clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 10:27:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clear secret after use.

Browse Source
This commit is contained in:
George Wang 2015-12-08 23:43:29 -05:00
parent 5bcb7a7019
commit 292aa9d6cb
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
sapi/litespeed/lsapilib.c
View File

@ -128,7 +128,7 @@ static int s_pid_dump_debug_info = 0;
LSAPI_Request g_req = { -1, -1 }; LSAPI_Request g_req = { -1, -1 };
static char s_pSecret[24]; static char s_secret[24];
void Flush_RespBuf_r( LSAPI_Request * pReq ); void Flush_RespBuf_r( LSAPI_Request * pReq );
@ -670,7 +670,7 @@ static int readSecret( const char * pSecretFile )
close( fd ); close( fd );
return -1; return -1;
} }
if ( read( fd, s_pSecret, 16 ) < 16 ) if ( read( fd, s_secret, 16 ) < 16 )
{ {
fprintf( stderr, "LSAPI: failed to read secret from secret file: %s\n", pSecretFile ); fprintf( stderr, "LSAPI: failed to read secret from secret file: %s\n", pSecretFile );
close( fd ); close( fd );
@ -682,7 +682,7 @@ static int readSecret( const char * pSecretFile )
int LSAPI_is_suEXEC_Daemon() int LSAPI_is_suEXEC_Daemon()
{ {
if (( !s_uid )&&( s_pSecret[0] )) if (( !s_uid )&&( s_secret[0] ))
return 1; return 1;
else else
return 0; return 0;
@ -877,7 +877,7 @@ static int lsapi_suexec_auth( LSAPI_Request *pReq,
if ( len < 32 ) if ( len < 32 )
return -1; return -1;
memmove( achMD5, pAuth + 16, 16 ); memmove( achMD5, pAuth + 16, 16 );
memmove( pAuth + 16, s_pSecret, 16 ); memmove( pAuth + 16, s_secret, 16 );
lsapi_MD5Init( &md5ctx ); lsapi_MD5Init( &md5ctx );
lsapi_MD5Update( &md5ctx, (unsigned char *)pAuth, 32 ); lsapi_MD5Update( &md5ctx, (unsigned char *)pAuth, 32 );
lsapi_MD5Update( &md5ctx, (unsigned char *)pUgid, 8 ); lsapi_MD5Update( &md5ctx, (unsigned char *)pUgid, 8 );
@ -1170,8 +1170,11 @@ static int readReq( LSAPI_Request * pReq )
pReq->m_reqState = LSAPI_ST_REQ_BODY | LSAPI_ST_RESP_HEADER; pReq->m_reqState = LSAPI_ST_REQ_BODY | LSAPI_ST_RESP_HEADER;
if ( !s_uid ) if ( !s_uid )
{
if ( lsapi_changeUGid( pReq ) ) if ( lsapi_changeUGid( pReq ) )
return -1; return -1;
memset(s_secret, 0, sizeof(s_secret));
}
pReq->m_bufProcessed = packetLen; pReq->m_bufProcessed = packetLen;
//OPTIMIZATION //OPTIMIZATION
@ -1191,7 +1194,7 @@ int LSAPI_Init(void)
if ( !g_inited ) if ( !g_inited )
{ {
s_uid = geteuid(); s_uid = geteuid();
s_pSecret[0] = 0; s_secret[0] = 0;
lsapi_signal(SIGPIPE, lsapi_sigpipe); lsapi_signal(SIGPIPE, lsapi_sigpipe);
lsapi_signal(SIGUSR1, lsapi_siguser1); lsapi_signal(SIGUSR1, lsapi_siguser1);
@ -1444,7 +1447,7 @@ int LSAPI_ReqBodyGetLine_r( LSAPI_Request * pReq, char * pBuf, size_t bufLen, in
char * pBufCur = pBuf; char * pBufCur = pBuf;
char * pCur; char * pCur;
char * p; char * p;
if (!pReq || (pReq->m_fd ==-1) ||( !pBuf )|| !getLF ) if (!pReq || (pReq->m_fd ==-1) ||( !pBuf )||(bufLen < 0 )|| !getLF )
return -1; return -1;
*getLF = 0; *getLF = 0;
while( (left = pBufEnd - pBufCur ) > 0 ) while( (left = pBufEnd - pBufCur ) > 0 )
@ -1488,7 +1491,7 @@ ssize_t LSAPI_ReadReqBody_r( LSAPI_Request * pReq, char * pBuf, size_t bufLen )
ssize_t len; ssize_t len;
off_t total; off_t total;
/* char *pOldBuf = pBuf; */ /* char *pOldBuf = pBuf; */
if (!pReq || (pReq->m_fd ==-1) || ( !pBuf )) if (!pReq || (pReq->m_fd ==-1) || ( !pBuf )||(bufLen < 0 ))
return -1; return -1;
total = pReq->m_reqBodyLen - pReq->m_reqBodyRead; total = pReq->m_reqBodyLen - pReq->m_reqBodyRead;