, Mike Gerwitz wrote:
>> The following code will cause a segfault on bash-4.4.19(1) on
>> GNU Guix. I reproduced the issue on an old Ubuntu 14.04 LTS running
>> bash-4.3.11(1) as well as a Trisquel system running the same version.
>>
>> bash -c 'trap "kill 0" TERM; kill 0'
>>
>> Also segfaults when replacing `0' with `$$', and presumably in any other
>> situation that would trigger the trap recursively.
>
> Yes. Bash has allowed recursive trap handlers since early 2014 (pre-4.3)
> due to requests for the feature and compatibility with other shells that
> allow it.
>
> If you manage to create infinite recursion, bash won't stop you.
Sure, I agree that the feature is useful, but are you saying that
terminating with a segfault is the intended behavior for runaway
recursion? Upon further inspection, it does look like
`foo() { foo; }; foo' also causes a segfault, so the behavior is
consistent with trap recursion.
As long as there is no exploitable flaw here, then I suppose this isn't
a problem; it's just that most users assume that a segfault represents a
problem with the program (unless they're dealing with their own memory
management). I haven't inspected the code to see if this is an access
violation or if Bash is intentionally signaling SIGSEGV.
In any case, thanks for the reply.
--
Mike Gerwitz
Back to gnu.bash.bug | Previous | Next | Find similar | Unroll thread
Re: Segfault on recursive trap/kill Mike Gerwitz <mtg@gnu.org> - 2018-10-06 19:53 -0400
csiph-web