Mailing List Archive: Perl: porters

SuSE's perl safe_putenf diff

Index | Next | Previous | View Threaded

Michael.Schroeder at informatik

Nov 11, 2004, 6:54 AM

Post #1 of 12 (1935 views)
Permalink

SuSE's perl safe_putenf diff

Hi Porters,

here's a patch from SuSE's perl-5.8.5. It changes the putenv
handling in a way so that PERL_USE_SAFE_PUTENV is defined for
applications that embedded perl. It does this by adding a
global variable "Perl_use_safe_putenv" that defaults to 1 but
is cleared by perlmain.

The reasoning is this: Perl applications know that they must
call perl's putenv, so it is safe to use it in this case. If
perl is just a module in another application (e.g. mod_perl),
this assumption no longer holds, so we have to switch to the
safe system putenv in that case.

Cheers,
Michael.

--- ./mg.c.orig 2004-06-30 19:51:44.000000000 +0000
+++ ./mg.c 2004-07-28 12:25:14.520609864 +0000
@@ -1046,6 +1046,8 @@
# endif
{
# ifndef PERL_USE_SAFE_PUTENV
+ extern int Perl_use_safe_putenv;
+ if (!Perl_use_safe_putenv) {
I32 i;

if (environ == PL_origenviron)
@@ -1053,6 +1055,7 @@
else
for (i = 0; environ[i]; i++)
safesysfree(environ[i]);
+ }
# endif /* PERL_USE_SAFE_PUTENV */

environ[0] = Nullch;
--- ./miniperlmain.c.orig 2003-05-04 09:40:14.000000000 +0000
+++ ./miniperlmain.c 2004-07-28 12:25:14.522609256 +0000
@@ -39,6 +39,10 @@
main(int argc, char **argv, char **env)
{
int exitstatus;
+#ifndef PERL_USE_SAFE_PUTENV
+ extern int Perl_use_safe_putenv;
+ Perl_use_safe_putenv = 0;
+#endif /* PERL_USE_SAFE_PUTENV */

#ifdef PERL_GLOBAL_STRUCT
#define PERLVAR(var,type) /**/
--- ./perl.c.orig 2004-06-23 10:35:46.000000000 +0000
+++ ./perl.c 2004-07-28 12:25:14.533605909 +0000
@@ -81,6 +81,10 @@
char *nw_get_sitelib(const char *pl);
#endif

+#if !defined(PERL_USE_SAFE_PUTENV)
+int Perl_use_safe_putenv = 1;
+#endif
+
/* XXX If this causes problems, set i_unistd=undef in the hint file. */
#ifdef I_UNISTD
#include <unistd.h>
@@ -590,7 +594,7 @@
*/
#ifndef PERL_MICRO
#if defined(USE_ENVIRON_ARRAY) && !defined(PERL_USE_SAFE_PUTENV)
- if (environ != PL_origenviron
+ if (environ != PL_origenviron && !Perl_use_safe_putenv
#ifdef USE_ITHREADS
/* only main thread can free environ[0] contents */
&& PL_curinterp == aTHX
--- ./util.c.orig 2004-03-22 19:54:24.000000000 +0000
+++ ./util.c 2004-07-28 12:25:14.553599825 +0000
@@ -1462,6 +1462,8 @@
#endif
{
#ifndef PERL_USE_SAFE_PUTENV
+ extern int Perl_use_safe_putenv;
+ if (!Perl_use_safe_putenv) {
/* most putenv()s leak, so we manipulate environ directly */
register I32 i=setenv_getix(nam); /* where does it go? */
int nlen, vlen;
@@ -1502,8 +1504,8 @@
environ[i] = (char*)safesysmalloc((nlen+vlen+2) * sizeof(char));
/* all that work just for this */
my_setenv_format(environ[i], nam, nlen, val, vlen);
-
-#else /* PERL_USE_SAFE_PUTENV */
+ } else {
+# endif
# if defined(__CYGWIN__) || defined( EPOC)
setenv(nam, val, 1);
# else
@@ -1518,7 +1520,9 @@
my_setenv_format(new_env, nam, nlen, val, vlen);
(void)putenv(new_env);
# endif /* __CYGWIN__ */
-#endif /* PERL_USE_SAFE_PUTENV */
+#ifndef PERL_USE_SAFE_PUTENV
+ }
+#endif
}
}

rgarciasuarez at mandrakesoft

Nov 12, 2004, 3:04 PM

Post #2 of 12 (1893 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

Michael Schroeder wrote:
>
> here's a patch from SuSE's perl-5.8.5. It changes the putenv
> handling in a way so that PERL_USE_SAFE_PUTENV is defined for
> applications that embedded perl. It does this by adding a
> global variable "Perl_use_safe_putenv" that defaults to 1 but
> is cleared by perlmain.
>
> The reasoning is this: Perl applications know that they must
> call perl's putenv, so it is safe to use it in this case. If
> perl is just a module in another application (e.g. mod_perl),
> this assumption no longer holds, so we have to switch to the
> safe system putenv in that case.

