Browse Source

[mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319)

error if unix socket path is duplicated

(does not check across modules, but will detect duplicated unix socket
 paths within fastcgi directives, and separately, duplicated unix socket
 paths within scgi directives)
personal/stbuehler/mod-csrf-old
Glenn Strauss 6 years ago
committed by Stefan Bühler
parent
commit
97556d992b
  1. 1
      NEWS
  2. 26
      src/mod_fastcgi.c
  3. 27
      src/mod_scgi.c

1
NEWS

@ -62,6 +62,7 @@ NEWS
* use li_[iu]tostrn() instead of li_[iu]tostr()
* [stream] fstat() after open() to obtain file size
* [core] clean up srv before exiting for lighttpd -[vVh]
* [mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319)
- 1.4.39 - 2016-01-02
* [core] fix memset_s call (fixes #2698)

26
src/mod_fastcgi.c

@ -1167,6 +1167,24 @@ static int fcgi_spawn_connection(server *srv,
#endif /* HAVE_FORK */
static int unixsocket_is_dup(plugin_data *p, size_t used, buffer *unixsocket) {
size_t i, j, n;
for (i = 0; i < used; ++i) {
fcgi_exts *exts = p->config_storage[i]->exts;
for (j = 0; j < exts->used; ++j) {
fcgi_extension *ex = exts->exts[j];
for (n = 0; n < ex->used; ++n) {
fcgi_extension_host *host = ex->hosts[n];
if (!buffer_string_is_empty(host->unixsocket)
&& buffer_is_equal(host->unixsocket, unixsocket))
return 1;
}
}
}
return 0;
}
SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) {
plugin_data *p = p_d;
data_unset *du;
@ -1344,6 +1362,14 @@ SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) {
goto error;
}
if (!buffer_string_is_empty(host->bin_path)
&& unixsocket_is_dup(p, i+1, host->unixsocket)) {
log_error_write(srv, __FILE__, __LINE__, "sb",
"duplicate unixsocket path:",
host->unixsocket);
goto error;
}
} else {
/* tcp/ip */

27
src/mod_scgi.c

@ -677,6 +677,7 @@ static int scgi_spawn_connection(server *srv,
"new proc, socket:", proc->port, proc->socket);
}
if (!buffer_string_is_empty(proc->socket)) {
#ifdef HAVE_SYS_UN_H
memset(&scgi_addr_un, 0, sizeof(scgi_addr_un));
@ -936,6 +937,24 @@ static int scgi_spawn_connection(server *srv,
#endif /* HAVE_FORK */
static int unixsocket_is_dup(plugin_data *p, size_t used, buffer *unixsocket) {
size_t i, j, n;
for (i = 0; i < used; ++i) {
scgi_exts *exts = p->config_storage[i]->exts;
for (j = 0; j < exts->used; ++j) {
scgi_extension *ex = exts->exts[j];
for (n = 0; n < ex->used; ++n) {
scgi_extension_host *host = ex->hosts[n];
if (!buffer_string_is_empty(host->unixsocket)
&& buffer_is_equal(host->unixsocket, unixsocket))
return 1;
}
}
}
return 0;
}
SETDEFAULTS_FUNC(mod_scgi_set_defaults) {
plugin_data *p = p_d;
data_unset *du;
@ -1097,6 +1116,14 @@ SETDEFAULTS_FUNC(mod_scgi_set_defaults) {
"path of the unixdomain socket is too large");
goto error;
}
if (!buffer_string_is_empty(df->bin_path)
&& unixsocket_is_dup(p, i+1, df->unixsocket)) {
log_error_write(srv, __FILE__, __LINE__, "sb",
"duplicate unixsocket path:",
df->unixsocket);
goto error;
}
} else {
/* tcp/ip */

Loading…
Cancel
Save