From: Jim Jagielski Date: Mon, 2 Mar 2015 11:12:18 +0000 (+0000) Subject: Merge r1656669 from trunk: X-Git-Tag: 2.4.13~381 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=75c2dc8960c1ef1f595a1d474620c1d868dd3994;p=apache Merge r1656669 from trunk: mod_macro: Clear macros before initialization to avoid use-after-free on startup or restart when the module is linked statically. PR 57525 Submitted by: apache.org tech.futurequest.net Committed by: Yann Ylavic Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1663260 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 50a254a7ca..e4560d39da 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,10 @@ Changes with Apache 2.4.13 + *) mod_macro: Clear macros before initialization to avoid use-after-free + on startup or restart when the module is linked statically. PR 57525 + [apache.org tech.futurequest.net, Yann Ylavic] + *) mod_alias: Introduce expression parser support for Alias, ScriptAlias and Redirect. [Graham Leggett] diff --git a/STATUS b/STATUS index e44dcc7ff0..f0c4d836c5 100644 --- a/STATUS +++ b/STATUS @@ -107,12 +107,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_macro: Clear macros before initialization to avoid use-after-free - on startup or restart when the module is linked statically. PR 57525 - trunk patch: http://svn.apache.org/r1656669 - 2.4.x patch: trunk works (modulo CHANGES) - +1: ylavic, covener, jim - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] diff --git a/modules/core/mod_macro.c b/modules/core/mod_macro.c index 3fc72176e5..ea89a6098c 100644 --- a/modules/core/mod_macro.c +++ b/modules/core/mod_macro.c @@ -75,14 +75,9 @@ typedef struct Macros are kept globally... They are not per-server or per-directory entities. - I would need a hook BEFORE and AFTER configuration processing - to initialize and close them properly, but no such thing is exported, - although it could be available from within apache. - - I would have such a hook if in server/config.c - The "initializer" does not seem to be called before. - note: they are in a temp_pool, and there is a lazy initialization. + ap_macros is reset to NULL in pre_config hook to not depend + on static vs dynamic configuration. hash type: (char *) name -> (ap_macro_t *) macro */ @@ -914,6 +909,12 @@ static const char *undef_macro(cmd_parms * cmd, void *dummy, const char *arg) return NULL; } +static int macro_pre_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp) +{ + ap_macros = NULL; + return OK; +} + /************************************************************* EXPORT MODULE */ /* @@ -932,6 +933,11 @@ static const command_rec macro_cmds[] = { {NULL} }; +static void macro_hooks(apr_pool_t *p) +{ + ap_hook_pre_config(macro_pre_config, NULL, NULL, APR_HOOK_MIDDLE); +} + /* Module hooks are request-oriented thus it does not suit configuration file utils a lot. I haven't found any clean hook to apply something @@ -949,5 +955,5 @@ AP_DECLARE_MODULE(macro) = { NULL, /* create per-server config structure */ NULL, /* merge per-server config structures */ macro_cmds, /* configuration commands */ - NULL /* register hooks */ + macro_hooks /* register hooks */ };