[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[myserver-commit] [SCM] GNU MyServer branch, master, updated. 0_9_2-171-
|
From: |
Giuseppe Scrivano |
|
Subject: |
[myserver-commit] [SCM] GNU MyServer branch, master, updated. 0_9_2-171-g476a013 |
|
Date: |
Sun, 18 Apr 2010 19:52:22 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU MyServer".
The branch, master has been updated
via 476a013549ad805136ebfb3d94b6aa1ed3b37312 (commit)
from fcecfcb8183863ae337a02cb0a591672feecb7f1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 476a013549ad805136ebfb3d94b6aa1ed3b37312
Author: Giuseppe Scrivano <address@hidden>
Date: Sun Apr 18 21:50:03 2010 +0200
Avoid a race situation when parsing a CGI header
diff --git a/myserver/src/http_handler/cgi/cgi.cpp
b/myserver/src/http_handler/cgi/cgi.cpp
index d01187e..5ace184 100644
--- a/myserver/src/http_handler/cgi/cgi.cpp
+++ b/myserver/src/http_handler/cgi/cgi.cpp
@@ -256,26 +256,20 @@ int Cgi::send (HttpThreadContext* td, const char*
scriptpath,
}
/* Execute the CGI process. */
- {
- int ret;
- if (Process::getForkServer ()->isInitialized ())
- {
- int pid;
- int port;
-
- Process::getForkServer ()->executeProcess (&spi,
- ForkServer::FLAG_USE_IN
- |
ForkServer::FLAG_USE_OUT
- |
ForkServer::FLAG_USE_ERR,
- &pid, &port);
- cgiProc.setPid (pid);
- }
- else
- cgiProc.exec (&spi);
-
- /* Close the write stream of the pipe on the server. */
- stdOutFile.closeWrite ();
- }
+ if (Process::getForkServer ()->isInitialized ())
+ {
+ int pid;
+ int port;
+ int flags = ForkServer::FLAG_USE_IN | ForkServer::FLAG_USE_OUT
+ | ForkServer::FLAG_USE_ERR;
+ Process::getForkServer ()->executeProcess (&spi, flags, &pid, &port);
+ cgiProc.setPid (pid);
+ }
+ else
+ cgiProc.exec (&spi);
+
+ /* Close the write stream of the pipe on the server. */
+ stdOutFile.closeWrite ();
sendData (td, stdOutFile, chain, cgiProc, onlyHeader, nph);
@@ -330,63 +324,56 @@ int Cgi::sendData (HttpThreadContext* td, Pipe
&stdOutFile, FiltersChain& chain,
return HttpDataHandler::RET_OK;
/* Create the output filters chain. */
- if (td->mime
- && Server::getInstance ()->getFiltersFactory ()->chain (&chain,
- td->mime->filters,
- td->connection->socket,
- &nbw,
- 1))
+ if (td->mime)
{
- td->connection->host->warningsLogWrite (_("Cgi: internal error"));
- return td->http->raiseHTTPError (500);
+ FiltersFactory *ff = Server::getInstance ()->getFiltersFactory ();
+ ff->chain (&chain, td->mime->filters, td->connection->socket, &nbw, 1);
}
if (td->response.getStatusType () == HttpResponseHeader::SUCCESSFUL)
- {
- /* Send the rest of the data until we can read from the pipe. */
- for (;;)
{
- nBytesRead = 0;
- int aliveProcess = 0;
- u_long ticks = getTicks () - procStartTime;
- u_long timeout = td->http->getTimeout ();
- if (timeout <= ticks
- || stdOutFile.waitForData ((timeout - ticks) / 1000,
- (timeout - ticks) % 1000) == 0)
+ /* Send the rest of the data until we can read from the pipe. */
+ for (;;)
{
- td->connection->host->warningsLogWrite (_("Cgi: process %i timeout"),
- cgiProc.getPid ());
- break;
- }
+ nBytesRead = 0;
+ int aliveProcess = 0;
+ u_long ticks = getTicks () - procStartTime;
+ u_long timeout = td->http->getTimeout ();
+ if (timeout <= ticks
+ || stdOutFile.waitForData ((timeout - ticks) / 1000,
+ (timeout - ticks) % 1000) == 0)
+ {
+ td->connection->host->warningsLogWrite (_("Cgi: process %i
timeout"),
+ cgiProc.getPid ());
+ break;
+ }
- aliveProcess = !stdOutFile.pipeTerminated ();
+ aliveProcess = !stdOutFile.pipeTerminated ();
- /* Read data from the process standard output file. */
- if (stdOutFile.read (td->auxiliaryBuffer->getBuffer (),
+ /* Read data from the process standard output file. */
