You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Cliff Woolley <jw...@virginia.edu> on 2003/08/02 22:19:52 UTC

Re: suexec+CGI = zombies in 1.3.28

On Tue, 29 Jul 2003, Ralf S. Engelschall wrote:

> Index: alloc.c
> ===================================================================
> RCS file: /e/apache/cvs/apache-1.3/src/main/alloc.c,v
> retrieving revision 1.145
> diff -u -d -r1.145 alloc.c
> --- alloc.c	20 Jun 2003 15:05:40 -0000	1.145
> +++ alloc.c	29 Jul 2003 19:07:46 -0000
> @@ -2859,12 +2859,8 @@
>  	if ((p->kill_how == kill_after_timeout)
>  	    || (p->kill_how == kill_only_once)) {
>  	    /* Subprocess may be dead already.  Only need the timeout if not. */
> -	    if (ap_os_kill(p->pid, SIGTERM) == -1) {
> -                p->kill_how = kill_never;
> -            }
> -            else {
> -		need_timeout = 1;
> -            }
> +	    ap_os_kill(p->pid, SIGTERM);
> +	    need_timeout = 1;
>  	}
>  	else if (p->kill_how == kill_always) {
>  	    kill(p->pid, SIGKILL);

+1, looks good.

--Cliff

Re: suexec+CGI = zombies in 1.3.28

Posted by Cliff Woolley <jw...@virginia.edu>.

On Sat, 2 Aug 2003, Bill Stoddard wrote:

> >>-	    if (ap_os_kill(p->pid, SIGTERM) == -1) {
> >>-                p->kill_how = kill_never;
> >>-            }
> >>-            else {
> >>-		need_timeout = 1;
> >>-            }
> >>+	    ap_os_kill(p->pid, SIGTERM);
> >>+	    need_timeout = 1;
>
> So you sucessfully kill the process, then you set need_timeout. You swap
> out and another process is started (by an httpd process) on the system
> with the same pid. Your swaped back in, detect the process (thinking it
> is the old process still hanging around) and kill it after a timeout.
> Is this possible or not?

Seems like the set of circumstances that would have to occur is fairly
unlikely but possible.  Though afaict those same circumstances would have
have been possible and would have had the same result even without this
patch.  No?

--Cliff

Re: suexec+CGI = zombies in 1.3.28

Posted by Bill Stoddard <bi...@wstoddard.com>.

Cliff Woolley wrote:
> On Tue, 29 Jul 2003, Ralf S. Engelschall wrote:
> 
> 
>>Index: alloc.c
>>===================================================================
>>RCS file: /e/apache/cvs/apache-1.3/src/main/alloc.c,v
>>retrieving revision 1.145
>>diff -u -d -r1.145 alloc.c
>>--- alloc.c	20 Jun 2003 15:05:40 -0000	1.145
>>+++ alloc.c	29 Jul 2003 19:07:46 -0000
>>@@ -2859,12 +2859,8 @@
>> 	if ((p->kill_how == kill_after_timeout)
>> 	    || (p->kill_how == kill_only_once)) {
>> 	    /* Subprocess may be dead already.  Only need the timeout if not. */
>>-	    if (ap_os_kill(p->pid, SIGTERM) == -1) {
>>-                p->kill_how = kill_never;
>>-            }
>>-            else {
>>-		need_timeout = 1;
>>-            }
>>+	    ap_os_kill(p->pid, SIGTERM);
>>+	    need_timeout = 1;
>> 	}
>> 	else if (p->kill_how == kill_always) {
>> 	    kill(p->pid, SIGKILL);
> 
> 
> +1, looks good.
> 
> --Cliff
> 

So you sucessfully kill the process, then you set need_timeout. You swap 
out and another process is started (by an httpd process) on the system 
with the same pid. Your swaped back in, detect the process (thinking it 
is the old process still hanging around) and kill it after a timeout. 
Is this possible or not?

Bill