星期四, 7月 09, 2009

修正 mod_fastcgi 在 threading 環境下會 coredump 的 bug

PIXNET 我們是用 Apache 2.2 MPM worker + mod_fastcgiPHP,但從以前就發現 httpd 會自己死掉,雖然 parent httpd 會再把他叫起來,但會造成已經連上的 connection 斷線。

昨天花了一個下午的時間追這個 bug,後來發現是 mod_fastcgi 使用 getgrgid()getpwuid() 的原因造成的,這兩個 function 在 FreeBSD 上並不是 thread-safe function,在 Open Group 的文件也說明這兩個 function 不需要 thread-safe。

所以這兩個 function 必須用 getgrpid_r()getpwuid_r() 改寫。

除了把 patch 送到 FastCGI mailing list 上讓人確認外,這邊也放一份好了:
--- fcgi_util.c.orig    2009-07-08 17:16:29.816884000 +0800
+++ fcgi_util.c 2009-07-09 08:43:09.222180000 +0800
@@ -268,13 +268,17 @@
 /* Get the user membership for the file's group.  If the
  * uid is a member, check the group bits. */
 {
-        const struct group * const gr = getgrgid(statBuf->st_gid);
-        const struct passwd * const pw = getpwuid(uid);
+       char buf[1024], buf2[1024];
+       struct group gr, *r;
+       struct passwd pw, *r2;

-        if (gr != NULL && pw != NULL) {
-            char **user = gr->gr_mem;
+       getgrgid_r(statBuf->st_gid, &gr, buf, sizeof(buf), &r);
+       getpwuid_r(uid, &pw, buf2, sizeof(buf2), &r2);
+
+        if (r != NULL && r2 != NULL) {
+            char **user = r->gr_mem;
         for ( ; *user != NULL; user++) {
-                if (strcmp(*user, pw->pw_name) == 0) {
+                if (strcmp(*user, r2->pw_name) == 0) {
                 if (mode & R_OK && !(statBuf->st_mode & S_IRGRP))
                     return "read not allowed by group";
                 if (mode & W_OK && !(statBuf->st_mode & S_IWGRP))
@@ -445,8 +449,9 @@
{
#ifndef WIN32

+    char buf[1024];
 struct passwd *pw;
-    struct group  *gr;
+    struct group gr, *r;

 if (fcgi_wrapper == NULL)
     return NULL;
@@ -467,14 +472,14 @@
 s->username = s->user;

 s->gid = gid;
-    gr = getgrgid(gid);
-    if (gr == NULL) {
+    getgrgid_r(gid, &gr, buf, sizeof(buf), &r);
+    if (r == NULL) {
     return ap_psprintf(p,
         "getgrgid() couldn't determine the group name for gid '%ld', "
         "you probably need to modify the Group directive: %s",
         (long)gid, strerror(errno));
 }
-    s->group = ap_pstrdup(p, gr->gr_name);
+    s->group = ap_pstrdup(p, r->gr_name);

#endif /* !WIN32 */
張貼者: Gea-Suan Lin 9:11 上午

2 則留言:

eda 提到...
網誌管理員已經移除這則留言。
7:31 下午
匿名 提到...

South Korea has been sort of|a type of} countries where gamblers have not had a simple journey. For occasion, no playing home was allowed to operate in the nation until 1967, when the government legalized on line casino playing to spice up tourism. BANGKOK, Thailand – An INTERPOL-coordinated operation concentrating on illegal on-line playing and monetary fraud in Asia led to the arrest of some 48 individuals and the seizure of computer systems and other casino.edu.kg digital proof.

3:55 下午

張貼留言

訂閱: 張貼留言 (Atom)