Open Bug 62993 Opened 24 years ago Updated 2 years ago

signature file can't be a named pipe (or /proc/uptime)

Categories

(MailNews Core :: Backend, defect, P3)

Product:
MailNews Core
Component:
Backend
Platform:
x86
Linux
Type:
defect

Tracking

(Not tracked)

People

(Reporter: sspitzer, Unassigned)

References

Details

Attachments

(3 files, 1 obsolete file)

test perl script
746 bytes, text/plain
Details
signature program that uses a piped .signature
45.92 KB, application/octet-stream
Details
1 line patch to fix and also limit sigs to 4K
489 bytes, patch
Details | Diff | Splinter Review 
from n.p.m.mail-news:

"You can with 4.x as well as other mail programs but Mozilla doesn't like it.
It does something that breaks the pipe so the writer process dies. That's ok
the first time you tro to send a message but, of course, all subsequent ones
freeze Mozilla; in fact, the entire process freezes not just the compose
window."

adding shaver to the cc list, as I know he uses this.

this would be linux only.
So I would be the person quoted. I guess I should just file bugs without
worrying about whether they're duplicates. :-)

After some trouble getting strace and mozilla to cooperate, the problem is as I
suspected.

stat("/tmp/10/SignatureTest", {st_mode=S_IFIFO|0644, st_size=0, ...}) = 0
stat("/tmp/10/SignatureTest", {st_mode=S_IFIFO|0644, st_size=0, ...}) = 0
open("/tmp/10/SignatureTest", O_RDONLY) = 24
lseek(24, 0, SEEK_CUR)                  = -1 ESPIPE (Illegal seek)
stat("/tmp/10/SignatureTest", {st_mode=S_IFIFO|0644, st_size=0, ...}) = 0
close(24)

It looks like mozilla doesn't check for a fifo on the stat and it doesn't handle
ESPIPE gracefully.

I will attach a simple test perl script. I borrowed most of it from "man
perlipc." It may come in handy.
Attached file test perl script 
Summary: signature file be can't be a named pipe → signature file be can't be a named pipe (or /proc/uptime)

    
    

    
  
weird, /proc/uptime doesn't work either.  I don't crash, but no signature.

cc'ing andrew, he might help me out on this one.

ls -al /proc/uptime 
-r--r--r--   1 root     root            0 Dec 18 23:10 /proc/uptime

    
    

    
  
A stat on a named pipe returns meaningless values for st_size. It
might be 0 or the value from a previous read. If you open a named
pipe for reading and then do a fstat, st_size becomes slightly more
useful. It will be the amount of data available up to a max of
PIPE_BUF so you can't rely on it.

The /proc fs is special (read crock). Although /proc/uptime, for
example, claims to be a regular file both stat and fstat return
st_size = 0.

Mozilla gets really confused by all this because it implicitly
assumes st_size is meaningful. It also tends to assume that only
directories and regular files exist.

Now cat gets around this by just opening a file, doing a fstat to
get st_blksize (not st_size), and just reading st_blksize chunks
until it gets an EOF. In other words, it treats all files as
streams. Actually, it eliminates directories but not much else.

That's an appealing idea. One would think that Mozilla knows how to
deal with streams. Is it feasible, though. It would mean buffering
the signature file and examining the buffer for mime type. This is
also a significant change and there might not be time to do this
right, although it will have to be done eventually. Users will
rightly consider Mozilla broken if cat reads a file but mozilla
doesn't.


    
    

    
  
*** Bug 95915 has been marked as a duplicate of this bug. ***

    
    

    
  
I do consider that mozilla is broken if I can
read something with cat, but not mozilla ...

Don't you think it is time to do it now ?

I think it should at least (for now) be a little fixed in order
to avoid that damned freezes ...

    
    

    
  
It seems that my last comment doesn't "traduce" my thought correctly :
sorry about that, and sorry to all of you who may have felt sworn.

I just wanted to tell you guys that I think this bug need a fix.
I thought adding a comment, even not very useful :)), would remind you
of that bug. But my comment was quite incorrect ... sorry again.

I know that you do it on your free time, and I know that you don't
have unlimited free time.
Thanks for all you do : I use Mozilla a lot, it keeps on improving,
and I hope it will replace one day that ugly IE :)) !

    
    

    
  
0.9.3 does not takes a piped signature at all. This is used in programs such as
signature, which generates a new sig everytime the pipe is accessed. It works
with all mailers except Pine and mozilla. The program is attached and it can
also be found on http://freshmeat.net. Here's something from its man page:

       Pine  fails  to  play  properly with signature, because an
       fstat(2) on the signature FIFO prior to opening it returns
       0 in stat.st_size, causing Pine to open and close it with­
       out actually reading  anything.  This  causes  a  SIGPIPE,
       which signature calmly ignores.

This should because if cat and other mailers can use this, so should mozilla.

    
    

    
  
*** Bug 103113 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 111607 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 115241 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 113640 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 145335 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 147708 has been marked as a duplicate of this bug. ***

    
    

    
  
This also occurs on FreeBSD (I'm sure on any Unix type system).  In my case, 
I'm using signify (http://www.debian.org/) with its --fifo mode to create a 
named pipe for .signature.

