星期四, 7月 09, 2009

修正 mod_fastcgi 在 threading 環境下會 coredump 的 bug

PIXNET 我們是用 Apache 2.2 MPM worker + mod_fastcgiPHP,但從以前就發現 httpd 會自己死掉,雖然 parent httpd 會再把他叫起來,但會造成已經連上的 connection 斷線。

昨天花了一個下午的時間追這個 bug,後來發現是 mod_fastcgi 使用 getgrgid()getpwuid() 的原因造成的,這兩個 function 在 FreeBSD 上並不是 thread-safe function,在 Open Group 的文件也說明這兩個 function 不需要 thread-safe。

所以這兩個 function 必須用 getgrpid_r()getpwuid_r() 改寫。

除了把 patch 送到 FastCGI mailing list 上讓人確認外,這邊也放一份好了:
--- fcgi_util.c.orig    2009-07-08 17:16:29.816884000 +0800
+++ fcgi_util.c 2009-07-09 08:43:09.222180000 +0800
@@ -268,13 +268,17 @@
/* Get the user membership for the file's group. If the
* uid is a member, check the group bits. */
{
- const struct group * const gr = getgrgid(statBuf->st_gid);
- const struct passwd * const pw = getpwuid(uid);
+ char buf[1024], buf2[1024];
+ struct group gr, *r;
+ struct passwd pw, *r2;

- if (gr != NULL && pw != NULL) {
- char **user = gr->gr_mem;
+ getgrgid_r(statBuf->st_gid, &gr, buf, sizeof(buf), &r);
+ getpwuid_r(uid, &pw, buf2, sizeof(buf2), &r2);
+
+ if (r != NULL && r2 != NULL) {
+ char **user = r->gr_mem;
for ( ; *user != NULL; user++) {
- if (strcmp(*user, pw->pw_name) == 0) {
+ if (strcmp(*user, r2->pw_name) == 0) {
if (mode & R_OK && !(statBuf->st_mode & S_IRGRP))
return "read not allowed by group";
if (mode & W_OK && !(statBuf->st_mode & S_IWGRP))
@@ -445,8 +449,9 @@
{
#ifndef WIN32

+ char buf[1024];
struct passwd *pw;
- struct group *gr;
+ struct group gr, *r;

if (fcgi_wrapper == NULL)
return NULL;
@@ -467,14 +472,14 @@
s->username = s->user;

s->gid = gid;
- gr = getgrgid(gid);
- if (gr == NULL) {
+ getgrgid_r(gid, &gr, buf, sizeof(buf), &r);
+ if (r == NULL) {
return ap_psprintf(p,
"getgrgid() couldn't determine the group name for gid '%ld', "
"you probably need to modify the Group directive: %s",
(long)gid, strerror(errno));
}
- s->group = ap_pstrdup(p, gr->gr_name);
+ s->group = ap_pstrdup(p, r->gr_name);

#endif /* !WIN32 */

2 則留言:

eda 提到...
網誌管理員已經移除這則留言。
匿名 提到...

South Korea has been sort of|a type of} countries where gamblers have not had a simple journey. For occasion, no playing home was allowed to operate in the nation until 1967, when the government legalized on line casino playing to spice up tourism. BANGKOK, Thailand – An INTERPOL-coordinated operation concentrating on illegal on-line playing and monetary fraud in Asia led to the arrest of some 48 individuals and the seizure of computer systems and other casino.edu.kg digital proof.