Browse Source

Use FD_CLOEXEC if possible (fixes #1821)

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2363 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.21
Stefan Bühler 13 years ago
parent
commit
21c5377d3f
  1. 1
      NEWS
  2. 3
      src/connections.c
  3. 4
      src/log.c
  4. 6
      src/mod_accesslog.c
  5. 19
      src/mod_mysql_vhost.c
  6. 5
      src/mod_rrdtool.c
  7. 4
      src/mod_trigger_b4_dl.c
  8. 4
      src/mod_webdav.c

1
NEWS

@ -21,6 +21,7 @@ NEWS
* Fix fastcgi-authorizer handling; Status: 200 is now accepted as the doc requests
* Compare address family in inet_ntop_cache
* Revert CVE-2008-4359 (#1720) fix "encoding+simplifying urls for rewrite/redirect": too many regressions.
* Use FD_CLOEXEC if possible (fixes #1821)
- 1.4.20 - 2008-09-30

3
src/connections.c

@ -1064,6 +1064,9 @@ int connection_handle_read_state(server *srv, connection *con) {
if (dst_c->file.fd == -1) {
/* this should not happen as we cache the fd, but you never know */
dst_c->file.fd = open(dst_c->file.name->ptr, O_WRONLY | O_APPEND);
#ifdef FD_CLOEXEC
fcntl(dst_c->file.fd, F_SETFD, FD_CLOEXEC);
#endif
}
} else {
/* the chunk is too large now, close it */

4
src/log.c

@ -146,6 +146,10 @@ int log_error_cycle(server *srv) {
/* ok, new log is open, close the old one */
close(srv->errorlog_fd);
srv->errorlog_fd = new_fd;
#ifdef FD_CLOEXEC
/* close fd on exec (cgi) */
fcntl(srv->errorlog_fd, F_SETFD, FD_CLOEXEC);
#endif
}
}

6
src/mod_accesslog.c

@ -540,8 +540,9 @@ SETDEFAULTS_FUNC(log_access_open) {
return HANDLER_ERROR;
}
#ifdef FD_CLOEXEC
fcntl(s->log_access_fd, F_SETFD, FD_CLOEXEC);
#endif
}
return HANDLER_GO_ON;
@ -584,6 +585,9 @@ SIGHUP_FUNC(log_access_cycle) {
return HANDLER_ERROR;
}
#ifdef FD_CLOEXEC
fcntl(s->log_access_fd, F_SETFD, FD_CLOEXEC);
#endif
}
}

19
src/mod_mysql_vhost.c

@ -245,7 +245,6 @@ SERVER_FUNC(mod_mysql_vhost_set_defaults) {
if (!(buffer_is_empty(s->myuser) ||
buffer_is_empty(s->mydb))) {
my_bool reconnect = 1;
int fd;
if (NULL == (s->mysql = mysql_init(NULL))) {
log_error_write(srv, __FILE__, __LINE__, "s", "mysql_init() failed, exiting...");
@ -267,19 +266,27 @@ SERVER_FUNC(mod_mysql_vhost_set_defaults) {
return HANDLER_ERROR;
}
#undef FOO
#if 0
/* set close_on_exec for mysql the hard way */
/* Note: this only works as it is done during startup, */
/* otherwise we cannot be sure that mysql is fd i-1 */
if (-1 == (fd = open("/dev/null", 0))) {
{ int fd;
if (-1 != (fd = open("/dev/null", 0))) {
close(fd);
#ifdef FD_CLOEXEC
fcntl(fd-1, F_SETFD, FD_CLOEXEC);
}
#endif
} }
#else
#ifdef FD_CLOEXEC
fcntl(s->mysql->net.fd, F_SETFD, FD_CLOEXEC);
#endif
#endif
}
}
return HANDLER_GO_ON;
return HANDLER_GO_ON;
}
#define PATCH(x) \

5
src/mod_rrdtool.c

@ -179,6 +179,11 @@ int mod_rrd_create_pipe(server *srv, plugin_data *p) {
p->read_fd = from_rrdtool_fds[0];
p->rrdtool_pid = pid;
#ifdef FD_CLOEXEC
fcntl(p->write_fd, F_SETFD, FD_CLOEXEC);
fcntl(p->read_fd, F_SETFD, FD_CLOEXEC);
#endif
break;
}
}

4
src/mod_trigger_b4_dl.c

@ -1,5 +1,6 @@
#include <ctype.h>
#include <stdlib.h>
#include <fcntl.h>
#include <string.h>
#include "base.h"
@ -180,6 +181,9 @@ SETDEFAULTS_FUNC(mod_trigger_b4_dl_set_defaults) {
"gdbm-open failed");
return HANDLER_ERROR;
}
#ifdef FD_CLOEXEC
fcntl(gdbm_fdesc(s->db), F_SETFD, FD_CLOEXEC);
#endif
}
#endif
#if defined(HAVE_PCRE_H)

4
src/mod_webdav.c

@ -1026,6 +1026,8 @@ static int webdav_parse_chunkqueue(server *srv, connection *con, plugin_data *p,
if (MAP_FAILED == (c->file.mmap.start = mmap(0, c->file.length, PROT_READ, MAP_SHARED, c->file.fd, 0))) {
log_error_write(srv, __FILE__, __LINE__, "ssbd", "mmap failed: ",
strerror(errno), c->file.name, c->file.fd);
close(c->file.fd);
c->file.fd = -1;
return -1;
}
@ -1723,6 +1725,8 @@ URIHANDLER_FUNC(mod_webdav_subrequest_handler) {
if (MAP_FAILED == (c->file.mmap.start = mmap(0, c->file.length, PROT_READ, MAP_SHARED, c->file.fd, 0))) {
log_error_write(srv, __FILE__, __LINE__, "ssbd", "mmap failed: ",
strerror(errno), c->file.name, c->file.fd);
close(c->file.fd);
c->file.fd = -1;
return HANDLER_ERROR;
}

Loading…
Cancel
Save