NetBSD Problem Report #38489
From arto.huusko@pp2.inet.fi Wed Apr 23 16:10:17 2008
Return-Path: <arto.huusko@pp2.inet.fi>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by narn.NetBSD.org (Postfix) with ESMTP id DDD0363B874
for <gnats-bugs@gnats.NetBSD.org>; Wed, 23 Apr 2008 16:10:16 +0000 (UTC)
Message-Id: <20080423161014.CA9472F5541@vekotin.local>
Date: Wed, 23 Apr 2008 19:10:14 +0300 (EEST)
From: arto.huusko@pp2.inet.fi
To: gnats-bugs@gnats.NetBSD.org
Subject: httpd execs cgi prog with extra fds open
X-Send-Pr-Version: 3.95
>Number: 38489
>Category: bin
>Synopsis: httpd execs cgi prog with extra fds open
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: mrg
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Apr 23 16:15:00 +0000 2008
>Closed-Date: Mon Apr 20 05:20:08 +0000 2009
>Last-Modified: Mon Apr 20 05:20:08 +0000 2009
>Originator: Arto Huusko
>Release: NetBSD 4.99.55
>Organization:
>Environment:
System: NetBSD vekotin.local 4.99.55 NetBSD 4.99.55 (VEKOTIN) #1: Wed Mar 12 18:45:32 EET 2008 root@mutteri.local:/local/netbsd/build/netbsd-current/amd64/obj/sys/arch/amd64/compile/VEKOTIN amd64
Architecture: x86_64
Machine: amd64
>Description:
When httpd execs a CGI program, the process has extra file descriptors
other than stdin, stdout and stderr open.
If the CGI program does not know about these extra descriptors, and
proceeds to fork a daemon, which also does not know about the
extra descriptors, the httpd process hangs, because the descriptors
stay open in the daemon process.
I found out about the extra descriptors with fstat, and doing
fcntl(STDERR_FILENO + 1, F_CLOSEM)
in the daemon process works around the problem. However, F_CLOSEM
is not standard. And it is not needed with other httpd servers
such as apache.
>How-To-Repeat:
Exec CGI program that forks a daemon, see httpd hang around for ever.
>Fix:
Close file descriptors other than stdin, stdout and stderr before execing
the CGI script.
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->analyzed
State-Changed-By: mrg@NetBSD.org
State-Changed-When: Sat, 18 Apr 2009 12:26:40 +0000
State-Changed-Why:
i've got a fix for this in my tree. i'll import it into netbsd sometime.
Responsible-Changed-From-To: bin-bug-people->mrg
Responsible-Changed-By: mrg@NetBSD.org
Responsible-Changed-When: Sat, 18 Apr 2009 12:26:50 +0000
Responsible-Changed-Why:
mine
From: matthew green <mrg@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/38489 CVS commit: src/libexec/httpd
Date: Sat, 18 Apr 2009 21:09:41 +0000
Module Name: src
Committed By: mrg
Date: Sat Apr 18 21:09:41 UTC 2009
Update of /cvsroot/src/libexec/httpd
In directory ivanova.netbsd.org:/tmp/cvs-serv2135
Log Message:
import bozohttpd 20090418. changes include:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
this covers PR#38489 and PR#40079, as well some some issues reported
privately.
Status:
Vendor Tag: bozohttpd
Release Tags: bozohttpd-20090418
C src/libexec/httpd/CHANGES
U src/libexec/httpd/Makefile
U src/libexec/httpd/Makefile.boot
C src/libexec/httpd/auth-bozo.c
C src/libexec/httpd/bozohttpd.8
C src/libexec/httpd/bozohttpd.c
C src/libexec/httpd/bozohttpd.h
C src/libexec/httpd/cgi-bozo.c
U src/libexec/httpd/content-bozo.c
C src/libexec/httpd/daemon-bozo.c
U src/libexec/httpd/dir-index-bozo.c
C src/libexec/httpd/queue.h
U src/libexec/httpd/ssl-bozo.c
U src/libexec/httpd/tilde-luzah-bozo.c
N src/libexec/httpd/bozohttpd.8.txt
N src/libexec/httpd/bozohttpd.8.html
U src/libexec/httpd/testsuite/Makefile
U src/libexec/httpd/testsuite/html_cmp
U src/libexec/httpd/testsuite/t1.in
U src/libexec/httpd/testsuite/t1.out
U src/libexec/httpd/testsuite/t10.in
U src/libexec/httpd/testsuite/t10.out
U src/libexec/httpd/testsuite/t2.in
U src/libexec/httpd/testsuite/t2.out
U src/libexec/httpd/testsuite/t3.in
U src/libexec/httpd/testsuite/t3.out
U src/libexec/httpd/testsuite/t4.in
U src/libexec/httpd/testsuite/t4.out
U src/libexec/httpd/testsuite/t5.in
U src/libexec/httpd/testsuite/t5.out
U src/libexec/httpd/testsuite/t6.in
U src/libexec/httpd/testsuite/t6.out
U src/libexec/httpd/testsuite/t7.in
U src/libexec/httpd/testsuite/t7.out
U src/libexec/httpd/testsuite/t8.in
U src/libexec/httpd/testsuite/t8.out
U src/libexec/httpd/testsuite/t9.in
U src/libexec/httpd/testsuite/t9.out
U src/libexec/httpd/testsuite/data/index.html
U src/libexec/httpd/testsuite/data/file
8 conflicts created by this import.
Use the following command to help the merge:
cvs checkout -jbozohttpd:yesterday -jbozohttpd src/libexec/httpd
State-Changed-From-To: analyzed->closed
State-Changed-By: mrg@NetBSD.org
State-Changed-When: Mon, 20 Apr 2009 05:20:08 +0000
State-Changed-Why:
this is now fixed. the changes are not going to appear in netbsd 5.0, but
should appear in 5.1.
thanks for the report.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.