httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From n.@apache.org
Subject cvs commit: httpd-2.0/support suexec.c
Date Wed, 19 Feb 2003 21:27:05 GMT
nd          2003/02/19 13:27:05

  Modified:    .        CHANGES
               support  suexec.c
  Log:
  Be more pedantic when cleaning environment. Clean it
  immediately after startup.
  
  PR: 2790, 10449
  Submitted by: Jeff Stewart <jws@purdue.edu>
  
  Revision  Changes    Path
  1.1082    +4 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1081
  retrieving revision 1.1082
  diff -u -r1.1081 -r1.1082
  --- CHANGES	19 Feb 2003 06:50:10 -0000	1.1081
  +++ CHANGES	19 Feb 2003 21:27:04 -0000	1.1082
  @@ -2,6 +2,10 @@
   
     [Remove entries to the current 2.0 section below, when backported]
   
  +  *) suexec: Be more pedantic when cleaning environment. Clean it
  +     immediately after startup. PR 2790, 10449.
  +     [Jeff Stewart <jws@purdue.edu>, André Malo]
  +
     *) Return 413 if chunk-ext-header is too long rather than reading from
        the truncated line.  PR 15857.  [Justin Erenkrantz]
   
  
  
  
  1.25      +68 -55    httpd-2.0/support/suexec.c
  
  Index: suexec.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/support/suexec.c,v
  retrieving revision 1.24
  retrieving revision 1.25
  diff -u -r1.24 -r1.25
  --- suexec.c	12 Feb 2003 15:28:28 -0000	1.24
  +++ suexec.c	19 Feb 2003 21:27:05 -0000	1.25
  @@ -131,46 +131,51 @@
   
   char *safe_env_lst[] =
   {
  -    "AUTH_TYPE",
  -    "CONTENT_LENGTH",
  -    "CONTENT_TYPE",
  -    "DATE_GMT",
  -    "DATE_LOCAL",
  -    "DOCUMENT_NAME",
  -    "DOCUMENT_PATH_INFO",
  -    "DOCUMENT_ROOT",
  -    "DOCUMENT_URI",
  -    "FILEPATH_INFO",
  -    "GATEWAY_INTERFACE",
  -    "HTTPS",
  -    "LAST_MODIFIED",
  -    "PATH_INFO",
  -    "PATH_TRANSLATED",
  -    "QUERY_STRING",
  -    "QUERY_STRING_UNESCAPED",
  -    "REMOTE_ADDR",
  -    "REMOTE_HOST",
  -    "REMOTE_IDENT",
  -    "REMOTE_PORT",
  -    "REMOTE_USER",
  -    "REDIRECT_QUERY_STRING",
  -    "REDIRECT_STATUS",
  -    "REDIRECT_URL",
  -    "REQUEST_METHOD",
  -    "REQUEST_URI",
  -    "SCRIPT_FILENAME",
  -    "SCRIPT_NAME",
  -    "SCRIPT_URI",
  -    "SCRIPT_URL",
  -    "SERVER_ADMIN",
  -    "SERVER_NAME",
  -    "SERVER_ADDR",
  -    "SERVER_PORT",
  -    "SERVER_PROTOCOL",
  -    "SERVER_SOFTWARE",
  -    "UNIQUE_ID",
  -    "USER_NAME",
  -    "TZ",
  +    /* variable name starts with */
  +    "HTTP_",
  +    "SSL_",
  +
  +    /* variable name is */
  +    "AUTH_TYPE=",
  +    "CONTENT_LENGTH=",
  +    "CONTENT_TYPE=",
  +    "DATE_GMT=",
  +    "DATE_LOCAL=",
  +    "DOCUMENT_NAME=",
  +    "DOCUMENT_PATH_INFO=",
  +    "DOCUMENT_ROOT=",
  +    "DOCUMENT_URI=",
  +    "FILEPATH_INFO=",
  +    "GATEWAY_INTERFACE=",
  +    "HTTPS=",
  +    "LAST_MODIFIED=",
  +    "PATH_INFO=",
  +    "PATH_TRANSLATED=",
  +    "QUERY_STRING=",
  +    "QUERY_STRING_UNESCAPED=",
  +    "REMOTE_ADDR=",
  +    "REMOTE_HOST=",
  +    "REMOTE_IDENT=",
  +    "REMOTE_PORT=",
  +    "REMOTE_USER=",
  +    "REDIRECT_QUERY_STRING=",
  +    "REDIRECT_STATUS=",
  +    "REDIRECT_URL=",
  +    "REQUEST_METHOD=",
  +    "REQUEST_URI=",
  +    "SCRIPT_FILENAME=",
  +    "SCRIPT_NAME=",
  +    "SCRIPT_URI=",
  +    "SCRIPT_URL=",
  +    "SERVER_ADMIN=",
  +    "SERVER_NAME=",
  +    "SERVER_ADDR=",
  +    "SERVER_PORT=",
  +    "SERVER_PROTOCOL=",
  +    "SERVER_SOFTWARE=",
  +    "UNIQUE_ID=",
  +    "USER_NAME=",
  +    "TZ=",
       NULL
   };
   
  @@ -240,7 +245,17 @@
       int cidx = 0;
       int idx;
   
  -
  +    /* While cleaning the environment, the environment should be clean.
  +     * (e.g. malloc() may get the name of a file for writing debugging info.
  +     * Bad news if MALLOC_DEBUG_FILE is set to /etc/passwd.  Sprintf() may be
  +     * susceptible to bad locale settings....)
  +     * (from PR 2790)
  +     */
  +    char **envp = environ;
  +    char *empty_ptr = NULL;
  + 
  +    environ = &empty_ptr; /* VERY safe environment */
  +    
       if ((cleanenv = (char **) calloc(AP_ENVBUF, sizeof(char *))) == NULL) {
           log_err("failed to malloc memory for environment\n");
           exit(120);
  @@ -250,19 +265,13 @@
       cleanenv[cidx] = strdup(pathbuf);
       cidx++;
   
  -    for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
  -        if (!strncmp(*ep, "HTTP_", 5) || !strncmp(*ep, "SSL_", 4)) {
  -            cleanenv[cidx] = *ep;
  -            cidx++;
  -        }
  -        else {
  -            for (idx = 0; safe_env_lst[idx]; idx++) {
  -                if (!strncmp(*ep, safe_env_lst[idx],
  -                             strlen(safe_env_lst[idx]))) {
  -                    cleanenv[cidx] = *ep;
  -                    cidx++;
  -                    break;
  -                }
  +    for (ep = envp; *ep && cidx < AP_ENVBUF-1; ep++) {
  +        for (idx = 0; safe_env_lst[idx]; idx++) {
  +            if (!strncmp(*ep, safe_env_lst[idx],
  +                         strlen(safe_env_lst[idx]))) {
  +                cleanenv[cidx] = *ep;
  +                cidx++;
  +                break;
               }
           }
       }
  @@ -291,6 +300,11 @@
       struct stat dir_info;   /* directory info holder     */
       struct stat prg_info;   /* program info holder       */
   
  +    /*
  +     * Start with a "clean" environment
  +     */
  +    clean_env();
  +
       prog = argv[0];
       /*
        * Check existence/validity of the UID of the user
  @@ -616,7 +630,6 @@
       }
       umask(AP_SUEXEC_UMASK);
   #endif /* AP_SUEXEC_UMASK */
  -    clean_env();
   
       /* 
        * Be sure to close the log file so the CGI can't
  
  
  

Mime
View raw message