httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bill Stoddard <b...@wstoddard.com>
Subject Re: suexec+CGI = zombies in 1.3.28
Date Sat, 02 Aug 2003 23:24:43 GMT
Cliff Woolley wrote:
> On Tue, 29 Jul 2003, Ralf S. Engelschall wrote:
> 
> 
>>Index: alloc.c
>>===================================================================
>>RCS file: /e/apache/cvs/apache-1.3/src/main/alloc.c,v
>>retrieving revision 1.145
>>diff -u -d -r1.145 alloc.c
>>--- alloc.c	20 Jun 2003 15:05:40 -0000	1.145
>>+++ alloc.c	29 Jul 2003 19:07:46 -0000
>>@@ -2859,12 +2859,8 @@
>> 	if ((p->kill_how == kill_after_timeout)
>> 	    || (p->kill_how == kill_only_once)) {
>> 	    /* Subprocess may be dead already.  Only need the timeout if not. */
>>-	    if (ap_os_kill(p->pid, SIGTERM) == -1) {
>>-                p->kill_how = kill_never;
>>-            }
>>-            else {
>>-		need_timeout = 1;
>>-            }
>>+	    ap_os_kill(p->pid, SIGTERM);
>>+	    need_timeout = 1;
>> 	}
>> 	else if (p->kill_how == kill_always) {
>> 	    kill(p->pid, SIGKILL);
> 
> 
> +1, looks good.
> 
> --Cliff
> 

So you sucessfully kill the process, then you set need_timeout. You swap 
out and another process is started (by an httpd process) on the system 
with the same pid. Your swaped back in, detect the process (thinking it 
is the old process still hanging around) and kill it after a timeout. 
Is this possible or not?

Bill


Mime
View raw message