[pgpool-hackers: 52] Re: [pgpool-II 0000009]: dont call syslog(3) family in signal handler.

Gilles Darold gilles.darold at dalibo.com
Fri Mar 30 21:18:29 JST 2012


Hi Tatsuo,

Le 30/03/2012 12:18, Tatsuo Ishii a écrit :
>> The problem doesn't really come from the syslog patch but from the
>> syslog call inside signal handlers, as it raise signals too. This is a
>> well now coding security problem that allow local users to cause at
>> least a denial of service.
>>
>> The main solution is to ensure that non-reentrant functions are not used
>> in signal handlers, here this is not the case as vsyslog() is not
>> asynchronous safe :
>>
>> child.c
>>
>> /* signal handler for SIGALRM */
>> static RETSIGTYPE authentication_timeout(int sig)
>> {
>>     pool_log("authentication is timeout");
>>     child_exit(1);
>> }
>>
>>
>> The easiest solution is to remove the call to pool_log() within the code
>> above and log the message from the parent process certainly not removing
>> syslog support. Maybe the use of pool_send_frontend_exits() in
>> child_exit() could help. What do you think ?
> I don't see why calling pool_send_frontend_exits() in child_exit()
> helps that. Can you elaborate?

Well that was a very quick and dirty look, I was thinking that perhaps
we can use send_frontend_exits() from child_exit() to send the
information to the parent process. But after taking the time to read
source code it is related to the backend connection, so sorry for the noise.

So we still have to find a solution to print the "authentication timeout
message" outside the signal handler mostly from the parent process. Do
you have an idea on how to proceed ?

-- 
Gilles Darold
http://dalibo.com - http://dalibo.org



More information about the pgpool-hackers mailing list