[Pidgin] #7700: Zephyr with tzc can crash pidgin

[Pidgin]

#7700: Zephyr with tzc can crash pidgin
--------------------+-------------------------------------------------------
 Reporter:  mterry  |        Owner:  seanegan
     Type:  patch   |       Status:  new     
Milestone:          |    Component:  Zephyr  
  Version:  2.4.3   |   Resolution:          
 Keywords:          |  
--------------------+-------------------------------------------------------

Old description:

> 1. Start to add a zephyr account (don't have to register one anywhere,
> just make pidin think you have one)[[BR]]
> 2. Make up some username[[BR]]
> 3. In the Advanced tab, set 'Use tzc' (WITHOUT having tzc actually
> installed or at least have it pointing in the wrong place)[[BR]]
> 4. Click 'Save'[[BR]]
> 5. In the Accounts window, uncheck the account (disable it)[[BR]]
> 6. For me, on my Ubuntu Hardy system, it crashes X (!)
>
> I've attached a patch to improve zephyr's robustness with tzc (against
> Hardy's pidgin, but I checked monotone head, and the code looks the
> same).
>
> It does several things:[[BR]]
> A) Make an exit(1) call after the execvp().  This is what caused my
> crash.  The execvp failed (because I didn't have tzc installed), the
> forked child continued, and did bad things to memory.[[BR]]
> B) More robustly check the return value of select().  It used to be just
> "if (select())", now it's "if (select() > 0)", since a negative value
> indicates an error.[[BR]]
> C) Don't print debugging spew as/after we switch stdout in the forked
> process.  The forked process's stdout is processed as tzc commands.  It
> doesn't make sense to spit out debugging statements to ourselves, only to
> fail to parse it as tzc output.  Better to just return -1 and fail in the
> unlikely scenario that close/dup2 fail.
>
> You may notice a 10 second delay when trying to connect.  This is because
> that's how long we wait for tzc to fail (with a select call).  My patch
> doesn't try to correct that delay, though we could probably try to notice
> that the forked process exited early.

New description:

 1. Start to add a zephyr account (don't have to register one anywhere,
 just make pidin think you have one)
  2. Make up some username
  3. In the Advanced tab, set 'Use tzc' (WITHOUT having tzc actually
 installed or at least have it pointing in the wrong place)
  4. Click 'Save'
  5. In the Accounts window, uncheck the account (disable it)
  6. For me, on my Ubuntu Hardy system, it crashes X (!)

 I've attached a patch to improve zephyr's robustness with tzc (against
 Hardy's pidgin, but I checked monotone head, and the code looks the same).

 It does several things:
  A. Make an exit(1) call after the execvp().  This is what caused my
 crash.  The execvp failed (because I didn't have tzc installed), the
 forked child continued, and did bad things to memory.
  B. More robustly check the return value of select().  It used to be just
 "if (select())", now it's "if (select() > 0)", since a negative value
 indicates an error.
  C. Don't print debugging spew as/after we switch stdout in the forked
 process.  The forked process's stdout is processed as tzc commands.  It
 doesn't make sense to spit out debugging statements to ourselves, only to
 fail to parse it as tzc output.  Better to just return -1 and fail in the
 unlikely scenario that close/dup2 fail.

 You may notice a 10 second delay when trying to connect.  This is because
 that's how long we wait for tzc to fail (with a select call).  My patch
 doesn't try to correct that delay, though we could probably try to notice
 that the forked process exited early.

--

Comment(by rekkanoryo):

 Fixed the formatting to be better WikiFormatting.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/7700#comment:3>
Pidgin <http://pidgin.im>
Pidgin