You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Rob Hartill <ro...@imdb.com> on 1997/01/28 12:17:58 UTC

[BUG]: "programming error in suexec.c" on Irix (fwd)

not acked

---------- Forwarded message ----------
Date: Sun Jan 26 23:36:08 1997
From: robert@easynet.de
To: apache-bugs%apache.org@organic.com
Subject: [BUG]: "programming error in suexec.c" on Irix

Submitter: robert@easynet.de
Operating system: Irix, version: 
Version of Apache Used: 1.2b6
Extra Modules used: 
URL exhibiting problem: 

Symptoms:
--
While some problems are fixed with suexec, two more
severe programming errors are introduced.
- clean_env() sets some value in environ to 
  pathbuf and exit. But pathbuf will no longer be
  valid after clean_env() is terminated! A solution
  would be to declare it "static char pathbuf[512]".
- By setting more than 256 environment variables, 
  it's possible to corrupt the memory allocated
  for cleanenv in clean_env().
  Solution: 
  Change
    for (ep = environ; *ep; ep++) {
  to
    for (ep = environ; *ep && cidx < CLEAN_ENV_BUF; ep++) {

--

Backtrace:
--

--

Re: [BUG]: "programming error in suexec.c" on Irix (fwd)

Posted by "Jason A. Dour" <ja...@bcc.louisville.edu>.

-----BEGIN PGP SIGNED MESSAGE-----

Acked.  I've put it on our suEXEC TODO...  I'll make time soon to look at
this.

Jason


On Tue, 28 Jan 1997, Rob Hartill wrote:

> Date: Tue, 28 Jan 1997 11:17:58 +0000 (GMT)
> From: Rob Hartill <ro...@imdb.com>
> Reply-To: new-httpd@hyperreal.com
> To: Apache Group <ne...@hyperreal.com>
> Subject: [BUG]: "programming error in suexec.c" on Irix (fwd)
> 
> 
> not acked
> 
> ---------- Forwarded message ----------
> Date: Sun Jan 26 23:36:08 1997
> From: robert@easynet.de
> To: apache-bugs%apache.org@organic.com
> Subject: [BUG]: "programming error in suexec.c" on Irix
> 
> Submitter: robert@easynet.de
> Operating system: Irix, version: 
> Version of Apache Used: 1.2b6
> Extra Modules used: 
> URL exhibiting problem: 
> 
> Symptoms:
> --
> While some problems are fixed with suexec, two more
> severe programming errors are introduced.
> - clean_env() sets some value in environ to 
>   pathbuf and exit. But pathbuf will no longer be
>   valid after clean_env() is terminated! A solution
>   would be to declare it "static char pathbuf[512]".
> - By setting more than 256 environment variables, 
>   it's possible to corrupt the memory allocated
>   for cleanenv in clean_env().
>   Solution: 
>   Change
>     for (ep = environ; *ep; ep++) {
>   to
>     for (ep = environ; *ep && cidx < CLEAN_ENV_BUF; ep++) {
> 
> --
> 
> Backtrace:
> --
> 
> --
> 
> 

# Jason A. Dour <ja...@bcc.louisville.edu>                            1101
# Programmer Analyst II; Department of Radiation Oncology; Univ. of Lou.
# Finger for URLs, PGP public key, geek code, PJ Harvey info, et cetera.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMu31Hpo1JaC71RLxAQFVrQP/Vaj/Q0+t1wwhBQqMr604oEitXrc2QNhI
e/795mwr/4c6Q3J+YRqu4fVlYunX6ywF8u/ZRHy3XW+S3Adkvgo+A/JgBDNpOTx5
pFbz9r981ZfK19wv/7c0Qh9e7CX29/McYsxM9gcpzmJE/SbS6YjpP5fJ3E9dwHxv
qH2oupWCxec=
=8gUv
-----END PGP SIGNATURE-----