From 5106119e87d7542d8c02692099355c7a942ee654 Mon Sep 17 00:00:00 2001 From: Jim Jagielski Date: Mon, 11 Mar 2013 16:38:39 +0000 Subject: [PATCH] Merge r1442865, r1442759, r1442326, r1442309, r1448171, r1418556, r1448453, r1425771, r1425772, r1425775 from trunk: Change bzero/bcopy into memset/memcpy PR 54346 Can't figure out why we allocate len+2 bytes here. Len+1 should be enough. Fix valgrind warning about uninitialized memory in argument to semctl PR: 53690 Submitted by: Mikhail T. fix valgrind warnings about uninitialized memory in syscall arguments This is useful info for mod_status ;) Add some __attribute__ for automatic format checking. Correct one catch in sed0.c. Correct some spelling. Replace strdup by ap_malloc to ensure a proper error message if out-of-memory. While there, only allocate memory for the string part we actually use. PR: 54345 Exit with error message if out of mem htdbm, htpasswd: print error message if out of memory PR: 54345 Submitted by: jailletc36, sf, sf, jim, jailletc36, minfrin, sf, sf, sf Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1455225 13f79535-47bb-0310-9956-ffa450edef68 --- STATUS | 28 ---------------------------- include/httpd.h | 12 ++++++------ include/util_filter.h | 4 ++-- modules/filters/regexp.h | 3 ++- modules/filters/sed0.c | 2 +- modules/generators/mod_status.c | 3 ++- modules/slotmem/mod_slotmem_shm.c | 2 +- os/unix/unixd.c | 2 +- server/config.c | 8 +++++--- server/util.c | 2 +- support/htdbm.c | 1 + support/htpasswd.c | 1 + support/passwd_common.c | 20 ++++++++++++++++++++ support/passwd_common.h | 6 ++++++ support/suexec.c | 15 +++++++++++++-- test/test_limits.c | 4 ++-- 16 files changed, 64 insertions(+), 49 deletions(-) diff --git a/STATUS b/STATUS index e7bfe1e992..40a4b1bd96 100644 --- a/STATUS +++ b/STATUS @@ -90,39 +90,11 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - - * Set of easy patches to keep 2.4.x in line with trunk - 1442865: Change bzero/bcopy into memset/memcpy (PR 54346) - 1442759: Can't figure out why we allocate len+2 bytes here. Len+1 should be enough. - 1442326: Fix valgrind warning about uninitialized memory in argument to semctl (PR 53690) - 1442309: fix valgrind warnings about uninitialized memory in syscall arguments - 1448171: This is useful info for mod_status ;) - 1418556: Add some __attribute__ for automatic format checking. - 1448453: Correct some spelling. - 1425771: Replace strdup by ap_malloc to ensure a proper error message if out-of-memory. (PR 54345) - 1425772: Exit with error message if out of mem (PR 54345) - 1425775: htdbm, htpasswd: print error message if out of memory (PR 54345) - trunk patches: - http://svn.apache.org/viewvc?view=revision&revision=1442865 - http://svn.apache.org/viewvc?view=revision&revision=1442759 - http://svn.apache.org/viewvc?view=revision&revision=1442326 - http://svn.apache.org/viewvc?view=revision&revision=1442309 - http://svn.apache.org/viewvc?view=revision&revision=1448171 - http://svn.apache.org/viewvc?view=revision&revision=1418556 - http://svn.apache.org/viewvc?view=revision&revision=1448453 - http://svn.apache.org/viewvc?view=revision&revision=1425771 - http://svn.apache.org/viewvc?view=revision&revision=1425772 - http://svn.apache.org/viewvc?view=revision&revision=1425775 - 2.4.x patch: trunk patches apply (minus CHANGES for 1448171) - 2.4.x cumulative patch: http://people.apache.org/~jailletc36/backport5.patch (minus CHANGES for 1448171) - +1: jailletc36, igalic, jim - * mod_cache_disk: fix merge of