Browse Source

fix unchecked return values from stream_open/stat_cache_get_entry

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2954 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.35
Stefan Bühler 8 years ago
parent
commit
57c661c191
  1. 1
      NEWS
  2. 9
      src/mod_cml_lua.c
  3. 8
      src/mod_expire.c
  4. 22
      src/mod_ssi.c

1
NEWS

@ -18,6 +18,7 @@ NEWS
* [mod_cml_lua] fix null pointer dereference
* force assertion: setting FD_CLOEXEC must work (if available)
* [network] check return value of lseek()
* fix unchecked return values from stream_open/stat_cache_get_entry
- 1.4.34
* [mod_auth] explicitly link ssl for SHA1 (fixes #2517)

9
src/mod_cml_lua.c

@ -209,12 +209,17 @@ int cache_parse_lua(server *srv, connection *con, plugin_data *p, buffer *fn) {
lua_State *L;
readme rm;
int ret = -1;
buffer *b = buffer_init();
buffer *b;
int header_tbl = 0;
rm.done = 0;
stream_open(&rm.st, fn);
if (-1 == stream_open(&rm.st, fn)) {
log_error_write(srv, __FILE__, __LINE__, "sbss",
"opening lua cml file ", fn, "failed:", strerror(errno));
return -1;
}
b = buffer_init();
/* push the lua file to the interpreter and see what happends */
L = luaL_newstate();
luaL_openlibs(L);

8
src/mod_expire.c

@ -306,7 +306,8 @@ URIHANDLER_FUNC(mod_expire_path_handler) {
size_t len;
stat_cache_entry *sce = NULL;
stat_cache_get_entry(srv, con, con->physical.path, &sce);
/* if stat fails => sce == NULL, ignore return value */
(void) stat_cache_get_entry(srv, con, con->physical.path, &sce);
switch(mod_expire_get_offset(srv, p, ds->value, &ts)) {
case 0:
@ -316,6 +317,11 @@ URIHANDLER_FUNC(mod_expire_path_handler) {
case 1:
/* modification */
/* can't set modification based expire header if
* mtime is not available
*/
if (NULL == sce) return HANDLER_GO_ON;
expires = (ts + sce->st.st_mtime);
break;
default:

22
src/mod_ssi.c

@ -319,8 +319,7 @@ static int build_ssi_cgi_vars(server *srv, connection *con, plugin_data *p) {
return 0;
}
static int process_ssi_stmt(server *srv, connection *con, plugin_data *p,
const char **l, size_t n) {
static int process_ssi_stmt(server *srv, connection *con, plugin_data *p, const char **l, size_t n, stat_cache_entry *sce) {
size_t i, ssicmd = 0;
char buf[255];
buffer *b = NULL;
@ -360,7 +359,6 @@ static int process_ssi_stmt(server *srv, connection *con, plugin_data *p,
int var = 0;
/* int enc = 0; */
const char *var_val = NULL;
stat_cache_entry *sce = NULL;
struct {
const char *var;
@ -429,8 +427,6 @@ static int process_ssi_stmt(server *srv, connection *con, plugin_data *p,
break;
}
stat_cache_get_entry(srv, con, con->physical.path, &sce);
switch(var) {
case SSI_ECHO_USER_NAME: {
struct passwd *pw;
@ -958,6 +954,9 @@ static int mod_ssi_handle_request(server *srv, connection *con, plugin_data *p)
int ovec[N * 3];
#endif
stat_cache_entry *sce = NULL;
/* get a stream to the file */
array_reset(p->ssi_vars);
@ -970,6 +969,11 @@ static int mod_ssi_handle_request(server *srv, connection *con, plugin_data *p)
/* Reset the modified time of included files */
include_file_last_mtime = 0;
if (HANDLER_ERROR == stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
log_error_write(srv, __FILE__, __LINE__, "SB", "stat_cache_get_entry failed: ", con->physical.path);
return -1;
}
if (-1 == stream_open(&s, con->physical.path)) {
log_error_write(srv, __FILE__, __LINE__, "sb",
"stream-open: ", con->physical.path);
@ -1043,7 +1047,7 @@ static int mod_ssi_handle_request(server *srv, connection *con, plugin_data *p)
if (!p->if_is_false) chunkqueue_append_file(con->write_queue, con->physical.path, i, ovec[0] - i);
pcre_get_substring_list(s.start, ovec, n, &l);
process_ssi_stmt(srv, con, p, l, n);
process_ssi_stmt(srv, con, p, l, n, sce);
pcre_free_substring_list(l);
}
@ -1074,14 +1078,10 @@ static int mod_ssi_handle_request(server *srv, connection *con, plugin_data *p)
}
{
/* Generate "ETag" & "Last-Modified" headers */
stat_cache_entry *sce = NULL;
/* Generate "ETag" & "Last-Modified" headers */
time_t lm_time = 0;
buffer *mtime = NULL;
stat_cache_get_entry(srv, con, con->physical.path, &sce);
etag_mutate(con->physical.etag, sce->etag);
response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag));

Loading…
Cancel
Save