[backfire] merge r27628
authorJo-Philipp Wich <jow@openwrt.org>
Sun, 17 Jul 2011 07:19:41 +0000 (07:19 +0000)
committerJo-Philipp Wich <jow@openwrt.org>
Sun, 17 Jul 2011 07:19:41 +0000 (07:19 +0000)
SVN-Revision: 27629

package/uhttpd/Makefile
package/uhttpd/src/uhttpd-cgi.c
package/uhttpd/src/uhttpd.c

index 9c0972818a785158cc0afb4dd80979084b0fa104..6e7ff8e107827d626bf646119566eda890bf52e1 100644 (file)
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org>
+# Copyright (C) 2010-2011 Jo-Philipp Wich <xm@subsignal.org>
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=uhttpd
-PKG_RELEASE:=22
+PKG_RELEASE:=23
 
 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
 PKG_BUILD_DEPENDS := libcyassl liblua
index 8c17251b317b56de857e0854b69167b5ec3f15fc..ed688514c40e0c026591f4beb712c481e3e84698 100644 (file)
@@ -157,6 +157,8 @@ void uh_cgi_request(
        fd_set reader;
        fd_set writer;
 
+       sigset_t ss;
+
        struct sigaction sa;
        struct timeval timeout;
        struct http_response *res;
@@ -187,6 +189,10 @@ void uh_cgi_request(
 
                /* exec child */
                case 0:
+                       /* unblock signals */
+                       sigemptyset(&ss);
+                       sigprocmask(SIG_SETMASK, &ss, NULL);
+
                        /* restore SIGTERM */
                        sa.sa_flags = 0;
                        sa.sa_handler = SIG_DFL;
@@ -201,6 +207,10 @@ void uh_cgi_request(
                        dup2(rfd[1], 1);
                        dup2(wfd[0], 0);
 
+                       /* avoid leaking our pipe into child-child processes */
+                       fd_cloexec(rfd[1]);
+                       fd_cloexec(wfd[0]);
+
                        /* check for regular, world-executable file _or_ interpreter */
                        if( ((pi->stat.st_mode & S_IFREG) &&
                             (pi->stat.st_mode & S_IXOTH)) || (ip != NULL)
index 50c3b32a94ff3e78c3f63b7d0a1fe6ca8c9b1bd6..4a3bced722c9ac84107e5aaf771ee33b4ec0d9f1 100644 (file)
@@ -621,7 +621,7 @@ static void uh_mainloop(struct config *conf, fd_set serv_fds, int max_fd)
 }
 
 #ifdef HAVE_TLS
-static inline uh_inittls(struct config *conf)
+static inline int uh_inittls(struct config *conf)
 {
        /* library handle */
        void *lib;