Project

General

Profile

Actions

Bug #2691

closed

[PATCH] zero sockaddr structures before use in mod_*cgi

Added by mackyle about 9 years ago. Updated about 9 years ago.

Status:
Fixed
Priority:
Normal
Category:
mod_fastcgi
Target version:
ASK QUESTIONS IN Forums:

Description

When a sockaddr_un, sockaddr_in or sockaddr_in6 structure
is allocated on the stack or heap, it may contain random
byte values.

The "unused" and "reserved" parts must be zerod otherwise
unexpected failures may occur. The simplest way to do
this and be compatible with various platforms' struct
layouts is just to memset them to 0.

The current version of the code is just zeroing the pointer
to the struct but not the struct itself which is not helpful.

This problem affects both mod_fastcgi and mod_scgi.

Patch file attached.

See also http://repo.or.cz/lighttpd/svnmirror/patches.git/commitdiff/37649f23


Files

Actions #1

Updated by stbuehler about 9 years ago

  • Target version changed from 1.4.x to 1.4.38

Sounds good.

Actions #2

Updated by stbuehler about 9 years ago

  • Status changed from New to Fixed
  • % Done changed from 0 to 100

Applied in changeset r3059.

Actions

Also available in: Atom