From 42216742cd69e52e70aeb1d14498a8145872de52 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Tue, 15 Dec 2015 23:20:36 -0500 Subject: [PATCH] fix crash when signal number 0 is passed to sigaction this error case was overlooked in the old range checking logic. new check is moved out of __libc_sigaction to the public wrapper in order to unify the error path and reduce code size. --- src/signal/sigaction.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/signal/sigaction.c b/src/signal/sigaction.c index ab23a6f2..6eca06f1 100644 --- a/src/signal/sigaction.c +++ b/src/signal/sigaction.c @@ -17,10 +17,6 @@ void __get_handler_set(sigset_t *set) int __libc_sigaction(int sig, const struct sigaction *restrict sa, struct sigaction *restrict old) { struct k_sigaction ksa, ksa_old; - if (sig >= (unsigned)_NSIG) { - errno = EINVAL; - return -1; - } if (sa) { if ((uintptr_t)sa->sa_handler > 1UL) { a_or_l(handler_set+(sig-1)/(8*sizeof(long)), @@ -57,7 +53,7 @@ int __libc_sigaction(int sig, const struct sigaction *restrict sa, struct sigact int __sigaction(int sig, const struct sigaction *restrict sa, struct sigaction *restrict old) { - if (sig-32U < 3) { + if (sig-32U < 3 || sig-1U >= _NSIG-1) { errno = EINVAL; return -1; } -- 2.25.1