Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Apache: Bugs
[Bug 53131] New: apr_file_write() incorrectly used
 

Index | Next | Previous | View Flat


bugzilla at apache

Apr 22, 2012, 9:46 PM


Views: 103
Permalink
[Bug 53131] New: apr_file_write() incorrectly used

https://issues.apache.org/bugzilla/show_bug.cgi?id=53131

Bug #: 53131
Summary: apr_file_write() incorrectly used
Product: Apache httpd-2
Version: 2.5-HEAD
Platform: PC
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: All
AssignedTo: bugs [at] httpd
ReportedBy: apache [at] viennot
Classification: Unclassified


In most cases, developers assume that when apr_file_write() returns
APR_SUCCESS, everything went well, and move on.
In reality, apr_file_write() returns APR_SUCCESS if *some* bytes got written
successfully. One of the many cases when this could happen is when the server
receive a signal in the middle of the write() system call. The kernel will not
return -EINTR, but the number of bytes that have been written so far. The
caller needs to check that all the bytes to write have been successfully
written. This is more or less implemented by apr_file_write_full().

I wrote a fix for mod_log_config because log file corruption is sad.
Patch is here: https://github.com/nviennot/apache-httpd/commit/fcbc7ed94
Note: flush_log() returns void, albeit apr_file_write_full() may fail.


This issue is present in different part of the code base. Following a list of
highly suspicious calls:
https://github.com/apache/httpd/blob/62db628c/modules/slotmem/mod_slotmem_shm.c#L169
https://github.com/apache/httpd/blob/62db628c/modules/mappers/mod_rewrite.c#L1404
https://github.com/apache/httpd/blob/62db628c/modules/mappers/mod_rewrite.c#L1414
https://github.com/apache/httpd/blob/62db628c/modules/generators/mod_cgid.c#L1158
https://github.com/apache/httpd/blob/62db628c/modules/generators/mod_cgi.c#L298
https://github.com/apache/httpd/blob/62db628c/modules/cache/mod_cache_disk.c#L742
https://github.com/apache/httpd/blob/62db628c/modules/cache/mod_cache_disk.c#L752
https://github.com/apache/httpd/blob/62db628c/modules/cache/mod_cache_disk.c#L901
https://github.com/apache/httpd/blob/62db628c/modules/cache/mod_cache_disk.c#L910
https://github.com/apache/httpd/blob/62db628c/modules/cache/mod_cache_disk.c#L977
https://github.com/apache/httpd/blob/62db628c/modules/cache/mod_cache_disk.c#L988
https://github.com/apache/httpd/blob/62db628c/modules/cache/mod_cache_disk.c#L1054

--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe [at] httpd
For additional commands, e-mail: bugs-help [at] httpd

Subject User Time
[Bug 53131] New: apr_file_write() incorrectly used bugzilla at apache Apr 22, 2012, 9:46 PM

  Index | Next | Previous | View Flat
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.