Browse Source

Disable mmap by default (fixes #2391)

* if a user truncates a file we are mmapping, reading the truncated
  area leads to SIGBUS
* mod_cgi and mod_webdav still use mmap for reading the tmp files
  created for large request bodies.
  as no other user should have write access for those this isn't
  a (security) problem.

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2827 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.31
Stefan Bühler 10 years ago
parent
commit
f4c3a99eea
  1. 1
      NEWS
  2. 15
      configure.ac
  3. 40
      src/mod_compress.c
  4. 2
      src/network_backends.h

1
NEWS

@ -7,6 +7,7 @@ NEWS
* [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI
* Move fdevent subsystem includes to implementation files to reduce conflicts (fixes #2373)
* [mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response
* disable mmap by default (fixes #2391)
- 1.4.30 - 2011-12-18
* Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331)

15
configure.ac

@ -569,6 +569,21 @@ if test x$ipv6 = xtrue; then
fi
fi
# disable mmap by default; if a mmapped file gets truncated, the process gets a SIGBUS signal
# on reading the truncated area which we can't handle (yet).
# lighttpd may always use mmap with files it owns (created tmp files)
AC_ARG_ENABLE(mmap,
AC_HELP_STRING([--enable-mmap],[use mmap if available (DANGEROUS, allows local users to trigger SIGBUS crashes)]),
[case "${enableval}" in
yes) mmap=true ;;
no) mmap=false ;;
*) AC_MSG_ERROR(bad value ${enableval} for --enable-mmap) ;;
esac],[mmap=false])
if teest x$mmap = xtrue; then
AC_DEFINE(ENABLE_MMAP, [1], [Use mmap if available])
fi
AM_CONDITIONAL(CROSS_COMPILING, test "x$cross_compiling" = xyes)

40
src/mod_compress.c

@ -485,7 +485,7 @@ static int deflate_file_to_file(server *srv, connection *con, plugin_data *p, bu
return -1;
}
#ifdef USE_MMAP
if (MAP_FAILED == (start = mmap(NULL, sce->st.st_size, PROT_READ, MAP_SHARED, ifd, 0))) {
log_error_write(srv, __FILE__, __LINE__, "sbss", "mmaping", fn, "failed", strerror(errno));
@ -499,6 +499,23 @@ static int deflate_file_to_file(server *srv, connection *con, plugin_data *p, bu
return -1;
}
#else
start = malloc(sce->st.st_size);
if (NULL == start || sce->st.st_size != read(ifd, start, sce->st.st_size)) {
log_error_write(srv, __FILE__, __LINE__, "sbss", "reading", fn, "failed", strerror(errno));
close(ofd);
close(ifd);
free(start);
/* Remove the incomplete cache file, so that later hits aren't served from it */
if (-1 == unlink(p->ofn->ptr)) {
log_error_write(srv, __FILE__, __LINE__, "sbss", "unlinking incomplete cachefile", p->ofn, "failed:", strerror(errno));
}
return -1;
}
#endif
switch(type) {
#ifdef USE_ZLIB
@ -530,7 +547,12 @@ static int deflate_file_to_file(server *srv, connection *con, plugin_data *p, bu
}
}
#ifdef USE_MMAP
munmap(start, sce->st.st_size);
#else
free(start);
#endif
close(ofd);
close(ifd);
@ -571,13 +593,23 @@ static int deflate_file_to_buffer(server *srv, connection *con, plugin_data *p,
return -1;
}
#ifdef USE_MMAP
if (MAP_FAILED == (start = mmap(NULL, sce->st.st_size, PROT_READ, MAP_SHARED, ifd, 0))) {
log_error_write(srv, __FILE__, __LINE__, "sbss", "mmaping", fn, "failed", strerror(errno));
close(ifd);
return -1;
}
#else
start = malloc(sce->st.st_size);
if (NULL == start || sce->st.st_size != read(ifd, start, sce->st.st_size)) {
log_error_write(srv, __FILE__, __LINE__, "sbss", "reading", fn, "failed", strerror(errno));
close(ifd);
free(start);
return -1;
}
#endif
switch(type) {
#ifdef USE_ZLIB
@ -598,7 +630,11 @@ static int deflate_file_to_buffer(server *srv, connection *con, plugin_data *p,
break;
}
#ifdef USE_MMAP
munmap(start, sce->st.st_size);
#else
free(start);
#endif
close(ifd);
if (ret != 0) return -1;

2
src/network_backends.h

@ -31,7 +31,7 @@
# include <sys/uio.h>
#endif
#if defined HAVE_SYS_MMAN_H && defined HAVE_MMAP
#if defined HAVE_SYS_MMAN_H && defined HAVE_MMAP && defined ENABLE_MMAP
# define USE_MMAP
# include <sys/mman.h>
/* NetBSD 1.3.x needs it */

Loading…
Cancel
Save