group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1637026] [NEW] kill incorrectly parses negative PIDs

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: dann frazier <dann.frazier@xxxxxxxxxxxxx>
Date: Thu, 27 Oct 2016 00:19:53 -0000
Reply-to: Bug 1637026 <1637026@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

[Impact]
When kill is called with a negative argument, incorrect parsing can lead it to call sys_kill(-1), thus sending a signal to all permitted processes on the system. A couple of users have hit this while deploying Hadoop, which seems to tickle this - basically killing everything on the system.

[Test Case]
Though I don't know what Hadoop is calling, here's a couple of ways to trigger this:

One possibility is if kill were called w/ a numeric signal that
happened to start with a '1' and while omitting the required <pid>
argument:

kill -12

Another would be to specify a numeric signal (that again happened to
start with a 1) multiple times:
kill -13 -13 12345

[Regression Risk]
This is a backport from upstream that is already available in 16.10, with no known regressions.

** Affects: procps (Ubuntu)
     Importance: Undecided
         Status: Fix Released

** Affects: procps (Ubuntu Xenial)
     Importance: High
     Assignee: dann frazier (dannf)
         Status: In Progress

** Also affects: procps (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Changed in: procps (Ubuntu)
       Status: New => Fix Released

** Changed in: procps (Ubuntu Xenial)
       Status: New => In Progress

** Changed in: procps (Ubuntu Xenial)
   Importance: Undecided => High

** Changed in: procps (Ubuntu Xenial)
     Assignee: (unassigned) => dann frazier (dannf)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1637026

Title:
  kill incorrectly parses negative PIDs

Status in procps package in Ubuntu:
  Fix Released
Status in procps source package in Xenial:
  In Progress

Bug description:
  [Impact]
  When kill is called with a negative argument, incorrect parsing can lead it to call sys_kill(-1), thus sending a signal to all permitted processes on the system. A couple of users have hit this while deploying Hadoop, which seems to tickle this - basically killing everything on the system.

  [Test Case]
  Though I don't know what Hadoop is calling, here's a couple of ways to trigger this:

  One possibility is if kill were called w/ a numeric signal that
  happened to start with a '1' and while omitting the required <pid>
  argument:

  kill -12

  Another would be to specify a numeric signal (that again happened to
  start with a 1) multiple times:
  kill -13 -13 12345

  [Regression Risk]
  This is a backport from upstream that is already available in 16.10, with no known regressions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1637026/+subscriptions

Follow ups

[Bug 1637026] Re: kill incorrectly parses negative PIDs
From: Launchpad Bug Tracker, 2016-11-18