Bug #2158

src/mod_cgi.c leaks opened file descriptors when fork fails

Added by rata almost 5 years ago. Updated almost 5 years ago.

Status:FixedStart date:2010-01-30
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:mod_cgi
Target version:-
Missing in 1.5.x:No

Description

In file src/mod_cgi.c the function cgi_create_env calls two times pipe() and creates two fds on each call. Then if fork returns -1, the opened fds are leaked since the function just returns -1 (and the arrays used to call pipe() are in the stack, so there is no other reference to them). That results in 4 fds leaked each time fork fails.

I noticed this when my server was under memory pressure and fork started to fail. Then all fds where used and the " file not found ... or so: Too many open files" error was shown in the logs. I was using the default 1024 server.max-fds setting, and if I "ls -1 /proc/<lighttpd pid>/fd | wc -l" it returned 1023. So it makes sense.

Also, when I run "lsof | grep lighttpd" I noticed there where a lot of fds of type FIFO named pipe. In fact, they where 1016 of them. And the error that fork fail appeared 254 times in the logs ==> 254*4 = 1016. So this 4 leaked fds per time fork fails would explain the 1016 opened fds I had.

The attached patch (against rev 2705 and only compile tested) should fix it by just closing the 4 opened fds before the function returns if fork failed.

This bug also affect at least 1.4.19 ubuntu version and debian 1.4.25 version. If you want me to backport the patch, please let me know.

Thanks a lot,
Rodrigo

close-opened-fds-if-fork-fails.patch Magnifier (430 Bytes) rata, 2010-01-30 03:36

Associated revisions

Revision 2706
Added by stbuehler almost 5 years ago

Fix fd leaks in mod_cgi (fds not closed on pipe/fork failures, found by Rodrigo, fixes #2158, #2159)

History

#1 Updated by stbuehler almost 5 years ago

  • Status changed from New to Fixed
  • % Done changed from 0 to 100

Applied in changeset r2706.

Also available in: Atom