Index: trunk/configure.ac =================================================================== --- trunk/configure.ac (revision 234) +++ trunk/configure.ac (revision 235) @@ -12,5 +12,5 @@ dnl start dnl -AM_INIT_AUTOMAKE(samhain, 2.5.6) +AM_INIT_AUTOMAKE(samhain, 2.5.7) AC_DEFINE([SAMHAIN], 1, [Application is samhain]) AC_CANONICAL_HOST Index: trunk/docs/Changelog =================================================================== --- trunk/docs/Changelog (revision 234) +++ trunk/docs/Changelog (revision 235) @@ -1,2 +1,6 @@ +2.5.7: + * fix potential deadlock when external programm is called + (problem reported by A. Dunkel) + 2.5.6: * recognize fdesc filesystem on MacOS X for suid check (Problem Index: trunk/src/sh_entropy.c =================================================================== --- trunk/src/sh_entropy.c (revision 234) +++ trunk/src/sh_entropy.c (revision 235) @@ -567,10 +567,14 @@ if (source->pid == (pid_t) 0) { + int val_return; /* child - make read side of the pipe stdout */ - if (retry_aud_dup2(FIL__, __LINE__, - pipedes[STDOUT_FILENO], STDOUT_FILENO) < 0) - aud__exit(FIL__, __LINE__, EXIT_FAILURE); + do { + val_return = dup2 (pipedes[STDOUT_FILENO], STDOUT_FILENO); + } while (val_return < 0 && errno == EINTR); + + if (val_return < 0) + _exit(EXIT_FAILURE); /* close the pipe descriptors @@ -602,12 +606,13 @@ if (NULL != tempres) { - i = aud_setgid(FIL__, __LINE__, tempres->pw_gid); + i = setgid(tempres->pw_gid); if (i == 0) i = sh_unix_initgroups(DEFAULT_IDENT ,tempres->pw_gid); if (i == 0) - i = aud_setuid(FIL__, __LINE__, tempres->pw_uid); + i = setuid(tempres->pw_uid); /* make sure we cannot get root again */ - if ((tempres->pw_uid != 0) && (aud_setuid(FIL__, __LINE__, 0) >= 0)) + if ((tempres->pw_uid != 0) && + (setuid(0) >= 0)) i = -1; } else { @@ -622,5 +627,5 @@ */ if (i == -1) { - aud__exit(FIL__, __LINE__, EXIT_FAILURE); + _exit(EXIT_FAILURE); } @@ -629,10 +634,12 @@ /* exec the program */ - retry_aud_execve (FIL__, __LINE__, _("/bin/sh"), arg, envp); + do { + val_return = execve (_("/bin/sh"), arg, envp); + } while (val_return < 0 && errno == EINTR); } /* failed */ - aud__exit(FIL__, __LINE__, EXIT_FAILURE); + _exit(EXIT_FAILURE); } Index: trunk/src/sh_extern.c =================================================================== --- trunk/src/sh_extern.c (revision 234) +++ trunk/src/sh_extern.c (revision 235) @@ -185,5 +185,5 @@ * -- check whether the checksum is correct; with linux emulate fdexec */ -#if !defined(__linux__) && !defined(SL_DEBUG) +#if ( !defined(__linux__) || ( defined(__linux__) && defined(HAVE_PTHREAD)) ) && !defined(SL_DEBUG) if (task->checksum[0] != '\0') { @@ -256,9 +256,9 @@ if (S_TRUE == task->fork_twice) { - task->pid = aud_fork(FIL__, __LINE__); + task->pid = fork(); if (task->pid == (pid_t) - 1) { - aud__exit (FIL__, __LINE__, EXIT_FAILURE); + _exit (EXIT_FAILURE); } } @@ -266,4 +266,6 @@ if (task->pid == (pid_t) 0) { + int val_return; + PDBGC_OPEN; PDBGC(1); @@ -274,13 +276,19 @@ if (task->rw == 'w') { - if (retry_aud_dup2(FIL__, __LINE__, - pipedes[STDIN_FILENO], STDIN_FILENO) < 0) - aud__exit(FIL__, __LINE__,EXIT_FAILURE); + do { + val_return = dup2 (pipedes[STDIN_FILENO], STDIN_FILENO); + } while (val_return < 0 && errno == EINTR); + + if (val_return < 0) + _exit(EXIT_FAILURE); } else { - if (retry_aud_dup2(FIL__, __LINE__, - pipedes[STDOUT_FILENO], STDOUT_FILENO) < 0) - aud__exit(FIL__, __LINE__,EXIT_FAILURE); + do { + val_return = dup2 (pipedes[STDOUT_FILENO], STDOUT_FILENO); + } while (val_return < 0 && errno == EINTR); + + if (val_return < 0) + _exit(EXIT_FAILURE); } PDBGC(2); @@ -308,10 +316,10 @@ memset(skey, 0, sizeof(sh_key_t)); - (void) aud_setgid(FIL__, __LINE__,(gid_t) task->run_user_gid); - (void) aud_setuid(FIL__, __LINE__,(uid_t) task->run_user_uid); + (void) setgid((gid_t) task->run_user_gid); + (void) setuid((uid_t) task->run_user_uid); /* make sure we cannot get root again */ - if (aud_setuid(FIL__, __LINE__,0) >= 0) - aud__exit(FIL__, __LINE__,EXIT_FAILURE); + if (setuid(0) >= 0) + _exit(EXIT_FAILURE); } @@ -332,6 +340,8 @@ { PDBGC_S("r"); - (void) retry_aud_dup2 (FIL__, __LINE__, - STDOUT_FILENO, STDERR_FILENO); + do { + val_return = dup2 (STDOUT_FILENO, STDERR_FILENO); + } while (val_return < 0 && errno == EINTR); + (void) fcntl (STDIN_FILENO, F_SETFD, FD_CLOEXEC); /* @@ -347,16 +357,23 @@ * -- emulate an fdexec with checksum testing */ + +#if !defined(HAVE_PTHREAD) if (task->checksum[0] != '\0') +#endif { PDBGC_S("fexecve"); if (task->com_fd != (-1)) { - pfd = retry_aud_dup(FIL__, __LINE__, task->com_fd); + do { + val_return = dup (task->com_fd); + } while (val_return < 0 && errno == EINTR); + pfd = val_return; if (pfd < 0) { - PDBGC_S("fexecve: dup2 failed"); - aud__exit(FIL__, __LINE__, EXIT_FAILURE); + PDBGC_S("fexecve: dup failed"); + _exit(EXIT_FAILURE); } } +#if !defined(HAVE_PTHREAD) else { @@ -372,8 +389,9 @@ { PDBGC_S("fexecve: checksum mismatch"); - aud__exit(FIL__, __LINE__, EXIT_FAILURE); + _exit(EXIT_FAILURE); } pfd = get_the_fd(fd); } +#endif PDBGC(5); @@ -384,9 +402,10 @@ PDBGC_CLOSE; fcntl (pfd, F_SETFD, FD_CLOEXEC); - retry_aud_execve (FIL__, __LINE__, - pname, - (task->argc == 0) ? NULL : task->argv, - (task->envc == 0) ? NULL : task->envv - ); + do { + val_return = execve (pname, + (task->argc == 0) ? NULL : task->argv, + (task->envc == 0) ? NULL : task->envv + ); + } while (val_return < 0 && errno == EINTR); errnum = errno; @@ -398,5 +417,5 @@ /* failed */ - aud__exit(FIL__, __LINE__, EXIT_FAILURE); + _exit(EXIT_FAILURE); } PDBGC_S("fexecve: not working"); @@ -419,9 +438,10 @@ PDBGC(5); PDBGC_CLOSE; - (void) retry_aud_execve (FIL__, __LINE__, - task->command, - (task->argc == 0) ? argp : task->argv, - (task->envc == 0) ? envp : task->envv - ); + do { + val_return = execve (task->command, + (task->argc == 0) ? argp : task->argv, + (task->envc == 0) ? envp : task->envv + ); + } while (val_return < 0 && errno == EINTR); } errnum = errno; @@ -433,5 +453,5 @@ /* failed */ - aud__exit(FIL__, __LINE__, EXIT_FAILURE); + _exit(EXIT_FAILURE); } /* @@ -440,5 +460,5 @@ if (S_TRUE == task->fork_twice) { - aud__exit (FIL__, __LINE__, 0); + _exit (0); } } Index: trunk/src/sh_port2proc.c =================================================================== --- trunk/src/sh_port2proc.c (revision 234) +++ trunk/src/sh_port2proc.c (revision 235) @@ -304,4 +304,13 @@ return 0; } + +void sh_port2proc_finish() +{ + /* Delete old socket list + */ + del_sock_all(); + return; +} + #include @@ -866,4 +875,9 @@ } +void sh_port2proc_finish() +{ + return; +} + #else /* !defined(__linux__) && !defined(__FreeBSD__) */ @@ -886,4 +900,8 @@ } +void sh_port2proc_finish() +{ + return; +} #endif Index: trunk/src/sh_portcheck.c =================================================================== --- trunk/src/sh_portcheck.c (revision 234) +++ trunk/src/sh_portcheck.c (revision 235) @@ -140,4 +140,5 @@ unsigned long * pid, char * user, size_t userlen); extern int sh_port2proc_prepare(); +extern void sh_port2proc_finish(); #endif @@ -1101,4 +1102,6 @@ blacklist_udp = sh_portchk_kill_blacklist (blacklist_udp); blacklist_tcp = sh_portchk_kill_blacklist (blacklist_tcp); + sh_port2proc_finish(); + SH_MUTEX_UNLOCK(mutex_port_check); return 0; Index: trunk/test/test.sh =================================================================== --- trunk/test/test.sh (revision 234) +++ trunk/test/test.sh (revision 235) @@ -432,4 +432,5 @@ rm -f testrc_2 rm -f testrc_22 + rm -f testrc_1ext rm -f ./.samhain_file rm -f ./.samhain_log* Index: trunk/test/testext.sh =================================================================== --- trunk/test/testext.sh (revision 234) +++ trunk/test/testext.sh (revision 235) @@ -20,5 +20,5 @@ # -MAXTEST=1; export MAXTEST +MAXTEST=2; export MAXTEST testext0 () @@ -54,5 +54,5 @@ fi # - ${TOP_SRCDIR}/configure --quiet --enable-debug --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/testrc_1ext --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file + ${TOP_SRCDIR}/configure --quiet --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/testrc_1ext --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file # if test x$? = x0; then @@ -100,4 +100,5 @@ echo "SetChecksum=$CHKSUM" >> testrc_1ext echo "SetFilterOr=ALERT" >> testrc_1ext + echo "CloseCommand" >> testrc_1ext rm -f $PW_DIR/test_ext.res @@ -133,4 +134,25 @@ fi + ORIGINAL="SetChecksum=${CHKSUM}" + REPLACEMENT="SetChecksum=DEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF" + + ex -s "$PW_DIR/testrc_1ext" <