Fix a fork bomb when vi is run from a script and sent Ctrl-Z (#73)

This bug was reported on the old mailing list: https://www.mail-archive.com/[email protected]/msg00207.html A fork bomb can occur when SIGTSTP is sent to the vi editor. Vi must be launched from a script run with exec (tested with BusyBox vi, nvi and vim): $ cat /tmp/foo vi /tmp/bar echo end $ ksh $ chmod +x /tmp/foo $ exec /tmp/foo While in vi, send SIGTSTP using Ctrl-Z src/cmd/ksh93/sh/fault.c: - Only fork after Ctrl-Z if job control is available. The patch used checks 'job.jobcontrol' instead of 'SH_MONITOR': https://git.centos.org/rpms/ksh/blob/c8/f/SOURCES/ksh-20120801-forkbomb.patch
ksh93 · Jul 13, 2020 · 66c955b · 66c955b
1 parent 84e2f6d
commit 66c955b
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 2 deletions.
diff --git a/NEWS b/NEWS
@@ -3,6 +3,11 @@ For full details, see the git log at: https://github.com/ksh93/ksh
 
 Any uppercase BUG_* names are modernish shell bug IDs.
 
+2020-07-13:
+
+- Fixed a fork bomb that could occur when the vi editor was sent SIGTSTP
+  while running in a ksh script.
+
 2020-07-10:
 
 - Fixed a bug that caused types created with 'typeset -T' to throw an error

diff --git a/src/cmd/ksh93/include/version.h b/src/cmd/ksh93/include/version.h
@@ -17,4 +17,4 @@
 *                  David Korn <[email protected]>                   *
 *                                                                      *
 ***********************************************************************/
-#define SH_RELEASE	"93u+m 2020-07-10"
+#define SH_RELEASE	"93u+m 2020-07-13"
diff --git a/src/cmd/ksh93/sh/fault.c b/src/cmd/ksh93/sh/fault.c
@@ -519,7 +519,7 @@ void sh_exit(register int xno)
 	if(pp && pp->mode>1)
 		cursig = -1;
 #ifdef SIGTSTP
-	if(shp->trapnote&SH_SIGTSTP)
+	if((shp->trapnote&SH_SIGTSTP) && job.jobcontrol)
 	{
 		/* ^Z detected by the shell */
 		shp->trapnote = 0;