From 51112221eeb31ced907f0dfcf077582996c20c07 Mon Sep 17 00:00:00 2001
From: nicm <nicm>
Date: Wed, 12 Jul 2017 10:04:51 +0000
Subject: Block signals between forking and clearing signal handlers (or
 calling event_reinit) - if the child gets a signal and fires the libevent
 signal handler during this period it could write a signal into the parent's
 signal pipe. GitHub issue 1001 from Aaron van Geffen.

---
 server.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'server.c')

diff --git a/server.c b/server.c
index aa2afb1d..3bb5f56b 100644
--- a/server.c
+++ b/server.c
@@ -141,21 +141,24 @@ server_start(struct tmuxproc *client, struct event_base *base, int lockfd,
 {
 	int		 pair[2];
 	struct job	*job;
+	sigset_t	 set, oldset;
 
 	if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pair) != 0)
 		fatal("socketpair failed");
 
+	sigfillset(&set);
+	sigprocmask(SIG_BLOCK, &set, &oldset);
 	switch (fork()) {
 	case -1:
 		fatal("fork failed");
 	case 0:
 		break;
 	default:
+		sigprocmask(SIG_SETMASK, &oldset, NULL);
 		close(pair[1]);
 		return (pair[0]);
 	}
 	close(pair[0]);
-
 	if (daemon(1, 0) != 0)
 		fatal("daemon failed");
 	proc_clear_signals(client);
@@ -163,6 +166,7 @@ server_start(struct tmuxproc *client, struct event_base *base, int lockfd,
 		fatalx("event_reinit failed");
 	server_proc = proc_start("server");
 	proc_set_signals(server_proc, server_signal);
+	sigprocmask(SIG_SETMASK, &oldset, NULL);
 
 	if (log_get_level() > 1)
 		tty_create_log();
-- 
cgit