[master] b7d42dd Use a separate segment for the sigaltstack

Nils Goroll nils.goroll at uplex.de
Mon Sep 4 20:01:06 CEST 2017


commit b7d42dd543688436a3a594878380d92680a8f7f0
Author: Nils Goroll <nils.goroll at uplex.de>
Date:   Mon Sep 4 19:55:10 2017 +0200

    Use a separate segment for the sigaltstack
    
    Having a stack on the heap just feels unclean, also this way we have a chance
    to get a red zone adjacent to the mapping just in case we manage to overflow
    the alt stack also.
    
    Ref: #2396

diff --git a/bin/varnishd/mgt/mgt_child.c b/bin/varnishd/mgt/mgt_child.c
index 76103e2..907df0d 100644
--- a/bin/varnishd/mgt/mgt_child.c
+++ b/bin/varnishd/mgt/mgt_child.c
@@ -85,6 +85,7 @@ static struct vlu	*child_std_vlu;
 static struct vsb *child_panic = NULL;
 
 #ifdef HAVE_SIGALTSTACK
+#include <sys/mman.h>
 stack_t altstack;
 #endif
 
@@ -372,7 +373,10 @@ mgt_launch_child(struct cli *cli)
 			size_t sz = SIGSTKSZ + 4096;
 			if (sz < mgt_param.wthread_stacksize)
 				sz = mgt_param.wthread_stacksize;
-			altstack.ss_sp = malloc(sz);
+			altstack.ss_sp = mmap(NULL, sz,  PROT_READ | PROT_WRITE,
+					      MAP_PRIVATE | MAP_ANONYMOUS,
+					      -1, 0);
+			AN(altstack.ss_sp != MAP_FAILED);
 			AN(altstack.ss_sp);
 			altstack.ss_size = sz;
 			altstack.ss_flags = 0;



More information about the varnish-commit mailing list