From jraynard@dial.pipex.com  Mon Apr 15 14:56:05 1996
Received: from vent.pipex.net (root@vent.pipex.net [158.43.128.5])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id OAA11407
          for <freebsd-gnats-submit@freebsd.org>; Mon, 15 Apr 1996 14:56:02 -0700 (PDT)
Received: from me by vent.pipex.net (8.6.12/PIPEX simple 1.20)
	id WAA18178; Mon, 15 Apr 1996 22:54:27 +0100
Received: (from jraynard@localhost) by me (8.6.12/8.6.12) id SAA01603; Mon, 15 Apr 1996 18:29:55 GMT
Message-Id: <199604151829.SAA01603@me>
Date: Mon, 15 Apr 1996 18:29:55 GMT
From: James Raynard <jraynard@dial.pipex.com>
Reply-To: jraynard@dial.pipex.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: sig{add, del}set and sigismember fns don't check signo
X-Send-Pr-Version: 3.2

>Number:         1144
>Category:       kern
>Synopsis:       sig{add, del}set and sigismember fns don't check signo
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 15 15:00:06 PDT 1996
>Closed-Date:    Wed Apr 15 15:29:32 PDT 1998
>Last-Modified:  Wed Apr 15 15:32:47 PDT 1998
>Originator:     James Raynard
>Release:        FreeBSD 2.1-STABLE i386
>Organization:
A FreeBSD Box
>Environment:

		FreeBSD-2.1.0-RELEASE


>Description:

	According to Stevens (advanced Programming in the Unix 
	Environment, p. 292), POSIX.1 requires that sigaddset,
	sigdelset and sigismember check the signal number argument
	for validity and set errno if it is invalid. FreeBSD's
	implementation of these functions does not comply with
	this.

>How-To-Repeat:

	Look at /usr/src/lib/libc/gen/sigsetops.c and 
	/usr/include/signal.h.

>Fix:
	
	The following patch to /usr/src/lib/libc/gen/sigsetops.c is 
	based on code given by Stevens to demonstrate how to do this 
	if they are implemented as functions. 

	However, FreeBSD also implements them as macros in 
	/usr/include/signal.h, the function versions only being 
	available if the macros are #undef'd. Obviously the macros 
	would be much harder to fix (are they actually necessary, BTW?)

*** sigsetops.c.old     Mon Apr 15 17:39:46 1996
--- sigsetops.c 	Mon Apr 15 17:54:19 1996
***************
*** 38,43 ****
--- 38,44 ----
#endif /* LIBC_SCCS and not lint */
	    
#include <signal.h>
+ #include <errno.h>
		
#undef sigemptyset
#undef sigfillset
***************
*** 45,50 ****
--- 46,53 ----
#undef sigdelset
#undef sigismember
+ #define SIGBAD(signo) ((signo) <= 0 || (signo) >= NSIG)
+ 
  sigemptyset(set)
         sigset_t *set;
  {
***************
*** 63,68 ****
--- 66,73 ----
        sigset_t *set;
        int signo;
  {
+       if (SIGBAD (signo)) { errno = EINVAL; return (-1); }
+ 
        *set |= sigmask(signo);
        return (0);
  }
***************
*** 71,76 ****
--- 76,83 ----
	sigset_t *set;
	int signo;
  {
+       if (SIGBAD (signo)) { errno = EINVAL; return (-1); }
+ 
	*set &= ~sigmask(signo);
	return (0);
   }
***************
*** 79,83 ****
--- 86,92 ----
        const sigset_t *set;
	int signo;
  {
+       if (SIGBAD (signo)) { errno = EINVAL; return (-1); }
+ 
        return ((*set & ~sigmask(signo)) != 0);
  }

>Release-Note:
>Audit-Trail:

From: Bill Fenner <fenner@parc.xerox.com>
To: FreeBSD-gnats-submit@freebsd.org, jraynard@dial.pipex.com
Cc:  Subject: Re:  kern/1144: sig{add, del}set and sigismember fns don't check signo
Date: Mon, 15 Apr 1996 16:02:59 PDT

 >Obviously the macros would be much harder to fix
 
 Would they?  How about
 
 #define sigaddset(set, signo)   (((signo) <= 0 || (signo) >= NSIG) ?
 					(errno = EINVAL, -1) :
 					(*(set) |= 1 << ((signo) - 1), 0))
 
 (untested, as usual)
 
   Bill
State-Changed-From-To: open->analyzed 
State-Changed-By: wosch 
State-Changed-When: Tue Sep 24 17:21:16 PDT 1996 
State-Changed-Why:  
Analyzed by Bill Fenner <fenner@parc.xerox.com> 

State-Changed-From-To: analyzed->suspended 
State-Changed-By: phk 
State-Changed-When: Mon Apr 13 01:56:33 PDT 1998 
State-Changed-Why:  
-> suspended 
State-Changed-From-To: suspended->closed 
State-Changed-By: jraynard 
State-Changed-When: Wed Apr 15 15:29:32 PDT 1998 
State-Changed-Why:  
The possible cures appear worse than the disease. 
>Unformatted:
