Project

General

Profile

Backport #4377

popen("-") で、乱数が初期化されない

Added by kosaki (Motohiro KOSAKI) over 8 years ago. Updated about 8 years ago.

Status:
Closed
Priority:
Normal
[ruby-dev:43178]

Description

=begin
昨日akrさんと雑談していて、ふと思い出したので記録のためにチケット化しておきます。
現在、CVE-2003-0900対策としてfork時にはrandom seedを再初期化する(よって親子で
ちがう乱数を生成する)のがRubyの仕様です。

% ruby-192 -ve ' pid=fork(); if pid.nil? then puts rand(); exit end; puts rand()'
ruby 1.9.2p174 (2011-01-28 revision 30696) [x86_64-linux]
0.908191694240406
0.08498496553239665

しかしながら、forkの親戚のpopen("-")ではこの処理が抜けているので、うっかりサーバー系で
popenすると危険です。

% ruby-192 -ve ' io = IO.popen("-"); if io.nil? then puts rand(); exit end; puts io.gets(); puts rand()'
ruby 1.9.2p174 (2011-01-28 revision 30696) [x86_64-linux]
0.3744795359283313
0.3744795359283313

[Bug #4121][ruby-dev:42686] の障害対応で入れた r30364 で一緒に直ります。
=end

Associated revisions

Revision a4dba495
Added by yugui (Yuki Sonoda) about 8 years ago

merges r30364 from trunk into ruby_1_9_2. Fixes #4377.

* io.c (pipe_open): Added rb_thread_atfork(). We must reinitialize
  GVL at new process creation.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31850 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 31850
Added by yugui (Yuki Sonoda) about 8 years ago

merges r30364 from trunk into ruby_1_9_2. Fixes #4377.

* io.c (pipe_open): Added rb_thread_atfork(). We must reinitialize
  GVL at new process creation.

History

#1

Updated by shyouhei (Shyouhei Urabe) over 8 years ago

  • Status changed from Open to Assigned
#2

Updated by yugui (Yuki Sonoda) about 8 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r31850.
Motohiro, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


merges r30364 from trunk into ruby_1_9_2. Fixes #4377.

* io.c (pipe_open): Added rb_thread_atfork(). We must reinitialize
  GVL at new process creation.

Also available in: Atom PDF