diff options
| author | Joe Orton <jorton@apache.org> | 2007-06-29 10:33:14 +0000 |
|---|---|---|
| committer | Joe Orton <jorton@apache.org> | 2007-06-29 10:33:14 +0000 |
| commit | 0a0d324e07439178928268989607d3219f7e8b34 (patch) | |
| tree | ede12ebc2873490c3c3234e07f8ab2e01fa7b00b /include | |
| parent | ada9c28dcf715bd6f61c1f2761a0a04f68f2a019 (diff) | |
| download | httpd-0a0d324e07439178928268989607d3219f7e8b34.tar.gz | |
Add alternative fixes for CVE-2007-3304:
* configure.in: Check for getpgid.
* include/mpm_common.h (ap_mpm_safe_kill): New prototype.
* server/mpm_common.c (reclaim_one_pid): Ensure pid validity before
calling apr_proc_wait().
(ap_mpm_safe_kill): New function.
* server/mpm/prefork/prefork.c, server/mpm/worker/worker.c,
server/mpm/experimental/event/event.c: Use ap_mpm_safe_kill() on pids
from the scoreboard, throughout.
* include/ap_mmn.h: Minor bump.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@551843 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'include')
| -rw-r--r-- | include/ap_mmn.h | 3 | ||||
| -rw-r--r-- | include/mpm_common.h | 13 |
2 files changed, 15 insertions, 1 deletions
diff --git a/include/ap_mmn.h b/include/ap_mmn.h index 206a833929..888147a23c 100644 --- a/include/ap_mmn.h +++ b/include/ap_mmn.h @@ -129,6 +129,7 @@ * ap_parse_mutex() * 20060905.3 (2.3.0-dev) Added conn_rec::clogging_input_filters. * 20060905.4 (2.3.0-dev) Added proxy_balancer::sticky_path. + * 20060905.5 (2.3.0-dev) Added ap_mpm_safe_kill() * */ @@ -137,7 +138,7 @@ #ifndef MODULE_MAGIC_NUMBER_MAJOR #define MODULE_MAGIC_NUMBER_MAJOR 20060905 #endif -#define MODULE_MAGIC_NUMBER_MINOR 4 /* 0...n */ +#define MODULE_MAGIC_NUMBER_MINOR 5 /* 0...n */ /** * Determine if the server's current MODULE_MAGIC_NUMBER is at least a diff --git a/include/mpm_common.h b/include/mpm_common.h index 20a74ac642..30786751c9 100644 --- a/include/mpm_common.h +++ b/include/mpm_common.h @@ -145,6 +145,19 @@ int ap_unregister_extra_mpm_process(pid_t pid); #endif /** + * Safely signal an MPM child process, if the process is in the + * current process group. Otherwise fail. + * @param pid the process id of a child process to signal + * @param sig the signal number to send + * @return APR_SUCCESS if signal is sent, otherwise an error as per kill(3); + * APR_EINVAL is returned if passed either an invalid (< 1) pid, or if + * the pid is not in the current process group + */ +#ifdef AP_MPM_WANT_RECLAIM_CHILD_PROCESSES +apr_status_t ap_mpm_safe_kill(pid_t pid, int sig); +#endif + +/** * Determine if any child process has died. If no child process died, then * this process sleeps for the amount of time specified by the MPM defined * macro SCOREBOARD_MAINTENANCE_INTERVAL. |