If the session leader dies, s_leader is set to NULL and getsid() may

dereference a NULL pointer, causing a panic.  Instead of following
s_leader to find the session id, store it in the session structure.

Jukka found the following info:

	BTW - I just found what I have been looking for. Std 1003.1
	Part 1: SYSTEM API [C LANGUAGE] section 2.2.2.80 states quite
	explicitly...

	Session lifetime: The period between when a session is created
	and the end of lifetime of all the process groups that remain
	as members of the session.

	So, this quite clearly tells that while there is any single
	process in any process group which is a member of the session,
	the session remains as an independent entity.

Reviewed by:	peter
Submitted by:	"Jukka A. Ukkonen" <jau@jau.tmt.tele.fi>

4 files changed, 12 insertions, 6 deletions

diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c
index 26cbe47..a1f6c85 100644
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c
@@ -36,7 +36,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)kern_fork.c	8.6 (Berkeley) 4/8/94
- * $Id: kern_fork.c,v 1.50 1997/12/12 04:00:58 dyson Exp $
+ * $Id: kern_fork.c,v 1.51 1998/01/22 17:29:46 dyson Exp $
  */
 
 #include "opt_ktrace.h"
@@ -271,7 +271,8 @@ retry:
 again:
 		for (; p2 != 0; p2 = p2->p_list.le_next) {
 			while (p2->p_pid == nextpid ||
-			    p2->p_pgrp->pg_id == nextpid) {
+			    p2->p_pgrp->pg_id == nextpid ||
+			    p2->p_session->s_sid == nextpid) {
 				nextpid++;
 				if (nextpid >= pidchecked)
 					goto retry;
@@ -281,6 +282,9 @@ again:
 			if (p2->p_pgrp->pg_id > nextpid &&
 			    pidchecked > p2->p_pgrp->pg_id)
 				pidchecked = p2->p_pgrp->pg_id;
+			if (p2->p_session->s_sid > nextpid &&
+			    pidchecked > p2->p_session->s_sid)
+				pidchecked = p2->p_session->s_sid;
 		}
 		if (!doingzomb) {
 			doingzomb = 1;
diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c
index e229a5d..d546ad7 100644
--- a/sys/kern/kern_proc.c
+++ b/sys/kern/kern_proc.c
@@ -31,7 +31,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)kern_proc.c	8.7 (Berkeley) 2/14/95
- * $Id: kern_proc.c,v 1.36 1998/02/20 13:52:14 bde Exp $
+ * $Id: kern_proc.c,v 1.37 1998/07/11 07:45:40 bde Exp $
  */
 
 #include <sys/param.h>
@@ -223,6 +223,7 @@ enterpgrp(p, pgid, mksess)
 			MALLOC(sess, struct session *, sizeof(struct session),
 			    M_SESSION, M_WAITOK);
 			sess->s_leader = p;
+			sess->s_sid = p->p_pid;
 			sess->s_count = 1;
 			sess->s_ttyvp = NULL;
 			sess->s_ttyp = NULL;
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 24abb73..59c01fb 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -36,7 +36,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)kern_prot.c	8.6 (Berkeley) 1/21/94
- * $Id: kern_prot.c,v 1.39 1997/12/20 03:05:46 sef Exp $
+ * $Id: kern_prot.c,v 1.40 1998/06/10 10:28:29 dfr Exp $
  */
 
 /*
@@ -151,7 +151,7 @@ getsid(p, uap)
 	if ((p == pfind(uap->pid)) == 0)
 		return ESRCH;
 found:
-	p->p_retval[0] = p->p_pgrp->pg_session->s_leader->p_pid;
+	p->p_retval[0] = p->p_session->s_sid;
 	return 0;
 }
 
diff --git a/sys/sys/proc.h b/sys/sys/proc.h
index 2a7a7a39..6358322 100644
--- a/sys/sys/proc.h
+++ b/sys/sys/proc.h
@@ -36,7 +36,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)proc.h	8.15 (Berkeley) 5/19/95
- * $Id: proc.h,v 1.57 1998/04/04 13:26:14 phk Exp $
+ * $Id: proc.h,v 1.58 1998/05/28 09:30:26 phk Exp $
  */
 
 #ifndef _SYS_PROC_H_
@@ -61,6 +61,7 @@ struct	session {
 	struct	proc *s_leader;		/* Session leader. */
 	struct	vnode *s_ttyvp;		/* Vnode of controlling terminal. */
 	struct	tty *s_ttyp;		/* Controlling terminal. */
+	pid_t	s_sid;			/* Session ID */
 	char	s_login[roundup(MAXLOGNAME, sizeof(long))];	/* Setlogin() name. */
 };