min/max file size by setting corresponding _set trunk patch: http://svn.apache.org/r1453604 2.4.x patch: trunk patch works +1: humbedooh, jim, covener - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] diff --git a/include/httpd.h b/include/httpd.h index 70eb06f983..43987435e9 100644 --- a/include/httpd.h +++ b/include/httpd.h @@ -1388,7 +1388,7 @@ AP_DECLARE(char *) ap_ht_time(apr_pool_t *p, apr_time_t t, const char *fmt, int char **) */ /** - * Get the characters until the first occurance of a specified character + * Get the characters until the first occurrence of a specified character * @param p The pool to allocate memory from * @param line The string to get the characters from * @param stop The character to stop at @@ -1397,7 +1397,7 @@ AP_DECLARE(char *) ap_ht_time(apr_pool_t *p, apr_time_t t, const char *fmt, int AP_DECLARE(char *) ap_getword(apr_pool_t *p, const char **line, char stop); /** - * Get the characters until the first occurance of a specified character + * Get the characters until the first occurrence of a specified character * @param p The pool to allocate memory from * @param line The string to get the characters from * @param stop The character to stop at @@ -1426,22 +1426,22 @@ AP_DECLARE(char *) ap_getword_white(apr_pool_t *p, const char **line); AP_DECLARE(char *) ap_getword_white_nc(apr_pool_t *p, char **line); /** - * Get all characters from the first occurance of @a stop to the first "\0" + * Get all characters from the first occurrence of @a stop to the first "\0" * @param p The pool to allocate memory from * @param line The line to traverse * @param stop The character to start at - * @return A copy of all caracters after the first occurance of the specified + * @return A copy of all characters after the first occurrence of the specified * character */ AP_DECLARE(char *) ap_getword_nulls(apr_pool_t *p, const char **line, char stop); /** - * Get all characters from the first occurance of @a stop to the first "\0" + * Get all characters from the first occurrence of @a stop to the first "\0" * @param p The pool to allocate memory from * @param line The line to traverse * @param stop The character to start at - * @return A copy of all caracters after the first occurance of the specified + * @return A copy of all characters after the first occurrence of the specified * character * @note The same as ap_getword_nulls(), except it doesn't use const char **. */ diff --git a/include/util_filter.h b/include/util_filter.h index 5f6f9afab6..8b3c7a8487 100644 --- a/include/util_filter.h +++ b/include/util_filter.h @@ -332,8 +332,8 @@ AP_DECLARE(apr_status_t) ap_pass_brigade(ap_filter_t *filter, AP_DECLARE(apr_status_t) ap_pass_brigade_fchk(request_rec *r, apr_bucket_brigade *bucket, const char *fmt, - ...); - + ...) + __attribute__((format(printf,3,4))); /** * This function is used to register an input filter with the system. diff --git a/modules/filters/regexp.h b/modules/filters/regexp.h index 1e5a6269a0..6af89120d0 100644 --- a/modules/filters/regexp.h +++ b/modules/filters/regexp.h @@ -69,7 +69,8 @@ typedef struct _sed_comp_args { extern char *sed_compile(sed_commands_t *commands, sed_comp_args *compargs, char *ep, char *endbuf, int seof); -extern void command_errf(sed_commands_t *commands, const char *fmt, ...); +extern void command_errf(sed_commands_t *commands, const char *fmt, ...) + __attribute__((format(printf,2,3))); #define SEDERR_CGMES "command garbled: %s" #define SEDERR_SMMES "Space missing before filename: %s" diff --git a/modules/filters/sed0.c b/modules/filters/sed0.c index 8c32baf618..ddc4bfed8e 100644 --- a/modules/filters/sed0.c +++ b/modules/filters/sed0.c @@ -275,7 +275,7 @@ static int fcomp(sed_commands_t *commands, apr_file_t *fin) } if(p > &commands->respace[RESIZE-1]) { - command_errf(commands, SEDERR_TMMES); + command_errf(commands, SEDERR_TMMES, commands->linebuf); return -1; } diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c index 54404e90bb..fe832b32d0 100644 --- a/modules/generators/mod_status.c +++ b/modules/generators/mod_status.c @@ -405,6 +405,8 @@ static int status_handler(request_rec *r) ")\n\n", NULL); ap_rvputs(r, "
Server Version: ", ap_get_server_description(), "
\n", NULL); + ap_rvputs(r, "
Server MPM: ", + ap_show_mpm(), "
\n", NULL); ap_rvputs(r, "
Server Built: ", ap_get_server_built(), "\n
\n", NULL); ap_rvputs(r, "
Current Time: ", @@ -953,4 +955,3 @@ AP_DECLARE_MODULE(status) = NULL, /* command table */ register_hooks /* register_hooks */ }; - diff --git a/modules/slotmem/mod_slotmem_shm.c b/modules/slotmem/mod_slotmem_shm.c index 2edcea7f11..2c2ead1e70 100644 --- a/modules/slotmem/mod_slotmem_shm.c +++ b/modules/slotmem/mod_slotmem_shm.c @@ -91,7 +91,7 @@ static apr_status_t unixd_set_shm_perms(const char *fname) { #ifdef AP_NEED_SET_MUTEX_PERMS #if APR_USE_SHMEM_SHMGET || APR_USE_SHMEM_SHMGET_ANON - struct shmid_ds shmbuf; + struct shmid_ds shmbuf = { { 0 } }; key_t shmkey; int shmid; diff --git a/os/unix/unixd.c b/os/unix/unixd.c index 2a953f0f38..a86630f39b 100644 --- a/os/unix/unixd.c +++ b/os/unix/unixd.c @@ -241,7 +241,7 @@ AP_DECLARE(apr_status_t) ap_unixd_set_proc_mutex_perms(apr_proc_mutex_t *pmutex) }; #endif union semun ick; - struct semid_ds buf; + struct semid_ds buf = { { 0 } }; apr_os_proc_mutex_get(&ospmutex, pmutex); buf.sem_perm.uid = ap_unixd_config.user_id; diff --git a/server/config.c b/server/config.c index bc0804a40e..d240a56779 100644 --- a/server/config.c +++ b/server/config.c @@ -599,7 +599,8 @@ AP_DECLARE(const char *) ap_add_module(module *m, apr_pool_t *p, len -= slen; } - ap_module_short_names[m->module_index] = strdup(sym_name); + ap_module_short_names[m->module_index] = ap_malloc(len + 1); + memcpy(ap_module_short_names[m->module_index], sym_name, len); ap_module_short_names[m->module_index][len] = '\0'; merger_func_cache[m->module_index] = m->merge_dir_config; } @@ -623,8 +624,9 @@ AP_DECLARE(const char *) ap_add_module(module *m, apr_pool_t *p, /* We cannot fix the string in-place, because it's const */ if (m->name[strlen(m->name)-1] == ')') { - char *tmp = strdup(m->name); /* FIXME: memory leak, albeit a small one */ - tmp[strlen(tmp)-1] = '\0'; + char *tmp = ap_malloc(strlen(m->name)); /* FIXME: memory leak, albeit a small one */ + memcpy(tmp, m->name, strlen(m->name)-1); + tmp[strlen(m->name)-1] = '\0'; m->name = tmp; } #endif /*_OSD_POSIX*/ diff --git a/server/util.c b/server/util.c index d77719ebda..1d8359fcb7 100644 --- a/server/util.c +++ b/server/util.c @@ -752,7 +752,7 @@ AP_DECLARE(char *) ap_getword_nulls(apr_pool_t *atrans, const char **line, static char *substring_conf(apr_pool_t *p, const char *start, int len, char quote) { - char *result = apr_palloc(p, len + 2); + char *result = apr_palloc(p, len + 1); char *resp = result; int i; diff --git a/support/htdbm.c b/support/htdbm.c index a99a232267..1452d7a0eb 100644 --- a/support/htdbm.c +++ b/support/htdbm.c @@ -110,6 +110,7 @@ static apr_status_t htdbm_init(apr_pool_t **pool, htdbm_t **hdbm) #endif