ports/136598: [PATCH] www/mod_fastcgi: Fix non-threadsafe function
Gea-Suan Lin
gslin at gslin.org
Thu Jul 9 03:40:08 UTC 2009
>Number: 136598
>Category: ports
>Synopsis: [PATCH] www/mod_fastcgi: Fix non-threadsafe function
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu Jul 09 03:40:06 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Gea-Suan Lin
>Release: FreeBSD 7.1-STABLE i386
>Organization:
>Environment:
System: FreeBSD colo-p.gslin.org 7.1-STABLE FreeBSD 7.1-STABLE #0: Sat Jan 31 21:46:23 UTC 2009
>Description:
- Don't use non-threadsafe functions.
- This patch has been sent to official mailing list.
Added file(s):
- files/patch-fcgi_util.c
Port maintainer (apache at FreeBSD.org) is cc'd.
Generated with FreeBSD Port Tools 0.77
>How-To-Repeat:
>Fix:
--- mod_fastcgi-2.4.6_1.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/www/mod_fastcgi/Makefile /home/staff/gslin/work/ports/mod_fastcgi/Makefile
--- /usr/ports/www/mod_fastcgi/Makefile 2009-05-17 15:24:30.000000000 +0800
+++ /home/staff/gslin/work/ports/mod_fastcgi/Makefile 2009-07-09 10:21:26.000000000 +0800
@@ -7,13 +7,14 @@
PORTNAME= mod_fastcgi
PORTVERSION= 2.4.6
+PORTREVISION= 1
CATEGORIES= www
MASTER_SITES= http://www.fastcgi.com/dist/
MAINTAINER= apache at FreeBSD.org
COMMENT= A fast-cgi module for Apache
-MAKE_JOBS_SAFE= yes
+MAKE_JOBS_SAFE= yes
CONFLICTS= apache-contrib-1.*
USE_APACHE= 1.3+
diff -ruN --exclude=CVS /usr/ports/www/mod_fastcgi/files/patch-fcgi_util.c /home/staff/gslin/work/ports/mod_fastcgi/files/patch-fcgi_util.c
--- /usr/ports/www/mod_fastcgi/files/patch-fcgi_util.c 1970-01-01 08:00:00.000000000 +0800
+++ /home/staff/gslin/work/ports/mod_fastcgi/files/patch-fcgi_util.c 2009-07-09 10:17:48.000000000 +0800
@@ -0,0 +1,54 @@
+--- fcgi_util.c.orig 2009-07-08 17:16:29.816884000 +0800
++++ fcgi_util.c 2009-07-09 08:43:09.222180000 +0800
+@@ -268,13 +268,17 @@
+ /* Get the user membership for the file's group. If the
+ * uid is a member, check the group bits. */
+ {
+- const struct group * const gr = getgrgid(statBuf->st_gid);
+- const struct passwd * const pw = getpwuid(uid);
++ char buf[1024], buf2[1024];
++ struct group gr, *r;
++ struct passwd pw, *r2;
+
+- if (gr != NULL && pw != NULL) {
+- char **user = gr->gr_mem;
++ getgrgid_r(statBuf->st_gid, &gr, buf, sizeof(buf), &r);
++ getpwuid_r(uid, &pw, buf2, sizeof(buf2), &r2);
++
++ if (r != NULL && r2 != NULL) {
++ char **user = r->gr_mem;
+ for ( ; *user != NULL; user++) {
+- if (strcmp(*user, pw->pw_name) == 0) {
++ if (strcmp(*user, r2->pw_name) == 0) {
+ if (mode & R_OK && !(statBuf->st_mode & S_IRGRP))
+ return "read not allowed by group";
+ if (mode & W_OK && !(statBuf->st_mode & S_IWGRP))
+@@ -445,8 +449,9 @@
+ {
+ #ifndef WIN32
+
++ char buf[1024];
+ struct passwd *pw;
+- struct group *gr;
++ struct group gr, *r;
+
+ if (fcgi_wrapper == NULL)
+ return NULL;
+@@ -467,14 +472,14 @@
+ s->username = s->user;
+
+ s->gid = gid;
+- gr = getgrgid(gid);
+- if (gr == NULL) {
++ getgrgid_r(gid, &gr, buf, sizeof(buf), &r);
++ if (r == NULL) {
+ return ap_psprintf(p,
+ "getgrgid() couldn't determine the group name for gid '%ld', "
+ "you probably need to modify the Group directive: %s",
+ (long)gid, strerror(errno));
+ }
+- s->group = ap_pstrdup(p, gr->gr_name);
++ s->group = ap_pstrdup(p, r->gr_name);
+
+ #endif /* !WIN32 */
+
--- mod_fastcgi-2.4.6_1.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list