    
    

    
  
*** Bug 151613 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 163831 has been marked as a duplicate of this bug. ***

    
    

    
  
Still not working in 1.1 (2002072208)

Any news?

    
    

    
  


  
This patch just reads the first 4K from the file.
Should work for proc/named pipes/...

    
    

    
  
I don't think this will work. Pipes are streams and you have to read until EOF 
or you'll have problems. If you close a pipe prematurely then the SIGPIPE 
signal is sent to the writing process (the other end of the pipe). If the 
writer isn't expecting SIGPIPE it will be killed. If that happens then the 
next time mozilla reads from the pipe it will hang. Users will rightly 
complain about mozilla.

You either should deduce what type of file you're reading from and take 
appropriate action or just read until EOF throwing out what you don't want.

BTW, the browser has no trouble reading from pipes which just makes mailnews 
look silly.

    
    

    
  
I see what your saying but I don't aggree.

If a daemon's sole purpose is to write to a named pipe
and can't handle SIGPIPE then all bets are off. SIGPIPE 
could be generated in many instances. This will only
happen if the sig is bigger than 4K and SIGPIPE is quite
polite I think for something trying to send me a 4K sig :-)

Conversely though, mozilla will hang if there is nothing
writing to the pipe, so perhaps a timeout is appropriate?

Anyway, please apply the simple patch, as it fixes 3 problems:

1. reading from /proc/uptime
2. reading from named pipes (rotating signatures)
3. reading very large signatures

    
    

    
  
A well-behaved app does *not* throw signals at other apps just because it 
wants to. Trying to blame some other app because mozilla is sloppy is no 
excuse.

Nost people who try named pipes probably get their information from the perl 
example (man perlipc). Mozilla should work with that. Your patch will not.

Timing out may be very hard. :-) You have to open a file in non-blocking mode 
and then use select or poll to see if it's ready. Your patch needs to address 
that.

    
    

    
  
Questions:

What does perlipc do if mozilla crashes while it's writing
(about as likely as writing more than 4K sig in fairness).
I.E. I still don't think we should worry about sending
SIGPIPE to the writer if it gives us more than 4K.

If we were to do a timeout, what would it be? 1 second?

Why would the socket need to be nonblocking? We could
just select() the blocking fd as the thread doesn't
need to do anything else

    
    

    
  
Is there any progress on this? 

    
    

    
  


  
Attached another less invasive patch for discussion.
Might be worthwhile getting this in 1.4beta

    
    

    
  
Patch is available.

Could someone please add
-whiteboard: [patch]
-keywords: 4xp

    
  
Keywords: 4xp
Whiteboard: [patch]

    
  

        Attachment #120036 -
        Flags: review?(sspitzer)

    
  
Flags: blocking1.6b+

    
    

    
  
only drivers can set (+) blocking flags.  you can request (?) them.
Flags: blocking1.6b+

    
    

    
  
What are we waiting for? Isn't this ready and patched?

I'd really like to have random sigs in Mozilla.

    
  
Flags: blocking1.7a?

    
  
Flags: blocking1.7a? → blocking1.7a-

    
  
Flags: blocking1.8a?

    
  
Flags: blocking1.8a? → blocking1.8a-
Product: MailNews → Core

    
  
Flags: blocking1.8.0.1?

    
    

    
  
this is not a feature we'll bbe evaluating for a security release. minusing.
Flags: blocking1.8.0.1? → blocking1.8.0.1-

    
    

    
  
*** Bug 344018 has been marked as a duplicate of this bug. ***

    
    

    
  
None of those patches are working for me. Still just a hang:(

    
    

    
  
sorry for the spam.  making bugzilla reflect reality as I'm not working on these bugs.  filter on FOOBARCHEESE to remove these in bulk.
Assignee: sspitzer → nobody
Summary: signature file be can't be a named pipe (or /proc/uptime) → signature file can't be a named pipe (or /proc/uptime)

    
    

    
  
Filter on "Nobody_NScomTLD_20080620"
QA Contact: esther → backend
Product: Core → MailNews Core

    
    

    
  
Using Shredder version 3.0a2 (2008072418) binary, the bug is kind-of fixed!

When using a fifo as a signature, Shredder doesn't attach any output of the fifo to my message, nor does it lock up.  If I change the fifo to a text file, it works as expected.

thanks.


    
    

    
  
(In reply to comment #36)
> Using Shredder version 3.0a2 (2008072418) binary, the bug is kind-of fixed!
> 
> When using a fifo as a signature, Shredder doesn't attach any output of the
> fifo to my message

patch is obsolete?
Whiteboard: [patch]

    
    

    
  
Comment on attachment 120036 [details] [diff] [review]
alternative patch, doesn't change behaviour for regular files

Yes, and as i recall, it didn't work for me back when it applied.

        Attachment #120036 -
        Attachment is obsolete: true

        Attachment #120036 -
        Flags: review?(sspitzer)

    
  
Severity: normal → S3

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: