diff --git a/STATUS b/STATUS
index e7bfe1e992..40a4b1bd96 100644
--- a/STATUS
+++ b/STATUS
@@ -90,39 +90,11 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
-
- * Set of easy patches to keep 2.4.x in line with trunk
- 1442865: Change bzero/bcopy into memset/memcpy (PR 54346)
- 1442759: Can't figure out why we allocate len+2 bytes here. Len+1 should be enough.
- 1442326: Fix valgrind warning about uninitialized memory in argument to semctl (PR 53690)
- 1442309: fix valgrind warnings about uninitialized memory in syscall arguments
- 1448171: This is useful info for mod_status ;)
- 1418556: Add some __attribute__ for automatic format checking.
- 1448453: Correct some spelling.
- 1425771: Replace strdup by ap_malloc to ensure a proper error message if out-of-memory. (PR 54345)
- 1425772: Exit with error message if out of mem (PR 54345)
- 1425775: htdbm, htpasswd: print error message if out of memory (PR 54345)
- trunk patches:
- http://svn.apache.org/viewvc?view=revision&revision=1442865
- http://svn.apache.org/viewvc?view=revision&revision=1442759
- http://svn.apache.org/viewvc?view=revision&revision=1442326
- http://svn.apache.org/viewvc?view=revision&revision=1442309
- http://svn.apache.org/viewvc?view=revision&revision=1448171
- http://svn.apache.org/viewvc?view=revision&revision=1418556
- http://svn.apache.org/viewvc?view=revision&revision=1448453
- http://svn.apache.org/viewvc?view=revision&revision=1425771
- http://svn.apache.org/viewvc?view=revision&revision=1425772
- http://svn.apache.org/viewvc?view=revision&revision=1425775
- 2.4.x patch: trunk patches apply (minus CHANGES for 1448171)
- 2.4.x cumulative patch: http://people.apache.org/~jailletc36/backport5.patch (minus CHANGES for 1448171)
- +1: jailletc36, igalic, jim
-
* mod_cache_disk: fix merge of min/max file size by setting corresponding _set
trunk patch: http://svn.apache.org/r1453604
2.4.x patch: trunk patch works
+1: humbedooh, jim, covener
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
diff --git a/include/httpd.h b/include/httpd.h
index 70eb06f983..43987435e9 100644
--- a/include/httpd.h
+++ b/include/httpd.h
@@ -1388,7 +1388,7 @@ AP_DECLARE(char *) ap_ht_time(apr_pool_t *p, apr_time_t t, const char *fmt, int
char **) */
/**
- * Get the characters until the first occurance of a specified character
+ * Get the characters until the first occurrence of a specified character
* @param p The pool to allocate memory from
* @param line The string to get the characters from
* @param stop The character to stop at
@@ -1397,7 +1397,7 @@ AP_DECLARE(char *) ap_ht_time(apr_pool_t *p, apr_time_t t, const char *fmt, int
AP_DECLARE(char *) ap_getword(apr_pool_t *p, const char **line, char stop);
/**
- * Get the characters until the first occurance of a specified character
+ * Get the characters until the first occurrence of a specified character
* @param p The pool to allocate memory from
* @param line The string to get the characters from
* @param stop The character to stop at
@@ -1426,22 +1426,22 @@ AP_DECLARE(char *) ap_getword_white(apr_pool_t *p, const char **line);
AP_DECLARE(char *) ap_getword_white_nc(apr_pool_t *p, char **line);
/**
- * Get all characters from the first occurance of @a stop to the first "\0"
+ * Get all characters from the first occurrence of @a stop to the first "\0"
* @param p The pool to allocate memory from
* @param line The line to traverse
* @param stop The character to start at
- * @return A copy of all caracters after the first occurance of the specified
+ * @return A copy of all characters after the first occurrence of the specified
* character
*/
AP_DECLARE(char *) ap_getword_nulls(apr_pool_t *p, const char **line,
char stop);
/**
- * Get all characters from the first occurance of @a stop to the first "\0"
+ * Get all characters from the first occurrence of @a stop to the first "\0"
* @param p The pool to allocate memory from
* @param line The line to traverse
* @param stop The character to start at
- * @return A copy of all caracters after the first occurance of the specified
+ * @return A copy of all characters after the first occurrence of the specified
* character
* @note The same as ap_getword_nulls(), except it doesn't use const char **.
*/
diff --git a/include/util_filter.h b/include/util_filter.h
index 5f6f9afab6..8b3c7a8487 100644
--- a/include/util_filter.h
+++ b/include/util_filter.h
@@ -332,8 +332,8 @@ AP_DECLARE(apr_status_t) ap_pass_brigade(ap_filter_t *filter,
AP_DECLARE(apr_status_t) ap_pass_brigade_fchk(request_rec *r,
apr_bucket_brigade *bucket,
const char *fmt,
- ...);
-
+ ...)
