1 /* Tries to exploit bug in ppoll mask handling: 2 https://bugs.kde.org/show_bug.cgi?id=359871 3 where client program was able to successfully block VG_SIGVGKILL. */ 4 5 #define _GNU_SOURCE /* for ppoll */ 6 #include <poll.h> 7 #include <pthread.h> 8 #include <signal.h> 9 #include <stdio.h> 10 #include <unistd.h> 11 12 static int ready = 0; 13 static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; 14 static pthread_cond_t cond = PTHREAD_COND_INITIALIZER; 15 16 static void * mythr(void * ignore)17mythr(void *ignore) 18 { 19 pthread_mutex_lock(&mutex); 20 ready = 1; 21 pthread_cond_signal(&cond); 22 pthread_mutex_unlock(&mutex); 23 24 sigset_t ss; 25 sigfillset(&ss); 26 while (1) { 27 struct timespec ts = {10000, 0}; 28 ppoll(NULL, 0, &ts, &ss); 29 } 30 31 return NULL; 32 } 33 34 int main()35main() 36 { 37 pthread_t thr; 38 int ret = pthread_create(&thr, NULL, mythr, NULL); 39 if (ret != 0) { 40 fprintf(stderr, "pthread_create failed\n"); 41 return 1; 42 } 43 44 pthread_mutex_lock(&mutex); 45 while (ready == 0) { 46 pthread_cond_wait(&cond, &mutex); 47 } 48 pthread_mutex_unlock(&mutex); 49 50 alarm(1); /* Unhandled SIGALRM should cause exit. */ 51 while (1) 52 sleep(1); 53 54 return 0; 55 } 56