httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stri...@apache.org
Subject cvs commit: httpd-2.0/server/mpm/prefork prefork.c
Date Wed, 09 Jul 2003 12:24:52 GMT
striker     2003/07/09 05:24:52

  Modified:    .        CHANGES
               server/mpm/prefork prefork.c
  Log:
  Forward port patch for CAN-2003-0253 from 2.0.
  
  SECURITY [CAN-2003-0253]: Fixed a bug in prefork MPM causing
  temporary denial of service when accept() on a rarely accessed port
  returns certain errors.  Reported by Saheed Akhtar
  <S.Akhtar@talis.com>.  [Jeff Trawick]
  
  Revision  Changes    Path
  1.1215    +5 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1214
  retrieving revision 1.1215
  diff -u -r1.1214 -r1.1215
  --- CHANGES	9 Jul 2003 12:19:01 -0000	1.1214
  +++ CHANGES	9 Jul 2003 12:24:51 -0000	1.1215
  @@ -169,6 +169,11 @@
   
   Changes with Apache 2.0.47
   
  +  *) SECURITY [CAN-2003-0253]: Fixed a bug in prefork MPM causing
  +     temporary denial of service when accept() on a rarely accessed port
  +     returns certain errors.  Reported by Saheed Akhtar
  +     <S.Akhtar@talis.com>.  [Jeff Trawick]
  +
     *) SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
        of service when target host is IPv6 but proxy server can't create
        IPv6 socket.  Fixed by the reporter.  [Yoshioka Tsuneo
  
  
  
  1.278     +9 -14     httpd-2.0/server/mpm/prefork/prefork.c
  
  Index: prefork.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/mpm/prefork/prefork.c,v
  retrieving revision 1.277
  retrieving revision 1.278
  diff -u -r1.277 -r1.278
  --- prefork.c	24 Apr 2003 13:45:00 -0000	1.277
  +++ prefork.c	9 Jul 2003 12:24:52 -0000	1.278
  @@ -625,22 +625,17 @@
   	/* if we accept() something we don't want to die, so we have to
   	 * defer the exit
   	 */
  -	for (;;) {
  -            status = listensocks[offset].accept_func(&csd, 
  -                                       &listensocks[offset], ptrans);
  +        status = listensocks[offset].accept_func(&csd,
  +                                                 &listensocks[offset], ptrans);
  +        SAFE_ACCEPT(accept_mutex_off());      /* unlock after "accept" */
   
  -            if (status == APR_SUCCESS) {
  -                break;
  -            }
  -            if (status == APR_EGENERAL) {
  -                /* resource shortage or should-not-occur occured */
  -                clean_child_exit(1);
  -            }
  -            if (APR_STATUS_IS_EINTR(status) && one_process && shutdown_pending)
{
  -                return;
  -            }
  +        if (status == APR_EGENERAL) {
  +            /* resource shortage or should-not-occur occured */
  +            clean_child_exit(1);
  +        }
  +        else if (status != APR_SUCCESS) {
  +            continue;
           }
  -	SAFE_ACCEPT(accept_mutex_off());	/* unlock after "accept" */
   
   	/*
   	 * We now have a connection, so set it up with the appropriate
  
  
  

Mime
View raw message