You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2012/09/30 17:44:46 UTC

svn commit: r1392043 - in /httpd/httpd/branches/2.0.x: CHANGES STATUS server/scoreboard.c

Author: jim
Date: Sun Sep 30 15:44:46 2012
New Revision: 1392043

URL: http://svn.apache.org/viewvc?rev=1392043&view=rev
Log:
SECURITY: CVE-2012-0031 (cve.mitre.org)

Modified:
    httpd/httpd/branches/2.0.x/CHANGES
    httpd/httpd/branches/2.0.x/STATUS
    httpd/httpd/branches/2.0.x/server/scoreboard.c

Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?rev=1392043&r1=1392042&r2=1392043&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.0.x/CHANGES [utf-8] Sun Sep 30 15:44:46 2012
@@ -1,6 +1,11 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.0.65
 
+  *) SECURITY: CVE-2012-0031 (cve.mitre.org)
+     Fix scoreboard issue which could allow an unprivileged child process 
+     could cause the parent to crash at shutdown rather than terminate 
+     cleanly.  [Joe Orton]
+
   *) SECURITY: CVE-2011-3607 (cve.mitre.org)
      core: Fix integer overflow in ap_pregsub. This can be triggered e.g.
      with mod_setenvif via a malicious .htaccess. [Stefan Fritsch]

Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/STATUS?rev=1392043&r1=1392042&r2=1392043&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Sun Sep 30 15:44:46 2012
@@ -171,15 +171,6 @@ RELEASE SHOWSTOPPERS:
         http://people.apache.org/~trawick/2.0-CVE-2011-4317-r1235443.patch
        +1: trawick
 
-  *) SECURITY: CVE-2012-0031 (cve.mitre.org)
-     Fix scoreboard issue which could allow an unprivileged child process 
-     could cause the parent to crash at shutdown rather than terminate 
-     cleanly.  [Joe Orton]
-
-     r1231058 on 2.0.x:
-       http://people.apache.org/~trawick/2.0-CVE-2012-0031-r1231058.patch
-     +1: trawick, wrowe, rjung
-
   *) SECURITY: CVE-2012-0053 (cve.mitre.org)
      Fix an issue in error responses that could expose "httpOnly" cookies
      when no custom ErrorDocument is specified for status code 400.

Modified: httpd/httpd/branches/2.0.x/server/scoreboard.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/server/scoreboard.c?rev=1392043&r1=1392042&r2=1392043&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/server/scoreboard.c (original)
+++ httpd/httpd/branches/2.0.x/server/scoreboard.c Sun Sep 30 15:44:46 2012
@@ -41,6 +41,8 @@ AP_DECLARE_DATA scoreboard *ap_scoreboar
 AP_DECLARE_DATA const char *ap_scoreboard_fname = NULL;
 AP_DECLARE_DATA int ap_extended_status = 0;
 
+static ap_scoreboard_e scoreboard_type;
+
 #if APR_HAS_SHARED_MEMORY
 
 #include "apr_shm.h"
@@ -230,7 +232,7 @@ apr_status_t ap_cleanup_scoreboard(void 
     if (ap_scoreboard_image == NULL) {
         return APR_SUCCESS;
     }
-    if (ap_scoreboard_image->global->sb_type == SB_SHARED) {
+    if (scoreboard_type == SB_SHARED) {
         ap_cleanup_shared_mem(NULL);
     }
     else {
@@ -289,7 +291,7 @@ int ap_create_scoreboard(apr_pool_t *p, 
         ap_init_scoreboard(sb_mem);
     }
 
-    ap_scoreboard_image->global->sb_type = sb_type;
+    ap_scoreboard_image->global->sb_type = scoreboard_type = sb_type;
     ap_scoreboard_image->global->running_generation = running_gen;
     ap_scoreboard_image->global->restart_time = apr_time_now();