diff options
author | William A. Rowe Jr <wrowe@apache.org> | 2003-03-20 22:50:40 +0100 |
---|---|---|
committer | William A. Rowe Jr <wrowe@apache.org> | 2003-03-20 22:50:40 +0100 |
commit | 1e7b7d79bb361a6bedcc946cb11f5e6afde6ae77 (patch) | |
tree | 2b87a3329d8e823814e8ad61365b7f8a1cb3a465 | |
parent | keep changes in sync (diff) | |
download | apache2-1e7b7d79bb361a6bedcc946cb11f5e6afde6ae77.tar.xz apache2-1e7b7d79bb361a6bedcc946cb11f5e6afde6ae77.zip |
SECURITY: Eliminated leaks of several file descriptors to child
processes, such as CGI scripts.
PR: 17206
Submitted by: Christian Kratzer <ck@cksoft.de>, Bjoern A. Zeeb <bz@zabbadoz.net>
Reviewed by: Joe Orton, Will Rowe
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99032 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | CHANGES | 6 | ||||
-rw-r--r-- | modules/loggers/mod_log_config.c | 1 | ||||
-rw-r--r-- | modules/mappers/mod_rewrite.c | 1 | ||||
-rw-r--r-- | server/log.c | 2 | ||||
-rw-r--r-- | server/mpm/worker/pod.c | 4 | ||||
-rw-r--r-- | server/mpm_common.c | 4 |
6 files changed, 14 insertions, 4 deletions
@@ -156,6 +156,12 @@ Changes with Apache 2.1.0-dev Changes with Apache 2.0.45 + *) SECURITY: Eliminated leaks of several file descriptors to child + processes, such as CGI scripts. This fix depends on the latest + APR library release 0.9.2, which is distributed with the httpd + source tarball for Apache 2.0.45. PR 17206 + [Christian Kratzer <ck@cksoft.de>, Bjoern A. Zeeb <bz@zabbadoz.net>] + *) Prevent endless loops of internal redirects in mod_rewrite by aborting after exceeding a limit of internal redirects. The limit defaults to 10 and can be changed using the RewriteOptions diff --git a/modules/loggers/mod_log_config.c b/modules/loggers/mod_log_config.c index 032b806d9b..0e28ac5f99 100644 --- a/modules/loggers/mod_log_config.c +++ b/modules/loggers/mod_log_config.c @@ -1300,7 +1300,6 @@ static void *ap_default_log_writer_init(apr_pool_t *p, server_rec *s, "could not open transfer log file %s.", fname); return NULL; } - apr_file_inherit_set(fd); return fd; } } diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index a5b8fdc7ef..d95249b215 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -3429,7 +3429,6 @@ static void open_rewritelog(server_rec *s, apr_pool_t *p) "file %s", fname); exit(1); } - apr_file_inherit_set(conf->rewritelogfp); } return; } diff --git a/server/log.c b/server/log.c index ec7c44acfd..95ab4aa2e8 100644 --- a/server/log.c +++ b/server/log.c @@ -320,8 +320,6 @@ static int open_error_log(server_rec *s, apr_pool_t *p) ap_server_argv0, fname); return DONE; } - - apr_file_inherit_set(s->error_log); } return OK; diff --git a/server/mpm/worker/pod.c b/server/mpm/worker/pod.c index e568d229f0..072777c9c7 100644 --- a/server/mpm/worker/pod.c +++ b/server/mpm/worker/pod.c @@ -76,6 +76,10 @@ AP_DECLARE(apr_status_t) ap_mpm_pod_open(apr_pool_t *p, ap_pod_t **pod) */ (*pod)->p = p; + /* close these before exec. */ + apr_file_unset_inherit((*pod)->pod_in); + apr_file_unset_inherit((*pod)->pod_out); + return APR_SUCCESS; } diff --git a/server/mpm_common.c b/server/mpm_common.c index 86e8ceba85..0632ed63ba 100644 --- a/server/mpm_common.c +++ b/server/mpm_common.c @@ -410,6 +410,10 @@ AP_DECLARE(apr_status_t) ap_mpm_pod_open(apr_pool_t *p, ap_pod_t **pod) apr_sockaddr_info_get(&(*pod)->sa, ap_listeners->bind_addr->hostname, APR_UNSPEC, ap_listeners->bind_addr->port, 0, p); + /* close these before exec. */ + apr_file_unset_inherit((*pod)->pod_in); + apr_file_unset_inherit((*pod)->pod_out); + return APR_SUCCESS; } |