chkrootkit (part #3)
In chkrootkit
if (!quiet)
{
signal(SIGALRM, read_status);
alarm(5);
}
void read_status() {
double remaining_time;
static long last_total_bytes_read=0;
int diff;
diff = total_wtmp_bytes_read-last_total_bytes_read;
if (diff == 0) diff = 1;
remaining_time=(wtmp_file_size-total_wtmp_bytes_read)*5/(diff);
last_total_bytes_read=total_wtmp_bytes_read;
printf("Remaining time: %6.2f seconds\n", remaining_time);
/*
signal(SIGALRM,read_status);
alarm(5);
*/
}
I'll just quote the man page for signal()
DESCRIPTION
The behavior of signal() varies across UNIX versions, and has also var‐
ied historically across different versions of Linux. Avoid its use:
use sigaction(2) instead. See Portability below.
if (!quiet)
{
signal(SIGALRM, read_status);
alarm(5);
}
...
void read_status() {
double remaining_time;
static long last_total_bytes_read=0;
int diff;
diff = total_wtmp_bytes_read-last_total_bytes_read;
if (diff == 0) diff = 1;
remaining_time=(wtmp_file_size-total_wtmp_bytes_read)*5/(diff);
last_total_bytes_read=total_wtmp_bytes_read;
printf("Remaining time: %6.2f seconds\n", remaining_time);
/*
signal(SIGALRM,read_status);
alarm(5);
*/
}
I'll just quote the man page for signal()
DESCRIPTION
The behavior of signal() varies across UNIX versions, and has also var‐
ied historically across different versions of Linux. Avoid its use:
use sigaction(2) instead. See Portability below.
Is it a security bug? Unlikely. Is it a bug? Maybe. Should it be fixed? Yes, if you want to maintain it..