The patch is clean and all, but I'm not really seeing what kind of
problem it's trying to solve. (and there are no regression tests to hint
me about this...)

Michael.Schroeder at informatik

Nov 15, 2004, 5:20 AM

Post #3 of 12 (1919 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

On Sat, Nov 13, 2004 at 12:04:58AM +0100, Rafael Garcia-Suarez wrote:
> The patch is clean and all, but I'm not really seeing what kind of
> problem it's trying to solve. (and there are no regression tests to hint
> me about this...)

Try this:

#include <EXTERN.h>
#include <perl.h>
#include <XSUB.h>

static PerlInterpreter *my_perl;

main(int argc, char **argv, char **env)
{
char *embedding[] = { "", "-e", "0" };

PERL_SYS_INIT3(&argc,&argv,&env);
my_perl = perl_alloc();
perl_construct(my_perl);

// putenv("FOO=BAR");

perl_parse(my_perl, NULL, 3, embedding, (char **)NULL);
PL_exit_flags |= PERL_EXIT_DESTRUCT_END;
perl_run(my_perl);

putenv("FOO=BAR");

perl_destruct(my_perl);
perl_free(my_perl);
my_perl = 0;
PERL_SYS_TERM();
}

Basically one mustn't call putenv() if a perlinterpreter is
still in use.

Cheers,
Michael.

--
Michael Schroeder mlschroe[at]informatik.uni-erlangen.de
main(_){while(_=~getchar())putchar(~_-1/(~(_|32)/13*2-11)*13);}

stas at stason

Nov 15, 2004, 2:58 PM

Post #4 of 12 (1916 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

Michael Schroeder wrote:
> On Sat, Nov 13, 2004 at 12:04:58AM +0100, Rafael Garcia-Suarez wrote:
>
>>The patch is clean and all, but I'm not really seeing what kind of
>>problem it's trying to solve. (and there are no regression tests to hint
>>me about this...)

Michael, you've mentioned mod_perl in your original message. What was the
relation? How is it going to help mod_perl, if there is any?

--
__________________________________________________________________
Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:stas[at]stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com

Michael.Schroeder at informatik

Nov 16, 2004, 2:14 AM

Post #5 of 12 (1909 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

On Mon, Nov 15, 2004 at 05:58:57PM -0500, Stas Bekman wrote:
> Michael Schroeder wrote:
> >On Sat, Nov 13, 2004 at 12:04:58AM +0100, Rafael Garcia-Suarez wrote:
> >
> >>The patch is clean and all, but I'm not really seeing what kind of
> >>problem it's trying to solve. (and there are no regression tests to hint
> >>me about this...)
>
> Michael, you've mentioned mod_perl in your original message. What was the
> relation? How is it going to help mod_perl, if there is any?

We had some reports that apache crashes if mod_php4 and mod_perl
are loaded and mod_php4 changes the environment. We found that the
environment handling of perl was the culprit, thus the patch.
(I'm not sure if apache2 would also have this problem.)

You'll also find similar problems if you search the web.

Cheers,
Michael.

--
Michael Schroeder mlschroe[at]informatik.uni-erlangen.de
main(_){while(_=~getchar())putchar(~_-1/(~(_|32)/13*2-11)*13);}

stas at stason

Nov 16, 2004, 12:56 PM

Post #6 of 12 (1919 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

Michael Schroeder wrote:
> On Mon, Nov 15, 2004 at 05:58:57PM -0500, Stas Bekman wrote:
>
>>Michael Schroeder wrote:
>>
>>>On Sat, Nov 13, 2004 at 12:04:58AM +0100, Rafael Garcia-Suarez wrote:
>>>
>>>
>>>>The patch is clean and all, but I'm not really seeing what kind of
>>>>problem it's trying to solve. (and there are no regression tests to hint
>>>>me about this...)
>>
>>Michael, you've mentioned mod_perl in your original message. What was the
>>relation? How is it going to help mod_perl, if there is any?
>
>
> We had some reports that apache crashes if mod_php4 and mod_perl
> are loaded and mod_php4 changes the environment. We found that the
> environment handling of perl was the culprit, thus the patch.
> (I'm not sure if apache2 would also have this problem.)
>
> You'll also find similar problems if you search the web.

It's a perfect timing, since someone on the modperl list just had this
exact problem and posted this link:
http://www.phpbuilder.com/lists/php-install/2003092/0018.php

So with the proposed patch the problem goes away?

In which case it's a big +1 to put it in in 5.8.x.

--
__________________________________________________________________
Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:stas[at]stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com

Michael.Schroeder at informatik

Nov 16, 2004, 1:04 PM

Post #7 of 12 (1902 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

On Tue, Nov 16, 2004 at 03:56:15PM -0500, Stas Bekman wrote:
> It's a perfect timing, since someone on the modperl list just had this
> exact problem and posted this link:
> http://www.phpbuilder.com/lists/php-install/2003092/0018.php

This seems to be exactly the same problem.

