Project

General

Profile

Bug #1289

lighttpd runs in endless loop on FreeBSD

Added by moo over 11 years ago. Updated over 11 years ago.

Status:
Fixed
Priority:
Normal
Assignee:
-
Category:
core
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Missing in 1.5.x:

Description

lighttpd runs in endless loop on FreeBSD if a file was shrinked.

There are several programming errors in
branches/lighttpd-1.4.x/src/network_freebsd_sendfile.c

First, in line 152 is an off-by-one:


if (offset > sce->st.st_size) {
[ code deleted to pass the broken Akismet filter ]
    return -1;
}

it should be {{{
offset >= sce->st.st_size
}}}

it does not make sense to open a file and read data past
end of file.

This is harmless, sendfile(2) can handle this case:


     The offset argument specifies where to begin in the file.  Should offset
     fall beyond the end of file, the system will return success and report 0
     bytes sent as described below.  

but lighttpd does not check for 0 bytes sent (line 181-187). Now lighttpd
runs open/sendfile/close in an endless loop, read & send 0 bytes and
used 100% CPU time.

For a fix, see the linux sendfile implementation at
src/network_linux_sendfile.c line 177.

Associated revisions

Revision 1934 (diff)
Added by jan over 11 years ago

fixed endless loop on shrinked files on *BSD (fixes #1289)

History

#1

Updated by moo over 11 years ago

reported by

#2

Updated by jan over 11 years ago

  • Status changed from New to Fixed
  • Resolution set to fixed

r1933 takes the code from the linux-sendfile handler as suggested.

#3

Updated by jan over 11 years ago

r1934 fixes it for 1.5.x

Also available in: Atom