diff options
-rw-r--r-- | package/uhttpd/Makefile | 4 | ||||
-rw-r--r-- | package/uhttpd/src/uhttpd-cgi.c | 10 | ||||
-rw-r--r-- | package/uhttpd/src/uhttpd.c | 2 |
3 files changed, 13 insertions, 3 deletions
diff --git a/package/uhttpd/Makefile b/package/uhttpd/Makefile index 077d1f238..cd1a4771a 100644 --- a/package/uhttpd/Makefile +++ b/package/uhttpd/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org> +# Copyright (C) 2010-2011 Jo-Philipp Wich <xm@subsignal.org> # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=uhttpd -PKG_RELEASE:=22 +PKG_RELEASE:=23 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) PKG_BUILD_DEPENDS := libcyassl liblua diff --git a/package/uhttpd/src/uhttpd-cgi.c b/package/uhttpd/src/uhttpd-cgi.c index 8c17251b3..ed688514c 100644 --- a/package/uhttpd/src/uhttpd-cgi.c +++ b/package/uhttpd/src/uhttpd-cgi.c @@ -157,6 +157,8 @@ void uh_cgi_request( fd_set reader; fd_set writer; + sigset_t ss; + struct sigaction sa; struct timeval timeout; struct http_response *res; @@ -187,6 +189,10 @@ void uh_cgi_request( /* exec child */ case 0: + /* unblock signals */ + sigemptyset(&ss); + sigprocmask(SIG_SETMASK, &ss, NULL); + /* restore SIGTERM */ sa.sa_flags = 0; sa.sa_handler = SIG_DFL; @@ -201,6 +207,10 @@ void uh_cgi_request( dup2(rfd[1], 1); dup2(wfd[0], 0); + /* avoid leaking our pipe into child-child processes */ + fd_cloexec(rfd[1]); + fd_cloexec(wfd[0]); + /* check for regular, world-executable file _or_ interpreter */ if( ((pi->stat.st_mode & S_IFREG) && (pi->stat.st_mode & S_IXOTH)) || (ip != NULL) diff --git a/package/uhttpd/src/uhttpd.c b/package/uhttpd/src/uhttpd.c index 50c3b32a9..4a3bced72 100644 --- a/package/uhttpd/src/uhttpd.c +++ b/package/uhttpd/src/uhttpd.c @@ -621,7 +621,7 @@ static void uh_mainloop(struct config *conf, fd_set serv_fds, int max_fd) } #ifdef HAVE_TLS -static inline uh_inittls(struct config *conf) +static inline int uh_inittls(struct config *conf) { /* library handle */ void *lib; |