From b46da660563b175722937d9f29d45029bd6a0a74 Mon Sep 17 00:00:00 2001
From: Leo Kettmeir <crowlkats@toaxl.com>
Date: Tue, 4 Jan 2022 21:55:06 +0100
Subject: fix(signals): prevent panic when listening to forbidden signals
 (#13273)

---
 runtime/Cargo.toml    | 1 +
 runtime/ops/signal.rs | 8 +++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

(limited to 'runtime')

diff --git a/runtime/Cargo.toml b/runtime/Cargo.toml
index fa6ed4e25..d896266c2 100644
--- a/runtime/Cargo.toml
+++ b/runtime/Cargo.toml
@@ -76,6 +76,7 @@ once_cell = "=1.9.0"
 regex = "1.5.4"
 ring = "0.16.20"
 serde = { version = "1.0.129", features = ["derive"] }
+signal-hook-registry = "1.4.0"
 sys-info = "0.9.0"
 termcolor = "1.1.2"
 tokio = { version = "1.10.1", features = ["full"] }
diff --git a/runtime/ops/signal.rs b/runtime/ops/signal.rs
index db30c66d8..f260c611c 100644
--- a/runtime/ops/signal.rs
+++ b/runtime/ops/signal.rs
@@ -181,8 +181,14 @@ fn op_signal_bind(
 ) -> Result<ResourceId, AnyError> {
   super::check_unstable(state, "Deno.signal");
   let signo = signal_str_to_int(&sig)?;
+  if signal_hook_registry::FORBIDDEN.contains(&signo) {
+    return Err(type_error(format!(
+      "Binding to signal '{}' is not allowed",
+      sig
+    )));
+  }
   let resource = SignalStreamResource {
-    signal: AsyncRefCell::new(signal(SignalKind::from_raw(signo)).unwrap()),
+    signal: AsyncRefCell::new(signal(SignalKind::from_raw(signo))?),
     cancel: Default::default(),
   };
   let rid = state.resource_table.add(resource);
-- 
cgit v1.2.3