+ stdOutFile.read (td->auxiliaryBuffer->getBuffer (),
td->auxiliaryBuffer->getRealLength (),
- &nBytesRead))
- return HttpDataHandler::RET_FAILURE;
+ &nBytesRead);
- if (!aliveProcess && !nBytesRead)
- break;
+ if (!aliveProcess && !nBytesRead)
+ break;
- if (nBytesRead &&
- HttpDataHandler::appendDataToHTTPChannel (td,
-
td->auxiliaryBuffer->getBuffer (),
- nBytesRead,
- &(td->outputData),
- &chain,
- td->appendOutputs,
- useChunks))
- return HttpDataHandler::RET_FAILURE;
+ if (nBytesRead)
+ HttpDataHandler::appendDataToHTTPChannel (td,
+ td->auxiliaryBuffer->getBuffer (),
+ nBytesRead,
+ &(td->outputData),
+ &chain,
+ td->appendOutputs,
+ useChunks);
- nbw += nBytesRead;
- }
+ nbw += nBytesRead;
+ }
- /* Send the last null chunk if needed. */
- if (useChunks && chain.getStream ()->write ("0\r\n\r\n", 5, &nbw2))
+ /* Send the last null chunk if needed. */
+ if (useChunks && chain.getStream ()->write ("0\r\n\r\n", 5, &nbw2))
return HttpDataHandler::RET_FAILURE;
- }
+ }
/* Update the Content-length field for logging activity. */
td->sentData += nbw;
@@ -398,9 +385,10 @@ int Cgi::sendData (HttpThreadContext* td, Pipe
&stdOutFile, FiltersChain& chain,
*Send the HTTP header.
*\return nonzero if the reply is already complete.
*/
-int Cgi::sendHeader (HttpThreadContext* td, Pipe &stdOutFile, FiltersChain&
chain,
- Process& cgiProc, int onlyHeader, bool nph, u_long
procStartTime,
- bool keepalive, bool useChunks, int *ret)
+int Cgi::sendHeader (HttpThreadContext *td, Pipe &stdOutFile, FiltersChain
&chain,
+ Process &cgiProc, int onlyHeader, bool nph,
+ u_long procStartTime, bool keepalive, bool useChunks,
+ int *ret)
{
u_long headerSize = 0;
bool headerCompleted = false;
@@ -409,80 +397,70 @@ int Cgi::sendHeader (HttpThreadContext* td, Pipe
&stdOutFile, FiltersChain& chai
/* Parse initial chunks of data looking for the HTTP header. */
while (!headerCompleted && !nph)
- {
- u_long timeout = td->http->getTimeout ();
- u_long ticks = getTicks () - procStartTime;
- bool term;
-
- nBytesRead = 0;
-
- /* Do not try to read using a small buffer as this has some
- bad influence on the performances. */
- if (td->auxiliaryBuffer->getRealLength () - headerOffset - 1 < 512)
- break;
-
- term = stdOutFile.pipeTerminated ();
- if (!term
- && stdOutFile.waitForData ((timeout - ticks) / 1000,
- (timeout - ticks) % 1000) == 0)
- {
- td->connection->host->warningsLogWrite (_("Cgi: process %i timeout"),
- cgiProc.getPid ());
- break;
- }
-
- if (stdOutFile.read (td->auxiliaryBuffer->getBuffer () + headerOffset,
- td->auxiliaryBuffer->getRealLength () - headerOffset
- 1,
- &nBytesRead))
- {
- *ret = td->http->raiseHTTPError (500);
- return 1;
- }
-
- if (nBytesRead == 0 && term)
- {
- headerCompleted = true;
- headerSize = 0;
+ {
+ u_long timeout = td->http->getTimeout ();
+ u_long ticks = getTicks () - procStartTime;
+ bool term;
+
+ nBytesRead = 0;
+
+ /* Do not try to read using a small buffer as this has some
+ bad influence on the performances. */
+ if (td->auxiliaryBuffer->getRealLength () - headerOffset - 1 < 512)
break;
- }
-
- headerOffset += nBytesRead;
- if (headerOffset > td->buffersize - 5)
- (td->auxiliaryBuffer->getBuffer ())[headerOffset] = '\0';
-
- if (headerOffset == 0)
- {
- *ret = td->http->raiseHTTPError (500);
- return 1;
- }
-
- for (u_long i = std::max (0UL, headerOffset - nBytesRead - 10);
- i < headerOffset; i++)
- {
- char *buff = td->auxiliaryBuffer->getBuffer ();
- if ((buff[i] == '\r') && (buff[i+1] == '\n')
- && (buff[i+2] == '\r') && (buff[i+3] == '\n'))
- {
- /*
- * The HTTP header ends with a \r\n\r\n sequence so
- * determine where it ends and set the header size
- * to i + 4.
