From a9d49e5b15bfe9630351cae15f7ffcab0ffa2ef3 Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Mon, 8 Aug 2016 21:38:06 +0200
Subject: [PATCH] Fix signal race condition

The signal handler for SIGALRM calls longjmp, but the handler is
installed before the jump target has been initialized. If another
process sends SIGALRM right between handler installation and target
initialization, the jump leads to undefined behavior.

This can easily be fixed by moving the signal handler installation
into the "SETJMP == 0" conditional block, which means that the target
has just been initialized.

* src/utils.c: call signal after SETJMP.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
---
 src/utils.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/utils.c b/src/utils.c
index b07da9f4..e42bb8f7 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -2045,13 +2045,16 @@ run_with_timeout (double timeout, void (*fun) (void *), void *arg)
       return false;
     }
 
-  signal (SIGALRM, abort_run_with_timeout);
   if (SETJMP (run_with_timeout_env) != 0)
     {
       /* Longjumped out of FUN with a timeout. */
       signal (SIGALRM, SIG_DFL);
       return true;
     }
+  else
+    {
+      signal (SIGALRM, abort_run_with_timeout);
+    }
   alarm_set (timeout);
   fun (arg);