httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: suexec.c code changes required for Apache 1.2b4/IRIX 6.2 (fwd)
Date Tue, 21 Jan 1997 01:32:37 GMT
Sent him a copy of the updated suexec to be sure it works fine for him
now.

On Mon, 20 Jan 1997, Rob Hartill wrote:

> 
> not acked.
> 
> ---------- Forwarded message ----------
> Date: Mon, 20 Jan 1997 12:00:56 -0800 (PST)
> From: Ian Reddy <ian@sfu.ca>
> To: apache-bugs@apache.org
> Subject: suexec.c code changes required for Apache 1.2b4/IRIX 6.2
> 
> This is for Apache 1.2b4.
>  
> I haven't tested this on other OSes but under IRIX 6.2 I had to make
> the following "diff suexec.c.new suexec.c" to make suexec.c work
> (basically get rid of the calls to free() and use putenv() instead
> of setenv() ):
> 
> 
> 
> 217c217,218
> <      * directories.  Yuck.
> ---
> >      * directories.  Yuck.  NOTE: We also free() dwd since it is
> >      * the last usage...
> 244a246
> >         free(dwd);
> 247a250,251
> >     else
> >         free(dwd);
> 251a256
> >      * NOTE: This is the last use of cwd, so we must free() it.
> 253a259
> >         free(cwd);
> 256a263,264
> >     else
> >         free(cwd);
> 350c358
> <     if ((putenv(strcat("PATH=", SAFE_PATH))) != 0) {
> ---
> >     if ((setenv("PATH", SAFE_PATH, 1)) != 0) {
> 
> 
> 	
>  
> Here is a "diff -C3 suexec.c.new suexec.c" output:
> 
> 
> *** suexec.c.new	Mon Jan 20 11:33:54 1997
> --- suexec.c	Mon Jan 20 11:34:07 1997
> ***************
> *** 214,220 ****
>        * ~userdir request.  Error out if we cannot get either one,
>        * or if the current working directory is not in the docroot.
>        * Use chdir()s and getcwd()s to avoid problems with symlinked
> !      * directories.  Yuck.
>        */
>       if (getcwd(cwd, MAXPATHLEN) == NULL) {
>           log_err("cannot get current working directory\n");
> --- 214,221 ----
>        * ~userdir request.  Error out if we cannot get either one,
>        * or if the current working directory is not in the docroot.
>        * Use chdir()s and getcwd()s to avoid problems with symlinked
> !      * directories.  Yuck.  NOTE: We also free() dwd since it is
> !      * the last usage...
>        */
>       if (getcwd(cwd, MAXPATHLEN) == NULL) {
>           log_err("cannot get current working directory\n");
> ***************
> *** 242,259 ****
> --- 243,267 ----
>       
>       doclen = strlen(dwd);
>       if (strncmp(cwd, dwd, doclen) != 0) {
> +         free(dwd);
>           log_err("command not in docroot (%s/%s)\n", cwd, cmd);
>           exit(109);
>       }
> +     else
> +         free(dwd);
>   
>   
>       /*
>        * Stat the cwd and verify it is a directory, or error out.
> +      * NOTE: This is the last use of cwd, so we must free() it.
>        */
>       if (((lstat(cwd, &dir_info)) != 0) || !(S_ISDIR(dir_info.st_mode))) {
> +         free(cwd);
>   	log_err("cannot stat directory: (%s)\n", cwd);
>   	exit(110);
>       }
> +     else
> +         free(cwd);
>   
>       /*
>        * Error out if cwd is writable by others.
> ***************
> *** 347,353 ****
>   	exit(119);
>       }
>   
> !     if ((putenv(strcat("PATH=", SAFE_PATH))) != 0) {
>   	log_err("cannot reset environment PATH\n");
>   	exit(120);
>       }
> --- 355,361 ----
>   	exit(119);
>       }
>   
> !     if ((setenv("PATH", SAFE_PATH, 1)) != 0) {
>   	log_err("cannot reset environment PATH\n");
>   	exit(120);
>       }
>  
> 
> -- 
>   Ian Reddy, Senior Systems Consultant  E-mail:    Ian_Reddy@sfu.ca
>   Academic Computing Services, AD1021              ian@sfu.ca
>   Simon Fraser University               Telephone: (604) 291-3936
>   Burnaby, B.C. Canada V5A 1S6          Fax:       (604) 291-4242
> 


Mime
View raw message