From: Sander Striker <striker@apache.org>
Date: Wed, 9 Jul 2003 12:24:52 +0000 (+0000)
Subject: Forward port patch for CAN-2003-0253 from 2.0.
X-Git-Tag: pre_ajp_proxy~1472
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c61229986c131d6856f40fd39251815d2a0f0c81;p=apache

Forward port patch for CAN-2003-0253 from 2.0.

SECURITY [CAN-2003-0253]: Fixed a bug in prefork MPM causing
temporary denial of service when accept() on a rarely accessed port
returns certain errors.  Reported by Saheed Akhtar
<S.Akhtar@talis.com>.  [Jeff Trawick]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100517 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 12fe33322e..e372321131 100644
--- a/CHANGES
+++ b/CHANGES
@@ -169,6 +169,11 @@ Changes with Apache 2.0.48
 
 Changes with Apache 2.0.47
 
+  *) SECURITY [CAN-2003-0253]: Fixed a bug in prefork MPM causing
+     temporary denial of service when accept() on a rarely accessed port
+     returns certain errors.  Reported by Saheed Akhtar
+     <S.Akhtar@talis.com>.  [Jeff Trawick]
+
   *) SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
      of service when target host is IPv6 but proxy server can't create
      IPv6 socket.  Fixed by the reporter.  [Yoshioka Tsuneo
diff --git a/server/mpm/prefork/prefork.c b/server/mpm/prefork/prefork.c
index 699366532d..d9dbca81a5 100644
--- a/server/mpm/prefork/prefork.c
+++ b/server/mpm/prefork/prefork.c
@@ -625,22 +625,17 @@ static void child_main(int child_num_arg)
 	/* if we accept() something we don't want to die, so we have to
 	 * defer the exit
 	 */
-	for (;;) {
-            status = listensocks[offset].accept_func(&csd, 
-                                       &listensocks[offset], ptrans);
+        status = listensocks[offset].accept_func(&csd,
+                                                 &listensocks[offset], ptrans);
+        SAFE_ACCEPT(accept_mutex_off());      /* unlock after "accept" */
 
-            if (status == APR_SUCCESS) {
-                break;
-            }
-            if (status == APR_EGENERAL) {
-                /* resource shortage or should-not-occur occured */
-                clean_child_exit(1);
-            }
-            if (APR_STATUS_IS_EINTR(status) && one_process && shutdown_pending) {
-                return;
-            }
+        if (status == APR_EGENERAL) {
+            /* resource shortage or should-not-occur occured */
+            clean_child_exit(1);
+        }
+        else if (status != APR_SUCCESS) {
+            continue;
         }
-	SAFE_ACCEPT(accept_mutex_off());	/* unlock after "accept" */
 
 	/*
 	 * We now have a connection, so set it up with the appropriate