I remove pending signals completely, they are not useless, they are

dangerous! Signal handlers themself must be fixed to not call malloc,
but no pended handlers, it will be correct fix. In finite case each signal
handler can set some variable which will be analized later, but calling
handler functions manually is too dangerous (f.e. signals not blocked while
the handler or handlers switch executed in this case). Of course this
code can be fixed instead of removing, but it not worth fixing in any case.

Should go into 2.2

In addition sig.c code shows following dangerous fragments (there can be more,
but I stop after two):

This fragment

    if (fn == SIG_DFL || fn == SIG_IGN) {
	handler[sig-1] = (sig_type)0;
	<------------- here
        signal(sig,fn);
    } else {

cause NULL pointer reference when signal comes
"here", but more worse fragment is below:

void handle_signals() {
    int sig;

    if (caused)
       for (sig=0; sig<__MAXSIG; sig++, caused>>=1)
           if (caused&1)
               (*handler[sig])(sig+1);
}

caused is bitmask which set corresponding bit on each signal coming.
And now imagine, what happens when some signal comes (bit sets) while loop
is executed (see caused>>=1 !!!)

In this light carrier drop situation was (as gdb shows)
1. SIGSEGV in handle_signals because some junk called as *handler reference.
2. Since SIGSEGV was pended too (== never happens),
it can cause various range of disasters.

usr.sbin/ppp/Makefile

@@ -1,11 +1,11 @@
-#	$Id$
+#	$Id: Makefile,v 1.14 1997/02/22 16:09:55 peter Exp $
 
 PROG=	ppp
 SRCS=	async.c auth.c ccp.c chap.c chat.c command.c filter.c fsm.c hdlc.c \
 	ip.c ipcp.c lcp.c lqr.c log.c main.c mbuf.c modem.c os.c \
 	pap.c pred.c route.c slcompress.c timer.c systems.c uucplock.c vars.c \
 	vjcomp.c arp.c alias.c alias_db.c alias_ftp.c alias_util.c \
-	passwdauth.c sig.c
+	passwdauth.c
 #CFLAGS+= -DHAVE_SHELL_CMD_WITH_ANY_MODE
 CFLAGS += -Wall -DUSE_PERROR -DMSEXT -DPASSWDAUTH
 LDADD += -lmd -lcrypt -lutil

usr.sbin/ppp/chat.c

@@ -18,7 +18,7 @@
  *		Columbus, OH  43221
  *		(614)451-1883
  *
- * $Id: chat.c,v 1.18 1997/03/08 10:04:11 ache Exp $
+ * $Id: chat.c,v 1.19 1997/03/08 12:15:58 ache Exp $
  *
  *  TODO:
  *	o Support more UUCP compatible control sequences.
@@ -36,7 +36,6 @@
 #include <errno.h>
 #include <sys/cdefs.h>
 #include <signal.h>
-#include "sig.h"
 #include <sys/wait.h>
 #include "timeout.h"
 #include "vars.h"

usr.sbin/ppp/main.c

@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: main.c,v 1.34 1997/03/08 10:04:21 ache Exp $
+ * $Id$
  *
  *	TODO:
  *		o Add commands for traffic summary, version display, etc.
@@ -28,9 +28,7 @@
 #include <paths.h>
 #include <sys/time.h>
 #include <termios.h>
-#include <sys/cdefs.h>
 #include <signal.h>
-#include "sig.h"
 #include <sys/wait.h>
 #include <errno.h>
 #include <netdb.h>
@@ -213,8 +211,8 @@ int signo;
 static void
 TerminalCont()
 {
-  pending_signal(SIGCONT, SIG_DFL);
-  pending_signal(SIGTSTP, TerminalStop);
+  (void)signal(SIGCONT, SIG_DFL);
+  (void)signal(SIGTSTP, TerminalStop);
   TtyCommandMode(getpgrp() == tcgetpgrp(0));
 }
 
@@ -222,9 +220,9 @@ static void
 TerminalStop(signo)
 int signo;
 {
-  pending_signal(SIGCONT, TerminalCont);
+  (void)signal(SIGCONT, TerminalCont);
   TtyOldMode();
-  pending_signal(SIGTSTP, SIG_DFL);
+  signal(SIGTSTP, SIG_DFL);
   kill(getpid(), signo);
 }
 