+ __attribute__((format(printf,3,4)));
/**
* This function is used to register an input filter with the system.
diff --git a/modules/filters/regexp.h b/modules/filters/regexp.h
index 1e5a6269a0..6af89120d0 100644
--- a/modules/filters/regexp.h
+++ b/modules/filters/regexp.h
@@ -69,7 +69,8 @@ typedef struct _sed_comp_args {
extern char *sed_compile(sed_commands_t *commands, sed_comp_args *compargs,
char *ep, char *endbuf, int seof);
-extern void command_errf(sed_commands_t *commands, const char *fmt, ...);
+extern void command_errf(sed_commands_t *commands, const char *fmt, ...)
+ __attribute__((format(printf,2,3)));
#define SEDERR_CGMES "command garbled: %s"
#define SEDERR_SMMES "Space missing before filename: %s"
diff --git a/modules/filters/sed0.c b/modules/filters/sed0.c
index 8c32baf618..ddc4bfed8e 100644
--- a/modules/filters/sed0.c
+++ b/modules/filters/sed0.c
@@ -275,7 +275,7 @@ static int fcomp(sed_commands_t *commands, apr_file_t *fin)
}
if(p > &commands->respace[RESIZE-1]) {
- command_errf(commands, SEDERR_TMMES);
+ command_errf(commands, SEDERR_TMMES, commands->linebuf);
return -1;
}
diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c
index 54404e90bb..fe832b32d0 100644
--- a/modules/generators/mod_status.c
+++ b/modules/generators/mod_status.c
@@ -405,6 +405,8 @@ static int status_handler(request_rec *r)
")\n\n", NULL);
ap_rvputs(r, "
- Server Version: ",
ap_get_server_description(), "
\n", NULL);
+ ap_rvputs(r, "- Server MPM: ",
+ ap_show_mpm(), "
\n", NULL);
ap_rvputs(r, "- Server Built: ",
ap_get_server_built(), "\n
\n", NULL);
ap_rvputs(r, "- Current Time: ",
@@ -953,4 +955,3 @@ AP_DECLARE_MODULE(status) =
NULL, /* command table */
register_hooks /* register_hooks */
};
-
diff --git a/modules/slotmem/mod_slotmem_shm.c b/modules/slotmem/mod_slotmem_shm.c
index 2edcea7f11..2c2ead1e70 100644
--- a/modules/slotmem/mod_slotmem_shm.c
+++ b/modules/slotmem/mod_slotmem_shm.c
@@ -91,7 +91,7 @@ static apr_status_t unixd_set_shm_perms(const char *fname)
{
#ifdef AP_NEED_SET_MUTEX_PERMS
#if APR_USE_SHMEM_SHMGET || APR_USE_SHMEM_SHMGET_ANON
- struct shmid_ds shmbuf;
+ struct shmid_ds shmbuf = { { 0 } };
key_t shmkey;
int shmid;
diff --git a/os/unix/unixd.c b/os/unix/unixd.c
index 2a953f0f38..a86630f39b 100644
--- a/os/unix/unixd.c
+++ b/os/unix/unixd.c
@@ -241,7 +241,7 @@ AP_DECLARE(apr_status_t) ap_unixd_set_proc_mutex_perms(apr_proc_mutex_t *pmutex)
};
#endif
union semun ick;
- struct semid_ds buf;
+ struct semid_ds buf = { { 0 } };
apr_os_proc_mutex_get(&ospmutex, pmutex);
buf.sem_perm.uid = ap_unixd_config.user_id;
diff --git a/server/config.c b/server/config.c
index bc0804a40e..d240a56779 100644
--- a/server/config.c
+++ b/server/config.c
@@ -599,7 +599,8 @@ AP_DECLARE(const char *) ap_add_module(module *m, apr_pool_t *p,
len -= slen;
}
- ap_module_short_names[m->module_index] = strdup(sym_name);
+ ap_module_short_names[m->module_index] = ap_malloc(len + 1);
+ memcpy(ap_module_short_names[m->module_index], sym_name, len);
ap_module_short_names[m->module_index][len] = '\0';
merger_func_cache[m->module_index] = m->merge_dir_config;
}
@@ -623,8 +624,9 @@ AP_DECLARE(const char *) ap_add_module(module *m, apr_pool_t *p,
/* We cannot fix the string in-place, because it's const */
if (m->name[strlen(m->name)-1] == ')') {
- char *tmp = strdup(m->name); /* FIXME: memory leak, albeit a small one */
- tmp[strlen(tmp)-1] = '\0';
+ char *tmp = ap_malloc(strlen(m->name)); /* FIXME: memory leak, albeit a small one */
+ memcpy(tmp, m->name, strlen(m->name)-1);
+ tmp[strlen(m->name)-1] = '\0';
m->name = tmp;
}
#endif /*_OSD_POSIX*/
diff --git a/server/util.c b/server/util.c
index d77719ebda..1d8359fcb7 100644
--- a/server/util.c
+++ b/server/util.c
@@ -752,7 +752,7 @@ AP_DECLARE(char *) ap_getword_nulls(apr_pool_t *atrans, const char **line,
static char *substring_conf(apr_pool_t *p, const char *start, int len,
