-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
rhel-7.9, rhel-8.8.0, rhel-9.4
-
None
-
None
-
None
-
rhel-sst-cs-plumbers
-
ssg_core_services
-
5
-
False
-
-
None
-
Red Hat Enterprise Linux
-
None
-
None
-
None
-
-
All
-
None
Sample reproducer:
#!/bin/ksh trap exit INT while : do value=`echo a` done
The suggested workaround at https://bugzilla.redhat.com/show_bug.cgi?id=1460940#c26 most likely would still fail for the reproducer above, or, still crash for the original crash with reproducer:
#!/bin/ksh f() {( trap "" HUP )} trap "" HUP while [ 1 ] ; do f done
from https://bugzilla.redhat.com/show_bug.cgi?id=1117404
There is no easy approach as strings can come from anywhere, and a blind removal of the if(mode) line in the chunk below
void sh_sigreset(register int mode) { register char *trap; register int flag, sig=sh.st.trapmax; while(sig-- > 0) { if(trap=sh.st.trapcom[sig]) { flag = sh.sigflag[sig]&~(SH_SIGTRAP|SH_SIGSET); if(*trap) { if(mode) free(trap); sh.st.trapcom[sig] = 0;
would cause segfaults as frequently the strings are shared or from static data, the most common case is src/cmd/ksh93/sh/name.c:
#define Empty ((char*)(e_sptbnl+3))
There might different alternatives. A possible solution is a hack, specific to this condition would be to have a hash table that would never release string points, and in the ksh-20120801-trapcom.patch patch use this hash table, so, unless one creates a very specific reproducer to eval different strings, any leak would be minimal, and only the hash table and the trap string.