summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWilliam A. Rowe Jr <wrowe@apache.org>2003-03-20 22:50:40 +0100
committerWilliam A. Rowe Jr <wrowe@apache.org>2003-03-20 22:50:40 +0100
commit1e7b7d79bb361a6bedcc946cb11f5e6afde6ae77 (patch)
tree2b87a3329d8e823814e8ad61365b7f8a1cb3a465
parentkeep changes in sync (diff)
downloadapache2-1e7b7d79bb361a6bedcc946cb11f5e6afde6ae77.tar.xz
apache2-1e7b7d79bb361a6bedcc946cb11f5e6afde6ae77.zip
SECURITY: Eliminated leaks of several file descriptors to child
processes, such as CGI scripts. PR: 17206 Submitted by: Christian Kratzer <ck@cksoft.de>, Bjoern A. Zeeb <bz@zabbadoz.net> Reviewed by: Joe Orton, Will Rowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99032 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r--CHANGES6
-rw-r--r--modules/loggers/mod_log_config.c1
-rw-r--r--modules/mappers/mod_rewrite.c1
-rw-r--r--server/log.c2
-rw-r--r--server/mpm/worker/pod.c4
-rw-r--r--server/mpm_common.c4
6 files changed, 14 insertions, 4 deletions
diff --git a/CHANGES b/CHANGES
index 4c06afa698..db848cef4b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -156,6 +156,12 @@ Changes with Apache 2.1.0-dev
Changes with Apache 2.0.45
+ *) SECURITY: Eliminated leaks of several file descriptors to child
+ processes, such as CGI scripts. This fix depends on the latest
+ APR library release 0.9.2, which is distributed with the httpd
+ source tarball for Apache 2.0.45. PR 17206
+ [Christian Kratzer <ck@cksoft.de>, Bjoern A. Zeeb <bz@zabbadoz.net>]
+
*) Prevent endless loops of internal redirects in mod_rewrite by
aborting after exceeding a limit of internal redirects. The
limit defaults to 10 and can be changed using the RewriteOptions
diff --git a/modules/loggers/mod_log_config.c b/modules/loggers/mod_log_config.c
index 032b806d9b..0e28ac5f99 100644
--- a/modules/loggers/mod_log_config.c
+++ b/modules/loggers/mod_log_config.c
@@ -1300,7 +1300,6 @@ static void *ap_default_log_writer_init(apr_pool_t *p, server_rec *s,
"could not open transfer log file %s.", fname);
return NULL;
}
- apr_file_inherit_set(fd);
return fd;
}
}
diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c
index a5b8fdc7ef..d95249b215 100644
--- a/modules/mappers/mod_rewrite.c
+++ b/modules/mappers/mod_rewrite.c
@@ -3429,7 +3429,6 @@ static void open_rewritelog(server_rec *s, apr_pool_t *p)
"file %s", fname);
exit(1);
}
- apr_file_inherit_set(conf->rewritelogfp);
}
return;
}
diff --git a/server/log.c b/server/log.c
index ec7c44acfd..95ab4aa2e8 100644
--- a/server/log.c
+++ b/server/log.c
@@ -320,8 +320,6 @@ static int open_error_log(server_rec *s, apr_pool_t *p)
ap_server_argv0, fname);
return DONE;
}
-
- apr_file_inherit_set(s->error_log);
}
return OK;
diff --git a/server/mpm/worker/pod.c b/server/mpm/worker/pod.c
index e568d229f0..072777c9c7 100644
--- a/server/mpm/worker/pod.c
+++ b/server/mpm/worker/pod.c
@@ -76,6 +76,10 @@ AP_DECLARE(apr_status_t) ap_mpm_pod_open(apr_pool_t *p, ap_pod_t **pod)
*/
(*pod)->p = p;
+ /* close these before exec. */
+ apr_file_unset_inherit((*pod)->pod_in);
+ apr_file_unset_inherit((*pod)->pod_out);
+
return APR_SUCCESS;
}
diff --git a/server/mpm_common.c b/server/mpm_common.c
index 86e8ceba85..0632ed63ba 100644
--- a/server/mpm_common.c
+++ b/server/mpm_common.c
@@ -410,6 +410,10 @@ AP_DECLARE(apr_status_t) ap_mpm_pod_open(apr_pool_t *p, ap_pod_t **pod)
apr_sockaddr_info_get(&(*pod)->sa, ap_listeners->bind_addr->hostname,
APR_UNSPEC, ap_listeners->bind_addr->port, 0, p);
+ /* close these before exec. */
+ apr_file_unset_inherit((*pod)->pod_in);
+ apr_file_unset_inherit((*pod)->pod_out);
+
return APR_SUCCESS;
}