1/* Tries to exploit bug in ppoll mask handling: 2 https://bugs.kde.org/show_bug.cgi?id=359871 3 where client program was able to successfully block VG_SIGVGKILL. */ 4 5#define _GNU_SOURCE /* for ppoll */ 6#include <poll.h> 7#include <pthread.h> 8#include <signal.h> 9#include <stdio.h> 10#include <unistd.h> 11 12static int ready = 0; 13static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; 14static pthread_cond_t cond = PTHREAD_COND_INITIALIZER; 15 16static void * 17mythr(void *ignore) 18{ 19 pthread_mutex_lock(&mutex); 20 ready = 1; 21 pthread_cond_signal(&cond); 22 pthread_mutex_unlock(&mutex); 23 24 sigset_t ss; 25 sigfillset(&ss); 26 while (1) { 27 struct timespec ts = {10000, 0}; 28 ppoll(NULL, 0, &ts, &ss); 29 } 30 31 return NULL; 32} 33 34int 35main() 36{ 37 pthread_t thr; 38 int ret = pthread_create(&thr, NULL, mythr, NULL); 39 if (ret != 0) { 40 fprintf(stderr, "pthread_create failed\n"); 41 return 1; 42 } 43 44 pthread_mutex_lock(&mutex); 45 while (ready == 0) { 46 pthread_cond_wait(&cond, &mutex); 47 } 48 pthread_mutex_unlock(&mutex); 49 50 alarm(1); /* Unhandled SIGALRM should cause exit. */ 51 while (1) 52 sleep(1); 53 54 return 0; 55} 56