[Bug 1637026] Re: kill incorrectly parses negative PIDs
dann frazier
dann.frazier at canonical.com
Fri Nov 4 09:19:20 UTC 2016
root at procpstest:~# strace -f -o /tmp/strace.out su dannf -c '/bin/kill -12'
root at procpstest:~# grep kill /tmp/strace.out
2623 execve("/bin/su", ["su", "dannf", "-c", "/bin/kill -12"], [/* 11 vars */]) = 0
2628 execve("/bin/bash", ["bash", "-c", "/bin/kill -12"], [/* 17 vars */]) = 0
2628 execve("/bin/kill", ["/bin/kill", "-12"], [/* 17 vars */]) = 0
2628 kill(-12, SIGUSR2) = -1 ESRCH (No such process)
root at procpstest:~#
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/1637026
Title:
kill incorrectly parses negative PIDs
Status in procps package in Ubuntu:
Fix Released
Status in procps source package in Xenial:
Fix Committed
Bug description:
[Impact]
When kill is called with a negative argument, incorrect parsing can lead it to call sys_kill(-1), thus sending a signal to all permitted processes on the system. A couple of users have hit this while deploying Hadoop, which seems to tickle this - basically killing everything on the system.
[Test Case]
Though I don't know what Hadoop is calling, here's a couple of ways to trigger this:
One possibility is if kill were called w/ a numeric signal that
happened to start with a '1' and while omitting the required <pid>
argument:
kill -12
Another would be to specify a numeric signal (that again happened to
start with a 1) multiple times:
kill -13 -13 12345
[Regression Risk]
This is a backport from upstream that is already available in 16.10, with no known regressions.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1637026/+subscriptions
More information about the foundations-bugs
mailing list