httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dean Gaudet <dgau...@hyperreal.com>
Subject cvs commit: apache/support suexec.c
Date Thu, 24 Apr 1997 23:25:12 GMT
dgaudet     97/04/24 16:25:12

  Modified:    src       CHANGES util_script.c
               support   suexec.c
  Log:
  Fix suexec segfault when group doesn't exist.
  
  Submitted by:	Gregory Neil Shapiro <gshapiro@wpi.edu>
  Reviewed by:	Randy, Dean, Roy
  
  Revision  Changes    Path
  1.246     +3 -0      apache/src/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /export/home/cvs/apache/src/CHANGES,v
  retrieving revision 1.245
  retrieving revision 1.246
  diff -C3 -r1.245 -r1.246
  *** CHANGES	1997/04/24 23:21:32	1.245
  --- CHANGES	1997/04/24 23:25:08	1.246
  ***************
  *** 1,5 ****
  --- 1,8 ----
    Changes with Apache 1.2
    
  +   *) Fix suexec segfault when group doesn't exist. [Gregory Neil Shapiro]
  +      PR#367, 368, 354, 453
  + 
      *) Fix IRIX warning about bzero undefined. [Marc Slemko]
      
      *) Fix problem with <Directory proxy:...>. [Martin Kraemer] PR#271
  
  
  
  1.49      +12 -4     apache/src/util_script.c
  
  Index: util_script.c
  ===================================================================
  RCS file: /export/home/cvs/apache/src/util_script.c,v
  retrieving revision 1.48
  retrieving revision 1.49
  diff -C3 -r1.48 -r1.49
  *** util_script.c	1997/04/12 04:25:00	1.48
  --- util_script.c	1997/04/24 23:25:09	1.49
  ***************
  *** 436,441 ****
  --- 436,442 ----
        core_dir_config *conf;
        struct passwd *pw;
        struct group *gr;
  +     char *grpname;
        
        conf = (core_dir_config *)get_module_config(r->per_dir_config, &core_module);
    
  ***************
  *** 551,557 ****
    		return;
    	    }
                r->uri -= 2;
  !             gr = getgrgid (pw->pw_gid);
                execuser = (char *) palloc (r->pool, (sizeof(pw->pw_name) + 1));
                execuser = pstrcat (r->pool, "~", pw->pw_name, NULL);
            }
  --- 552,565 ----
    		return;
    	    }
                r->uri -= 2;
  !             if ((gr = getgrgid (pw->pw_gid)) == NULL) {
  ! 		if ((grpname = palloc (r->pool, 16)) == NULL) 
  ! 		    return;
  ! 		else
  ! 		    ap_snprintf(grpname, sizeof(grpname), "%d\0", pw->pw_gid);
  ! 	    }
  ! 	    else
  ! 		grpname = gr->gr_name;
                execuser = (char *) palloc (r->pool, (sizeof(pw->pw_name) + 1));
                execuser = pstrcat (r->pool, "~", pw->pw_name, NULL);
            }
  ***************
  *** 569,582 ****
            }
      
      	if (shellcmd)
  ! 	    execle(SUEXEC_BIN, SUEXEC_BIN, execuser, gr->gr_name, argv0, NULL, env);
    
      	else if((!r->args) || (!r->args[0]) || (ind(r->args,'=') >= 0))
  ! 	    execle(SUEXEC_BIN, SUEXEC_BIN, execuser, gr->gr_name, argv0, NULL, env);
    
      	else {
    	    execve(SUEXEC_BIN,
  ! 		   create_argv(r, SUEXEC_BIN, execuser, gr->gr_name, argv0, r->args, (void *)NULL),
    		   env);
    	}
        }
  --- 577,590 ----
            }
      
      	if (shellcmd)
  ! 	    execle(SUEXEC_BIN, SUEXEC_BIN, execuser, grpname, argv0, NULL, env);
    
      	else if((!r->args) || (!r->args[0]) || (ind(r->args,'=') >= 0))
  ! 	    execle(SUEXEC_BIN, SUEXEC_BIN, execuser, grpname, argv0, NULL, env);
    
      	else {
    	    execve(SUEXEC_BIN,
  ! 		   create_argv(r, SUEXEC_BIN, execuser, grpname, argv0, r->args, (void *)NULL),
    		   env);
    	}
        }
  
  
  
  1.21      +11 -5     apache/support/suexec.c
  
  Index: suexec.c
  ===================================================================
  RCS file: /export/home/cvs/apache/support/suexec.c,v
  retrieving revision 1.20
  retrieving revision 1.21
  diff -C3 -r1.20 -r1.21
  *** suexec.c	1997/04/07 17:48:39	1.20
  --- suexec.c	1997/04/24 23:25:11	1.21
  ***************
  *** 294,311 ****
        /*
         * Error out if the target group name is invalid.
         */
  !     if ((gr = getgrnam(target_gname)) == NULL) {
  ! 	log_err("invalid target group name: (%s)\n", target_gname);
  ! 	exit(106);
        }
    
        /*
         * Save these for later since initgroups will hose the struct
         */
        uid = pw->pw_uid;
  -     gid = gr->gr_gid;
        actual_uname = strdup(pw->pw_name);
  -     actual_gname = strdup(gr->gr_name);
        target_homedir = strdup(pw->pw_dir);
    
        /*
  --- 294,317 ----
        /*
         * Error out if the target group name is invalid.
         */
  !     if (strspn(target_gname, "1234567890") != strlen(target_gname)) {
  ! 	if ((gr = getgrnam(target_gname)) == NULL) {
  ! 	    log_err("invalid target group name: (%s)\n", target_gname);
  ! 	    exit(106);
  ! 	}
  ! 	gid = gr->gr_gid;
  ! 	actual_gname = strdup(gr->gr_name);
  !     }
  !     else {
  ! 	gid = atoi(target_gname);
  ! 	actual_gname = strdup(target_gname);
        }
    
        /*
         * Save these for later since initgroups will hose the struct
         */
        uid = pw->pw_uid;
        actual_uname = strdup(pw->pw_name);
        target_homedir = strdup(pw->pw_dir);
    
        /*
  
  
  

Mime
View raw message