cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

...try again from a clean checkout directory; this patch should have

Browse Source 
been removed with the last commit:

update to 1.6.2, amongst other things, fixes a problem with usernames
starting with digits. from Brad (maintainer).
This commit is contained in:
sthen 2009-04-18 20:29:56 +00:00
parent 4301581ff4
commit 78d6e09453
1 changed files with 0 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
www/spawn-fcgi/patches/patch-src_spawn-fcgi_c
View File

@ -1,71 +0,0 @@
$OpenBSD: patch-src_spawn-fcgi_c,v 1.1 2009/04/15 00:21:13 sthen Exp $
--- src/spawn-fcgi.c.orig Sun Mar 29 08:30:25 2009
+++ src/spawn-fcgi.c Sat Apr 11 21:19:30 2009
@@ -308,13 +308,14 @@ static int find_user_group(const char *user, const cha
gid_t my_gid = 0;
struct passwd *my_pwd = NULL;
struct group *my_grp = NULL;
+ char *endptr = NULL;
*uid = 0; *gid = 0;
if (username) *username = NULL;
if (user) {
- my_uid = strtol(user, NULL, 10);
+ my_uid = strtol(user, &endptr, 10);
- if (my_uid <= 0) {
+ if (my_uid <= 0 || *endptr) {
if (NULL == (my_pwd = getpwnam(user))) {
fprintf(stderr, "spawn-fcgi: can't find user name %s\n", user);
return -1;
@@ -329,14 +330,14 @@ static int find_user_group(const char *user, const cha
if (username) *username = user;
} else {
my_pwd = getpwuid(my_uid);
- if (username) *username = my_pwd->pw_name;
+ if (username && my_pwd) *username = my_pwd->pw_name;
}
}
if (group) {
- my_gid = strtol(group, NULL, 10);
+ my_gid = strtol(group, &endptr, 10);
- if (my_gid <= 0) {
+ if (my_gid <= 0 || *endptr) {
if (NULL == (my_grp = getgrnam(group))) {
fprintf(stderr, "spawn-fcgi: can't find group name %s\n", group);
return -1;
@@ -408,6 +409,7 @@ int main(int argc, char **argv) {
*sockusername = NULL, *sockgroupname = NULL, *fcgi_dir = NULL,
*addr = NULL;
char **fcgi_app_argv = { NULL };
+ char *endptr = NULL;
unsigned short port = 0;
int sockmode = -1;
int child_count = -1;
@@ -431,7 +433,12 @@ int main(int argc, char **argv) {
case 'f': fcgi_app = optarg; break;
case 'd': fcgi_dir = optarg; break;
case 'a': addr = optarg;/* ip addr */ break;
- case 'p': port = strtol(optarg, NULL, 10);/* port */ break;
+ case 'p': port = strtol(optarg, &endptr, 10);/* port */
+ if (*endptr) {
+ fprintf(stderr, "spawn-fcgi: invalid port: %u\n", (unsigned int) port);
+ return -1;
+ }
+ break;
case 'C': child_count = strtol(optarg, NULL, 10);/* */ break;
case 'F': fork_count = strtol(optarg, NULL, 10);/* */ break;
case 's': unixsocket = optarg; /* unix-domain socket */ break;
@@ -525,6 +532,10 @@ int main(int argc, char **argv) {
if (-1 == find_user_group(sockusername, sockgroupname, &sockuid, &sockgid, NULL))
return -1;
+
+ if (uid != 0 && gid == 0) {
+ fprintf(stderr, "spawn-fcgi: WARNING: couldn't find the user for uid %i and no group was specified, so only the user privileges will be dropped\n", (int) uid);
+ }
if (0 == sockuid) sockuid = uid;
if (0 == sockgid) sockgid = gid;