From 97556d992ba73218bcc6a6534346f623de79f489 Mon Sep 17 00:00:00 2001 From: Glenn Strauss Date: Thu, 31 Mar 2016 21:59:32 -0400 Subject: [PATCH] [mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319) error if unix socket path is duplicated (does not check across modules, but will detect duplicated unix socket paths within fastcgi directives, and separately, duplicated unix socket paths within scgi directives) --- NEWS | 1 + src/mod_fastcgi.c | 26 ++++++++++++++++++++++++++ src/mod_scgi.c | 27 +++++++++++++++++++++++++++ 3 files changed, 54 insertions(+) diff --git a/NEWS b/NEWS index 4be0678c..dcdf8824 100644 --- a/NEWS +++ b/NEWS @@ -62,6 +62,7 @@ NEWS * use li_[iu]tostrn() instead of li_[iu]tostr() * [stream] fstat() after open() to obtain file size * [core] clean up srv before exiting for lighttpd -[vVh] + * [mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319) - 1.4.39 - 2016-01-02 * [core] fix memset_s call (fixes #2698) diff --git a/src/mod_fastcgi.c b/src/mod_fastcgi.c index a568e2a5..8ab215a4 100644 --- a/src/mod_fastcgi.c +++ b/src/mod_fastcgi.c @@ -1167,6 +1167,24 @@ static int fcgi_spawn_connection(server *srv, #endif /* HAVE_FORK */ +static int unixsocket_is_dup(plugin_data *p, size_t used, buffer *unixsocket) { + size_t i, j, n; + for (i = 0; i < used; ++i) { + fcgi_exts *exts = p->config_storage[i]->exts; + for (j = 0; j < exts->used; ++j) { + fcgi_extension *ex = exts->exts[j]; + for (n = 0; n < ex->used; ++n) { + fcgi_extension_host *host = ex->hosts[n]; + if (!buffer_string_is_empty(host->unixsocket) + && buffer_is_equal(host->unixsocket, unixsocket)) + return 1; + } + } + } + + return 0; +} + SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) { plugin_data *p = p_d; data_unset *du; @@ -1344,6 +1362,14 @@ SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) { goto error; } + + if (!buffer_string_is_empty(host->bin_path) + && unixsocket_is_dup(p, i+1, host->unixsocket)) { + log_error_write(srv, __FILE__, __LINE__, "sb", + "duplicate unixsocket path:", + host->unixsocket); + goto error; + } } else { /* tcp/ip */ diff --git a/src/mod_scgi.c b/src/mod_scgi.c index c1996cf8..a4a8e0ac 100644 --- a/src/mod_scgi.c +++ b/src/mod_scgi.c @@ -677,6 +677,7 @@ static int scgi_spawn_connection(server *srv, "new proc, socket:", proc->port, proc->socket); } + if (!buffer_string_is_empty(proc->socket)) { #ifdef HAVE_SYS_UN_H memset(&scgi_addr_un, 0, sizeof(scgi_addr_un)); @@ -936,6 +937,24 @@ static int scgi_spawn_connection(server *srv, #endif /* HAVE_FORK */ +static int unixsocket_is_dup(plugin_data *p, size_t used, buffer *unixsocket) { + size_t i, j, n; + for (i = 0; i < used; ++i) { + scgi_exts *exts = p->config_storage[i]->exts; + for (j = 0; j < exts->used; ++j) { + scgi_extension *ex = exts->exts[j]; + for (n = 0; n < ex->used; ++n) { + scgi_extension_host *host = ex->hosts[n]; + if (!buffer_string_is_empty(host->unixsocket) + && buffer_is_equal(host->unixsocket, unixsocket)) + return 1; + } + } + } + + return 0; +} + SETDEFAULTS_FUNC(mod_scgi_set_defaults) { plugin_data *p = p_d; data_unset *du; @@ -1097,6 +1116,14 @@ SETDEFAULTS_FUNC(mod_scgi_set_defaults) { "path of the unixdomain socket is too large"); goto error; } + + if (!buffer_string_is_empty(df->bin_path) + && unixsocket_is_dup(p, i+1, df->unixsocket)) { + log_error_write(srv, __FILE__, __LINE__, "sb", + "duplicate unixsocket path:", + df->unixsocket); + goto error; + } } else { /* tcp/ip */