apr_pool_create( pool, NULL); + apr_pool_abort_set(abort_on_oom, *pool); apr_file_open_stderr(&errfile, *pool); apr_signal(SIGINT, (void (*)(int)) htdbm_interrupted); diff --git a/support/htpasswd.c b/support/htpasswd.c index 51219c0d96..0989fd81b3 100644 --- a/support/htpasswd.c +++ b/support/htpasswd.c @@ -274,6 +274,7 @@ int main(int argc, const char * const argv[]) apr_app_initialize(&argc, &argv, NULL); atexit(terminate); apr_pool_create(&pool, NULL); + apr_pool_abort_set(abort_on_oom, pool); apr_file_open_stderr(&errfile, pool); ctx.pool = pool; ctx.alg = ALG_APMD5; diff --git a/support/passwd_common.c b/support/passwd_common.c index ab720279c2..7636835902 100644 --- a/support/passwd_common.c +++ b/support/passwd_common.c @@ -46,6 +46,24 @@ apr_file_t *errfile; +int abort_on_oom(int rc) +{ + const char *buf = "Error: out of memory\n"; + int written, count = strlen(buf); + do { + written = write(STDERR_FILENO, buf, count); + if (written == count) + break; + if (written > 0) { + buf += written; + count -= written; + } + } while (written >= 0 || errno == EINTR); + abort(); + /* NOTREACHED */ + return 0; +} + static int generate_salt(char *s, size_t size, const char **errstr, apr_pool_t *pool) { @@ -207,6 +225,8 @@ int mkhash(struct passwd_ctx *ctx) apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1); if (strlen(pw) > 8) { char *truncpw = strdup(pw); + if (truncpw == NULL) + abort_on_oom(0); truncpw[8] = '\0'; if (!strcmp(ctx->out, crypt(truncpw, salt))) { apr_file_printf(errfile, "Warning: Password truncated to 8 " diff --git a/support/passwd_common.h b/support/passwd_common.h index 67b66da161..672ad5c3c7 100644 --- a/support/passwd_common.h +++ b/support/passwd_common.h @@ -84,6 +84,12 @@ struct passwd_ctx { } passwd_src; }; + +/* + * To be used as apr_pool_abort_fn + */ +int abort_on_oom(int rc); + /* * Write a line to the file. On error, print a message and exit */ diff --git a/support/suexec.c b/support/suexec.c index 2c4e2c3bf0..28171253be 100644 --- a/support/suexec.c +++ b/support/suexec.c @@ -217,11 +217,15 @@ static void clean_env(void) if ((cleanenv = (char **) calloc(AP_ENVBUF, sizeof(char *))) == NULL) { log_err("failed to malloc memory for environment\n"); - exit(120); + exit(123); } sprintf(pathbuf, "PATH=%s", AP_SAFE_PATH); cleanenv[cidx] = strdup(pathbuf); + if (cleanenv[cidx] == NULL) { + log_err("failed to malloc memory for environment\n"); + exit(124); + } cidx++; for (ep = envp; *ep && cidx < AP_ENVBUF-1; ep++) { @@ -396,7 +400,10 @@ int main(int argc, char *argv[]) } } gid = gr->gr_gid; - actual_gname = strdup(gr->gr_name); + if ((actual_gname = strdup(gr->gr_name)) == NULL) { + log_err("failed to alloc memory\n"); + exit(125); + } #ifdef _OSD_POSIX /* @@ -431,6 +438,10 @@ int main(int argc, char *argv[]) uid = pw->pw_uid; actual_uname = strdup(pw->pw_name); target_homedir = strdup(pw->pw_dir); + if (actual_uname == NULL || target_homedir == NULL) { + log_err("failed to alloc memory\n"); + exit(126); + } /* * Log the transaction here to be sure we have an open log diff --git a/test/test_limits.c b/test/test_limits.c index e2b5285f77..70b8098f2f 100644 --- a/test/test_limits.c +++ b/test/test_limits.c @@ -124,8 +124,8 @@ main(int argc, char *argv[]) perror("gethostbyname"); exit(1); } - bzero(&sin, sizeof(sin)); - bcopy(he->h_addr, (char *)&sin.sin_addr, he->h_length); + memset(&sin, sizeof(sin)); + memcpy((char *)&sin.sin_addr, he->h_addr, he->h_length); sin.sin_family = he->h_addrtype; sin.sin_port = htons(port);