@@ -364,13 +362,13 @@ char **argv;
   if(mode & MODE_INTER)
     {
 #ifdef SIGTSTP
-      pending_signal(SIGTSTP, TerminalStop);
+      signal(SIGTSTP, TerminalStop);
 #endif
 #ifdef SIGTTIN
-      pending_signal(SIGTTIN, TerminalStop);
+      signal(SIGTTIN, TerminalStop);
 #endif
 #ifdef SIGTTOU
-      pending_signal(SIGTTOU, SIG_IGN);
+      signal(SIGTTOU, SIG_IGN);
 #endif
     }
 
@@ -792,8 +790,6 @@ DoLoop()
 #ifndef SIGALRM
     usleep(TICKUNIT);
     TimerService();
-#else
-    handle_signals();
 #endif
 
     /* If there are aren't many packets queued, look for some more. */
@@ -829,8 +825,7 @@ DoLoop()
 
     if ( i < 0 ) {
        if ( errno == EINTR ) {
-          handle_signals();
-          continue;
+          continue;            /* Got a signal - should have been dealt with */
        }
        perror("select");
        break;

usr.sbin/ppp/sig.c

@@ -1,91 +0,0 @@
-/*-
- * Copyright (c) 1997
- *	Brian Somers <brian@awfulhak.demon.co.uk>.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $Id: sig.c,v 1.3 1997/02/23 20:01:19 brian Exp $
- *
- *  TODO:
- *
- */
-
-#include <sys/cdefs.h>
-#include "sig.h"
-#include <sys/types.h>
-#include <signal.h>
-#include "mbuf.h"
-#include "log.h"
-
-#define __MAXSIG (32)		/* Sizeof u_long: Make life convenient.... */
-static u_long caused;				/* A mask of pending signals */
-static sig_type handler[ __MAXSIG ];	/* all start at SIG_DFL */
-
-
-/* Record a signal in the "caused" mask */
-
-static void signal_recorder(int sig) {
-    if (sig > 0 && sig <= __MAXSIG)
-        caused |= (1<<(sig-1));
-}
-
-
-/*
-    set up signal_recorder, and record handler as the function to ultimately
-    call in handle_signal()
-*/
-
-sig_type pending_signal(int sig,sig_type fn) {
-    sig_type Result;
-
-    if (sig <= 0 || sig > __MAXSIG) {
-	/* Oops - we must be a bit out of date (too many sigs ?) */
-        logprintf("Eeek! %s:%s: I must be out of date!\n",__FILE__,__LINE__);
-        return signal(sig,fn);
-    }
-
-    Result = handler[sig-1];
-    if (fn == SIG_DFL || fn == SIG_IGN) {
-        handler[sig-1] = (sig_type)0;
-        signal(sig,fn);
-    } else {
-        handler[sig-1] = fn;
-        signal(sig,signal_recorder);
-    }
-    caused &= ~(1<<(sig-1));
-    return Result;
-}
-
-
-/* Call the handlers for any pending signals */
-
-void handle_signals() {
-    int sig;
-
-    if (caused)
-       for (sig=0; sig<__MAXSIG; sig++, caused>>=1)
-           if (caused&1)
-               (*handler[sig])(sig+1);
-}

usr.sbin/ppp/sig.h

@@ -1,41 +0,0 @@
-/*-
- * Copyright (c) 1997
- *	Brian Somers <brian@awfulhak.demon.co.uk>.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $Id: sig.h,v 1.4 1997/02/23 20:01:20 brian Exp $
- *
- *  TODO:
- *
- */
-
-typedef void (*sig_type)(int);
-
-/* Call this instead of signal() */
-extern sig_type pending_signal __P((int, sig_type));
-
-/* Call this when you want things to *actually* happen */
-extern void handle_signals __P((void));

usr.sbin/ppp/timer.c

@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: timer.c,v 1.10 1997/02/25 14:05:17 brian Exp $
+ * $Id: timer.c,v 1.11 1997/03/08 09:55:42 ache Exp $
  *
  *  TODO:
  */
@@ -26,7 +26,6 @@
 #include <signal.h>
 #include "timeout.h"
 #include <sys/cdefs.h>
-#include "sig.h"
 #ifdef SIGALRM
 #include <errno.h>
 #endif