- */
- headerSize = i + 4 ;
- headerCompleted = true;
- break;
- }
- else if ((buff[i] == '\n') && (buff[i+1] == '\n'))
- {
- /*
- *\n\n case.
- */
- headerSize = i + 2;
- headerCompleted = true;
- break;
- }
- }
- }
+
+ term = stdOutFile.pipeTerminated ();
+ if (!term
+ && stdOutFile.waitForData ((timeout - ticks) / 1000,
+ (timeout - ticks) % 1000) == 0)
+ {
+ td->connection->host->warningsLogWrite (_("Cgi: process %i timeout"),
+ cgiProc.getPid ());
+ break;
+ }
+
+ if (stdOutFile.read (td->auxiliaryBuffer->getBuffer () + headerOffset,
+ td->auxiliaryBuffer->getRealLength () -
headerOffset - 1,
+ &nBytesRead))
+ {
+ *ret = td->http->raiseHTTPError (500);
+ return 1;
+ }
+
+ if (nBytesRead == 0 && term)
+ {
+ headerCompleted = true;
+ headerSize = 0;
+ break;
+ }
+
+ headerOffset += nBytesRead;
+
+ if (headerOffset == 0)
+ {
+ *ret = td->http->raiseHTTPError (500);
+ return 1;
+ }
+
+ for (int i = std::max (0, (int) (headerOffset - nBytesRead - 10));
+ i < headerOffset; i++)
+ {
+ char *buff = td->auxiliaryBuffer->getBuffer ();
+ if ((buff[i] == '\r') && (buff[i+1] == '\n')
+ && (buff[i+2] == '\r') && (buff[i+3] == '\n'))
+ {
+ headerSize = i + 4;
+ headerCompleted = true;
+ break;
+ }
+ else if ((buff[i] == '\n') && (buff[i+1] == '\n'))
+ {
+ headerSize = i + 2;
+ headerCompleted = true;
+ break;
+ }
+ }
+ }
/* Send the header. */
if (!nph)
@@ -511,30 +489,21 @@ int Cgi::sendHeader (HttpThreadContext* td, Pipe
&stdOutFile, FiltersChain& chai
return 1;
}
- if (HttpHeaders::sendHeader (td->response, *chain.getStream (),
- *td->buffer, td))
- {
- *ret = HttpDataHandler::RET_FAILURE;
- return 1;
- }
-
+ HttpHeaders::sendHeader (td->response, *chain.getStream (),
+ *td->buffer, td);
}
}
if (headerOffset - headerSize)
{
/* Flush the buffer. Data from the header parsing can be present. */
- if (HttpDataHandler::appendDataToHTTPChannel (td,
- td->auxiliaryBuffer->getBuffer () + headerSize,
+ HttpDataHandler::appendDataToHTTPChannel (td,
+ td->auxiliaryBuffer->getBuffer () + headerSize,
headerOffset - headerSize,
&(td->outputData),
&chain,
td->appendOutputs,
- useChunks))
- {
- *ret = HttpDataHandler::RET_FAILURE;
- return 1;
- }
+ useChunks);
td->sentData += headerOffset - headerSize;
}
-----------------------------------------------------------------------
Summary of changes:
myserver/src/http_handler/cgi/cgi.cpp | 275 +++++++++++++++------------------
1 files changed, 122 insertions(+), 153 deletions(-)
hooks/post-receive
--
GNU MyServer
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [myserver-commit] [SCM] GNU MyServer branch, master, updated. 0_9_2-171-g476a013,
Giuseppe Scrivano <=