Lighttpd

I've downloaded the latest version, and it looks slightly less prone to the error, but still affected. The log now looks like:

(mod_cgi.c.695) cgi died, pid: 23350

Thanks!

That would appear to be indicative of a problem with your CGI. That line in lighttpd 1.4.45 in mod_cgi.c means that the process did not exit normally. The CGI was either killed by a signal or core dumped. If your CGI closes stdout before exiting, lighttpd will send the CGI a TERM signal, so if your CGI closes stdout before exiting and needs to do processing after closing stdout, then the CGI needs to trap SIGTERM.

Regarding the output sent the client, is the client receiving the full response now with lighttpd 1.4.45, even if there is an entry in the log that the CGI died? Or is the response to the client still being truncated? Can you share the CGI?

The client receive no response, only the error (same as 1.4.31 version). This is the cgi: https://drive.google.com/open?id=0B4fjLZeeYfAxczdVeDVpX1FQTU0

Steps to reproduce:
Connect to <host>/cgi-bin/imbuga.cgi (this cgi sleeps for 60 seconds to give us time)

Then on another browser tab <host>/cgi-bin/test_email.cgi

It will succeed at first, but if you keep do F5 (like, 32 times) on test_email eventually you'll hit the 500 error.

The first thing I notice is that the CGI is not returning a proper CGI/1.1 response header before returning the response body.

Your json_ok() should start with

echo "Status: 200" 
echo

echo "Status: 403" 
echo

Otherwise, lighttpd (or other web servers) might think that the subsequent response is part of the CGI/1.1 header, not the response body.

If lighttpd never sees a blank line (which ends the CGI/1.1 response header), then lighttpd might think that the response in invalid (due to incomplete CGI/1.1 response header) and may return 500 error to the client.

Many thanks! This solved my issue even on 1.4.31! :)