21-Dec-85 20:10:35-MST,1374;000000000001
Return-Path: <[email protected]>
Received: from BRL-TGR.ARPA by SIMTEL20.ARPA with TCP; Sat 21 Dec 85 20:10:31-MST
Received: from usenet by TGR.BRL.ARPA id a025820; 21 Dec 85 21:41 EST
From: Ken Lalonde <[email protected]>
Newsgroups: net.sources.bugs
Subject: Serious bug in "zonk"
Message-ID: <[email protected]>
Date: 20 Dec 85 11:32:47 GMT
To:       [email protected]

Last September I posted the code and support programs for "zonk", a
kill-by-uid system call.  There is a bug in the system call code that
can cause a signal to be sent to as-yet unborn processes.
The corrected code follows.

--

/*
*  Zonk system call - apply a signal to every process owned by a user.
*  A count of the affected processes is returned.
*  If passed signal zero, no signal is sent; only the count is returned.
*/
zonk()
{
       struct a {
               int     uid;
               int     sig;
       } *uap = (struct a *)u.u_ap;
       register int sig = uap->sig;
       register int count, uid;
       register struct proc *p;

       if ((uid = uap->uid) != u.u_uid && !suser())
               return;
       if (uid == 0 && sig || (unsigned)sig >= NSIG) {
               u.u_error = EINVAL;
               return;
       }
       for (count = 0, p = proc; p < procNPROC; p++) {
               if (p->p_stat == NULL)
                       continue;
               if (p->p_uid != uid)
                       continue;
               if (sig)
                       psignal(p, sig);
               count++;
       }
       u.u_r.r_val1 = count;
}

You are viewing proxied material from gopher.quux.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.