> So with the proposed patch the problem goes away?

Yes, it basically turns on PERL_USE_SAFE_PUTENV for every application
that embeds perl.

Cheers,
Michael.

--
Michael Schroeder mlschroe[at]informatik.uni-erlangen.de
main(_){while(_=~getchar())putchar(~_-1/(~(_|32)/13*2-11)*13);}

stas at stason

Nov 16, 2004, 2:20 PM

Post #8 of 12 (1912 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

Michael Schroeder wrote:
> On Tue, Nov 16, 2004 at 03:56:15PM -0500, Stas Bekman wrote:
>
>>It's a perfect timing, since someone on the modperl list just had this
>>exact problem and posted this link:
>>http://www.phpbuilder.com/lists/php-install/2003092/0018.php
>
>
> This seems to be exactly the same problem.
>
>
>>So with the proposed patch the problem goes away?
>
>
> Yes, it basically turns on PERL_USE_SAFE_PUTENV for every application
> that embeds perl.

Excellent. Rafael, you can quote
http://www.phpbuilder.com/lists/php-install/2003092/0018.php
to explain what this patch is for. (and may be the summary from this
message, in case the url stops working).

Also Nick, please let us know whether this gets into 5.8.x branch, so we
can start using it in modperl.

--
__________________________________________________________________
Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:stas[at]stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com

rgarciasuarez at mandrakesoft

Nov 17, 2004, 2:38 AM

Post #9 of 12 (1913 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

Michael Schroeder wrote:
>
> here's a patch from SuSE's perl-5.8.5. It changes the putenv
> handling in a way so that PERL_USE_SAFE_PUTENV is defined for
> applications that embedded perl. It does this by adding a
> global variable "Perl_use_safe_putenv" that defaults to 1 but
> is cleared by perlmain.
>
> The reasoning is this: Perl applications know that they must
> call perl's putenv, so it is safe to use it in this case. If
> perl is just a module in another application (e.g. mod_perl),
> this assumption no longer holds, so we have to switch to the
> safe system putenv in that case.

Thanks, I've applied a modified version of this patch to bleadperl as
change #23507. (Basically I added the new global in perlvars.h instead
of providing multiple external declarations in the C files that use it.)

nick at ccl4

Nov 25, 2004, 3:04 PM

Post #10 of 12 (1916 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

On Tue, Nov 16, 2004 at 05:20:36PM -0500, Stas Bekman wrote:
> Also Nick, please let us know whether this gets into 5.8.x branch, so we
> can start using it in modperl.

I've put it in 5.8.6-to be.

Can you suggest a suitable perldelta entry to describe it?
[.see, you don't get something for nothing in this life :-)]

Nicholas Clark

stas at stason

Nov 25, 2004, 4:26 PM

Post #11 of 12 (1904 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

Nicholas Clark wrote:
> On Tue, Nov 16, 2004 at 05:20:36PM -0500, Stas Bekman wrote:
>
>>Also Nick, please let us know whether this gets into 5.8.x branch, so we
>>can start using it in modperl.
>
>
> I've put it in 5.8.6-to be.
>
> Can you suggest a suitable perldelta entry to describe it?
> [.see, you don't get something for nothing in this life :-)]

To start with we need a reference to "Safe process environment manipulation":

--- INSTALL.orig 2004-11-25 18:40:25.298183328 -0500
+++ INSTALL 2004-11-25 19:25:45.824064019 -0500
@@ -400,6 +400,21 @@
section), you cannot use the printf/sprintf non-decimal integer formats
like C<%x> to print filesizes. You can use C<%d>, though.

+=head3 Safe process environment manipulation
+
+If compiled with -DPERL_USE_SAFE_PUTENV, but regardless when used
+within an application that embeds perl, when %ENV is manipulated a
+safe putenv() is used. Otherwise perl manipulates the process environ
+struct directly, which might be unsafe if other environments try to
+manipulated environ too.
+
+It's still possible use the unsafe manipulation in the embedded-perl
+applications by setting:
+
+ PL_use_safe_putenv = 0;
+
+after the perl_construct() call.
+
=head3 64 bit support.

If your platform does not have run natively at 64 bits, but can

Assuming that we have that, the delta can say:

From now on all applications embedding perl will behave as if perl
was compiled with -DPERL_USE_SAFE_PUTENV. See the "Safe process
environment manipulation" entry in INSTALL for details.

--
__________________________________________________________________
Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:stas[at]stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com

nick at ccl4

Nov 27, 2004, 7:40 AM

Post #12 of 12 (1907 views)
Permalink

Re: SuSE's perl safe_putenf diff [In reply to]

On Thu, Nov 25, 2004 at 07:26:56PM -0500, Stas Bekman wrote:

> >Can you suggest a suitable perldelta entry to describe it?
> >[.see, you don't get something for nothing in this life :-)]
>
> To start with we need a reference to "Safe process environment
> manipulation":

> Assuming that we have that, the delta can say:

I reworded both slightly, but both are now in. Thanks

Nicholas Clark

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com