httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@attglobal.net>
Subject Re: cvs commit: httpd-2.0/server/mpm/worker pod.c
Date Fri, 21 Mar 2003 16:15:09 GMT
Aaron Bannert wrote:
> 
> On Thursday, March 20, 2003, at 01:50  PM, wrowe@apache.org wrote:
> 
>> wrowe       2003/03/20 13:50:41
>>
>>   Modified:    .        CHANGES
>>                modules/loggers mod_log_config.c
>>                modules/mappers mod_rewrite.c
>>                server   log.c mpm_common.c
>>                server/mpm/worker pod.c
>>   Log:
>>     SECURITY:  Eliminated leaks of several file descriptors to child
>>     processes, such as CGI scripts.
> 
> 
> [...]
> 
>>        apr_sockaddr_info_get(&(*pod)->sa, 
>> ap_listeners->bind_addr->hostname,
>>                              APR_UNSPEC, 
>> ap_listeners->bind_addr->port, 0, p);
>>
>>   +    /* close these before exec. */
>>   +    apr_file_unset_inherit((*pod)->pod_in);
>>   +    apr_file_unset_inherit((*pod)->pod_out);
>>   +
>>        return APR_SUCCESS;
> 
> 
> The PODs in the worker MPM are getting closed and the parent is then
> unable to kill its children when it needs to (don't you love how
> morbid that sounds?). I see one of these every second in the error log:
> 
> [Thu Mar 20 18:09:25 2003] [warn] (32)Broken pipe: write pipe_of_death

lots of theories :)

what I see with HEAD is that the pipe gets file descriptor 2 (stderr), 
and we later make sure that the error log is file descriptor 2, 
resulting in one side of the pipe getting closed

I would guess that some other changes with closing descriptors let us 
get fd 2 for one of the pipe handles, and that this conceivably could 
have happened with all sorts of code changes.

Attached is a patch which certainly is not a fix, but which makes it 
work for me by clumsily ensuring that neither pipe descriptor is 
stdin/out/err; no more problems writing to the pipe at this point.

Mime
View raw message