httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: bugs/inappropriate coding practice discovered by interproceduralcode analysis for version 2.2.8 of Apache
Date Fri, 16 May 2008 12:06:06 GMT

On May 15, 2008, at 3:00 PM, Ruediger Pluem wrote:

>
>
> On 05/15/2008 05:29 AM, BOYA SUN wrote:
>> Here is another potential bug we've just discovered, and it seems  
>> to be occured in several places. Please also take a look at it if  
>> interested, thanks a lot!
>> Boya
>> -----------------------
>> Bug#7
>> File Name: /httpd-2.2.8/srclib/apr/file_io/unidx/readwrite.c  (63)
>> Function Name: apr_file_puts()
>> Code:
>>   304: APR_DECLARE(apr_status_t) apr_file_puts(const char *str,  
>> apr_file_t *thefile)
>>   305: {
>>   306:     return apr_file_write_full(thefile, str, strlen(str),  
>> NULL);
>>   307: }
>> Description: An error occur if apr_file_write_full() returns “! 
>> APR_SUCCESS”. According to the above code, we infer that an error  
>> occurs if apr_file_puts() returns “!APR_SUCCESS”. However, the  
>> return values of apr_file_puts() are not checked in the following  
>> locations.
>>  \apache\src\log.c(682):        apr_file_puts(errstr, logf);
>
> I see nothing reasonable that we can do in this situation but  
> ignoring the error.
>

Agreed.

>> \apache\src\mod_cgi.c(254):    apr_file_puts("%request\n", f);
>> \apache\src\mod_cgi.c(265):    apr_file_puts("%response\n", f);
>> \apache\src\mod_cgi.c(291):            apr_file_puts("%stdout\n", f);
>> \apache\src\mod_cgi.c(295):        apr_file_puts("\n", f);
>> \apache\src\mod_cgi.c(299):        apr_file_puts("%stderr\n", f);
>> \apache\src\mod_cgi.c(300):        apr_file_puts(argsbuffer, f);
>> \apache\src\mod_cgi.c(303):            apr_file_puts(argsbuffer, f);
>> \apache\src\mod_cgi.c(305):        apr_file_puts("\n", f);
>> \apache\src\mod_cgid.c(1029):    apr_file_puts("%request\n", f);
>> \apache\src\mod_cgid.c(1040):    apr_file_puts("%response\n", f);
>> \apache\src\mod_cgid.c(1067):            apr_file_puts("%stdout\n",  
>> f);
>> \apache\src\mod_cgid.c(1071):        apr_file_puts("\n", f);
>> \apache\src\mod_cgid.c(1077):            apr_file_puts("%stderr\n",  
>> f);
>> \apache\src\mod_cgid.c(1078):            apr_file_puts(argsbuffer,  
>> f);
>> \apache\src\mod_cgid.c(1081):                 
>> apr_file_puts(argsbuffer, f);
>> \apache\src\mod_cgid.c(1082):            apr_file_puts("\n", f);
>
> We might could log an error in all these situations. Somebody eager  
> to fix this :-)?
>

Well, not in 2.2.9 but once that's out, for trunk and 2.2.10 :)


Mime
View raw message