PyOS_getsig(), PyOS_setsig(): The minimal amount of work to avoid the

uninitialized memory reads reported in bug #478001.

Note that this doesn't address the following larger issues:

- Error conditions are not documented for PyOS_*sig() in the C API.

- Nothing that actually calls PyOS_*sig() in the core interpreter and
  extension modules actually /checks/ the return value of the call.

Fixing those is left as an exercise for a later day.

1 files changed, 12 insertions, 0 deletions

diff --git a/Python/pythonrun.c b/Python/pythonrun.c
index 963df8a..f6217c3 100644
--- a/Python/pythonrun.c
+++ b/Python/pythonrun.c
@@ -1437,6 +1437,12 @@ PyOS_getsig(int sig)
 {
 #ifdef HAVE_SIGACTION
 	struct sigaction context;
+	/* Initialize context.sa_handler to SIG_ERR which makes about as
+	 * much sense as anything else.  It should get overwritten if
+	 * sigaction actually succeeds and otherwise we avoid an
+	 * uninitialized memory read.
+	 */
+	context.sa_handler = SIG_ERR;
 	sigaction(sig, NULL, &context);
 	return context.sa_handler;
 #else
@@ -1453,6 +1459,12 @@ PyOS_setsig(int sig, PyOS_sighandler_t handler)
 #ifdef HAVE_SIGACTION
 	struct sigaction context;
 	PyOS_sighandler_t oldhandler;
+	/* Initialize context.sa_handler to SIG_ERR which makes about as
+	 * much sense as anything else.  It should get overwritten if
+	 * sigaction actually succeeds and otherwise we avoid an
+	 * uninitialized memory read.
+	 */
+	context.sa_handler = SIG_ERR;
 	sigaction(sig, NULL, &context);
 	oldhandler = context.sa_handler;
 	context.sa_handler = handler;