httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject cvs commit: httpd-2.0/server/mpm/worker pod.c
Date Thu, 20 Mar 2003 21:50:41 GMT
wrowe       2003/03/20 13:50:41

  Modified:    .        CHANGES
               modules/loggers mod_log_config.c
               modules/mappers mod_rewrite.c
               server   log.c mpm_common.c
               server/mpm/worker pod.c
  Log:
    SECURITY:  Eliminated leaks of several file descriptors to child
    processes, such as CGI scripts.
  
  PR: 17206
  Submitted by:	Christian Kratzer <ck@cksoft.de>, Bjoern A. Zeeb <bz@zabbadoz.net>
  Reviewed by:	Joe Orton, Will Rowe
  
  Revision  Changes    Path
  1.1127    +6 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1126
  retrieving revision 1.1127
  diff -u -r1.1126 -r1.1127
  --- CHANGES	19 Mar 2003 15:08:23 -0000	1.1126
  +++ CHANGES	20 Mar 2003 21:50:37 -0000	1.1127
  @@ -156,6 +156,12 @@
   
   Changes with Apache 2.0.45
   
  +  *) SECURITY:  Eliminated leaks of several file descriptors to child
  +     processes, such as CGI scripts.  This fix depends on the latest
  +     APR library release 0.9.2, which is distributed with the httpd 
  +     source tarball for Apache 2.0.45.  PR 17206
  +     [Christian Kratzer <ck@cksoft.de>, Bjoern A. Zeeb <bz@zabbadoz.net>]
  +
     *) Prevent endless loops of internal redirects in mod_rewrite by
        aborting after exceeding a limit of internal redirects. The
        limit defaults to 10 and can be changed using the RewriteOptions
  
  
  
  1.101     +0 -1      httpd-2.0/modules/loggers/mod_log_config.c
  
  Index: mod_log_config.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/loggers/mod_log_config.c,v
  retrieving revision 1.100
  retrieving revision 1.101
  diff -u -r1.100 -r1.101
  --- mod_log_config.c	6 Mar 2003 23:53:51 -0000	1.100
  +++ mod_log_config.c	20 Mar 2003 21:50:39 -0000	1.101
  @@ -1300,7 +1300,6 @@
                               "could not open transfer log file %s.", fname);
               return NULL;
           }
  -        apr_file_inherit_set(fd);
           return fd;
       }
   }
  
  
  
  1.149     +0 -1      httpd-2.0/modules/mappers/mod_rewrite.c
  
  Index: mod_rewrite.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/mappers/mod_rewrite.c,v
  retrieving revision 1.148
  retrieving revision 1.149
  diff -u -r1.148 -r1.149
  --- mod_rewrite.c	1 Mar 2003 18:35:50 -0000	1.148
  +++ mod_rewrite.c	20 Mar 2003 21:50:39 -0000	1.149
  @@ -3429,7 +3429,6 @@
                            "file %s", fname);
               exit(1);
           }
  -        apr_file_inherit_set(conf->rewritelogfp);
       }
       return;
   }
  
  
  
  1.131     +0 -2      httpd-2.0/server/log.c
  
  Index: log.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/log.c,v
  retrieving revision 1.130
  retrieving revision 1.131
  diff -u -r1.130 -r1.131
  --- log.c	10 Feb 2003 16:27:28 -0000	1.130
  +++ log.c	20 Mar 2003 21:50:40 -0000	1.131
  @@ -320,8 +320,6 @@
                            ap_server_argv0, fname);
               return DONE;
           }
  -
  -        apr_file_inherit_set(s->error_log);
       }
   
       return OK;
  
  
  
  1.105     +4 -0      httpd-2.0/server/mpm_common.c
  
  Index: mpm_common.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/mpm_common.c,v
  retrieving revision 1.104
  retrieving revision 1.105
  diff -u -r1.104 -r1.105
  --- mpm_common.c	6 Mar 2003 21:48:58 -0000	1.104
  +++ mpm_common.c	20 Mar 2003 21:50:40 -0000	1.105
  @@ -410,6 +410,10 @@
       apr_sockaddr_info_get(&(*pod)->sa, ap_listeners->bind_addr->hostname,
                             APR_UNSPEC, ap_listeners->bind_addr->port, 0, p);
   
  +    /* close these before exec. */
  +    apr_file_unset_inherit((*pod)->pod_in);
  +    apr_file_unset_inherit((*pod)->pod_out);
  +
       return APR_SUCCESS;
   }
   
  
  
  
  1.8       +4 -0      httpd-2.0/server/mpm/worker/pod.c
  
  Index: pod.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/mpm/worker/pod.c,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- pod.c	3 Feb 2003 17:53:26 -0000	1.7
  +++ pod.c	20 Mar 2003 21:50:40 -0000	1.8
  @@ -76,6 +76,10 @@
   */
       (*pod)->p = p;
       
  +    /* close these before exec. */
  +    apr_file_unset_inherit((*pod)->pod_in);
  +    apr_file_unset_inherit((*pod)->pod_out);
  +
       return APR_SUCCESS;
   }
   
  
  
  

Mime
View raw message