Setuid sandbox: exit(2) on SIGABRT

The setuid sandbox waits on its one child and then dies
afterwards.

When receiving SIGABRT, instead of dumping core, simply exit the
process. There is no interesting information to be gathered from
knowing that the process is inside waitid(2), one should look at
the child process instead.

This patch is in hope to reduce red herrings.

BUG=334345
TBR=jorgelo@chromium.org

Review URL: https://codereview.chromium.org/166193002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@251271 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 15 insertions, 0 deletions

diff --git a/sandbox/linux/suid/sandbox.c b/sandbox/linux/suid/sandbox.c
index 2dd78ef..78c9e06 100644
--- a/sandbox/linux/suid/sandbox.c
+++ b/sandbox/linux/suid/sandbox.c
@@ -58,6 +58,12 @@ static void FatalError(const char *msg, ...) {
   _exit(1);
 }
 
+static void ExitWithErrorSignalHandler(int signal) {
+  const char msg[] = "\nThe setuid sandbox got signaled, exiting.\n";
+  (void) write(2, msg, sizeof(msg) - 1);
+  _exit(1);
+}
+
 // We will chroot() to the helper's /proc/self directory. Anything there will
 // not exist anymore if we make sure to wait() for the helper.
 //
@@ -195,6 +201,15 @@ static void WaitForChildAndExit(pid_t child_pid) {
   int exit_code = -1;
   siginfo_t reaped_child_info;
 
+  // Don't "Core" on SIGABRT. SIGABRT is sent by the Chrome OS session manager
+  // when things are hanging.
+  // Here, the current process is going to waitid() and _exit(), so there is no
+  // point in generating a crash report. The child process is the one
+  // blocking us.
+  if (signal(SIGABRT, ExitWithErrorSignalHandler) == SIG_ERR) {
+    FatalError("Failed to change signal handler");
+  }
+
   int wait_ret =
     HANDLE_EINTR(waitid(P_PID, child_pid, &reaped_child_info, WEXITED));