[Bug 1507681] Re: killall with 65 arguments kills more than expected

Mon May 30 12:35:32 UTC 2016

SRU-Template:

[Impact]

 * killall with exactly 65 (33 in 32-bit environments) arguments can kill random processes
 * this can be accidentially or even maliciously used to kill processes
 * root casue is an off-by-one error

[Test Case]

 * as seen in the bug description above, but please note that this triggers the bug only sometimes (1/3 of my tries)
   ps xa | wc -l
   for i in `seq 1 65`; do touch ~/tmp_tasks/test$i; done;
   for i in `seq 1 65`; do echo ~/tmp_tasks/test$i; done | xargs killall
   ps xa | wc -l

[Regression Potential]

 * there should be no/minimal regression Potential
   - the fix itself is minimal
   - no solution (other than maybe exploits) should rely on this behaviour

** Changed in: psmisc (Ubuntu Precise)
       Status: Triaged => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1507681

Title:
  killall with 65 arguments kills more than expected

Status in psmisc package in Ubuntu:
  Fix Released
Status in psmisc source package in Precise:
  In Progress

Bug description:
  killall in Precise is supposed to limit the number of arguments to 64,
  but due to a fencepost error, 66 arguments will be blocked but 65 is
  not.

  With 65 arguments, the behavior varies, but in some cases will send a
  signal to random processes.

  # ps xa | wc -l
  164

  # mkdir ~/tmp_tasks/
  # for i in `seq 1 65`; do touch ~/tmp_tasks/test$i; done;

  # for i in `seq 1 65`; do echo ~/tmp_tasks/test$i; done  | xargs killall
  Connection to 198.18.88.176 closed by remote host.
  Connection to 198.18.88.176 closed.

  # ps xa | wc -l
  126

  This is fixed upstream and at the very least trusty works fine.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/psmisc/+bug/1507681/+subscriptions