char quote)
{
- char *result = apr_palloc(p, len + 2);
+ char *result = apr_palloc(p, len + 1);
char *resp = result;
int i;
diff --git a/support/htdbm.c b/support/htdbm.c
index a99a232267..1452d7a0eb 100644
--- a/support/htdbm.c
+++ b/support/htdbm.c
@@ -110,6 +110,7 @@ static apr_status_t htdbm_init(apr_pool_t **pool, htdbm_t **hdbm)
#endif
apr_pool_create( pool, NULL);
+ apr_pool_abort_set(abort_on_oom, *pool);
apr_file_open_stderr(&errfile, *pool);
apr_signal(SIGINT, (void (*)(int)) htdbm_interrupted);
diff --git a/support/htpasswd.c b/support/htpasswd.c
index 51219c0d96..0989fd81b3 100644
--- a/support/htpasswd.c
+++ b/support/htpasswd.c
@@ -274,6 +274,7 @@ int main(int argc, const char * const argv[])
apr_app_initialize(&argc, &argv, NULL);
atexit(terminate);
apr_pool_create(&pool, NULL);
+ apr_pool_abort_set(abort_on_oom, pool);
apr_file_open_stderr(&errfile, pool);
ctx.pool = pool;
ctx.alg = ALG_APMD5;
diff --git a/support/passwd_common.c b/support/passwd_common.c
index ab720279c2..7636835902 100644
--- a/support/passwd_common.c
+++ b/support/passwd_common.c
@@ -46,6 +46,24 @@
apr_file_t *errfile;
+int abort_on_oom(int rc)
+{
+ const char *buf = "Error: out of memory\n";
+ int written, count = strlen(buf);
+ do {
+ written = write(STDERR_FILENO, buf, count);
+ if (written == count)
+ break;
+ if (written > 0) {
+ buf += written;
+ count -= written;
+ }
+ } while (written >= 0 || errno == EINTR);
+ abort();
+ /* NOTREACHED */
+ return 0;
+}
+
static int generate_salt(char *s, size_t size, const char **errstr,
apr_pool_t *pool)
{
@@ -207,6 +225,8 @@ int mkhash(struct passwd_ctx *ctx)
apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1);
if (strlen(pw) > 8) {
char *truncpw = strdup(pw);
+ if (truncpw == NULL)
+ abort_on_oom(0);
truncpw[8] = '\0';
if (!strcmp(ctx->out, crypt(truncpw, salt))) {
apr_file_printf(errfile, "Warning: Password truncated to 8 "
diff --git a/support/passwd_common.h b/support/passwd_common.h
index 67b66da161..672ad5c3c7 100644
--- a/support/passwd_common.h
+++ b/support/passwd_common.h
@@ -84,6 +84,12 @@ struct passwd_ctx {
} passwd_src;
};
+
+/*
+ * To be used as apr_pool_abort_fn
+ */
+int abort_on_oom(int rc);
+
/*
* Write a line to the file. On error, print a message and exit
*/
diff --git a/support/suexec.c b/support/suexec.c
index 2c4e2c3bf0..28171253be 100644
--- a/support/suexec.c
+++ b/support/suexec.c
@@ -217,11 +217,15 @@ static void clean_env(void)
if ((cleanenv = (char **) calloc(AP_ENVBUF, sizeof(char *))) == NULL) {
log_err("failed to malloc memory for environment\n");
- exit(120);
+ exit(123);
}
sprintf(pathbuf, "PATH=%s", AP_SAFE_PATH);
cleanenv[cidx] = strdup(pathbuf);
+ if (cleanenv[cidx] == NULL) {
+ log_err("failed to malloc memory for environment\n");
+ exit(124);
+ }
cidx++;
for (ep = envp; *ep && cidx < AP_ENVBUF-1; ep++) {
@@ -396,7 +400,10 @@ int main(int argc, char *argv[])
}
}
gid = gr->gr_gid;
- actual_gname = strdup(gr->gr_name);
+ if ((actual_gname = strdup(gr->gr_name)) == NULL) {
+ log_err("failed to alloc memory\n");
+ exit(125);
+ }
#ifdef _OSD_POSIX
/*
@@ -431,6 +438,10 @@ int main(int argc, char *argv[])
uid = pw->pw_uid;
actual_uname = strdup(pw->pw_name);
target_homedir = strdup(pw->pw_dir);
+ if (actual_uname == NULL || target_homedir == NULL) {
+ log_err("failed to alloc memory\n");
+ exit(126);
+ }
/*
* Log the transaction here to be sure we have an open log
diff --git a/test/test_limits.c b/test/test_limits.c
index e2b5285f77..70b8098f2f 100644
--- a/test/test_limits.c
+++ b/test/test_limits.c
@@ -124,8 +124,8 @@ main(int argc, char *argv[])
perror("gethostbyname");
exit(1);
}
- bzero(&sin, sizeof(sin));
- bcopy(he->h_addr, (char *)&sin.sin_addr, he->h_length);
+ memset(&sin, sizeof(sin));
+ memcpy((char *)&sin.sin_addr, he->h_addr, he->h_length);
sin.sin_family = he->h_addrtype;
sin.sin_port = htons(port);