Skip to content

Commit 8f04f44

Browse files
martinhsvmartinhsv
authored
Merge pull request #2046 from arminabf/segfault-with-assigned-user
segfault with assigned user id on OpenShift
2 parents 31c3b4e + 46c6cb2 commit 8f04f44

File tree

2 files changed

+26
-13
lines changed

2 files changed

+26
-13
lines changed

apache2/msc_logging.c

+7-3
Original file line numberDiff line numberDiff line change
@@ -234,16 +234,20 @@ static char *construct_auditlog_filename(apr_pool_t *mp, const char *uniqueid) {
234234
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
235235
* It also changes the return statement.
236236
*/
237-
char *username;
237+
char *userinfo;
238+
apr_status_t rc;
238239
apr_uid_t uid;
239240
apr_gid_t gid;
240241
apr_uid_current(&uid, &gid, mp);
241-
apr_uid_name_get(&username, uid, mp);
242+
rc = apr_uid_name_get(&userinfo, uid, mp);
243+
if (rc != APR_SUCCESS) {
244+
userinfo = apr_psprintf(mp, "%u", uid);
245+
}
242246

243247
apr_time_exp_lt(&t, apr_time_now());
244248

245249
apr_strftime(tstr, &len, 299, "/%Y%m%d/%Y%m%d-%H%M/%Y%m%d-%H%M%S", &t);
246-
return apr_psprintf(mp, "/%s%s-%s", username, tstr, uniqueid);
250+
return apr_psprintf(mp, "/%s%s-%s", userinfo, tstr, uniqueid);
247251
}
248252

249253
/**

apache2/persist_dbm.c

+19-10
Original file line numberDiff line numberDiff line change
@@ -104,11 +104,14 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec
104104
/**
105105
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
106106
*/
107-
char *username;
107+
char *userinfo;
108108
apr_uid_t uid;
109109
apr_gid_t gid;
110110
apr_uid_current(&uid, &gid, msr->mp);
111-
apr_uid_name_get(&username, uid, msr->mp);
111+
rc = apr_uid_name_get(&userinfo, uid, msr->mp);
112+
if (rc != APR_SUCCESS) {
113+
userinfo = apr_psprintf(msr->mp, "%u", uid);
114+
}
112115

113116
if (msr->txcfg->data_dir == NULL) {
114117
msr_log(msr, 1, "collection_retrieve_ex: Unable to retrieve collection (name \"%s\", key \"%s\"). Use "
@@ -117,7 +120,7 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec
117120
goto cleanup;
118121
}
119122

120-
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL);
123+
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", userinfo, "-", col_name, NULL);
121124

122125
if (msr->txcfg->debuglog_level >= 9) {
123126
msr_log(msr, 9, "collection_retrieve_ex: collection_retrieve_ex: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),
@@ -385,11 +388,14 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
385388
/**
386389
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
387390
*/
388-
char *username;
391+
char *userinfo;
389392
apr_uid_t uid;
390393
apr_gid_t gid;
391394
apr_uid_current(&uid, &gid, msr->mp);
392-
apr_uid_name_get(&username, uid, msr->mp);
395+
rc = apr_uid_name_get(&userinfo, uid, msr->mp);
396+
if (rc != APR_SUCCESS) {
397+
userinfo = apr_psprintf(msr->mp, "%u", uid);
398+
}
393399

394400
var_name = (msc_string *)apr_table_get(col, "__name");
395401
if (var_name == NULL) {
@@ -409,7 +415,7 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
409415
}
410416

411417
// ENH: lowercase the var name in the filename
412-
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", var_name->value, NULL);
418+
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", userinfo, "-", var_name->value, NULL);
413419

414420
if (msr->txcfg->debuglog_level >= 9) {
415421
msr_log(msr, 9, "collection_store: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, var_name->value),
@@ -675,11 +681,14 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) {
675681
/**
676682
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
677683
*/
678-
char *username;
684+
char *userinfo;
679685
apr_uid_t uid;
680686
apr_gid_t gid;
681687
apr_uid_current(&uid, &gid, msr->mp);
682-
apr_uid_name_get(&username, uid, msr->mp);
688+
rc = apr_uid_name_get(&userinfo, uid, msr->mp);
689+
if (rc != APR_SUCCESS) {
690+
userinfo = apr_psprintf(msr->mp, "%u", uid);
691+
}
683692

684693
if (msr->txcfg->data_dir == NULL) {
685694
/* The user has been warned about this problem enough times already by now.
@@ -690,9 +699,9 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) {
690699
}
691700

692701
if(strstr(col_name,"USER") || strstr(col_name,"SESSION") || strstr(col_name, "RESOURCE"))
693-
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", msr->txcfg->webappid, "_", col_name, NULL);
702+
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", userinfo, "-", msr->txcfg->webappid, "_", col_name, NULL);
694703
else
695-
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL);
704+
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", userinfo, "-", col_name, NULL);
696705

697706
if (msr->txcfg->debuglog_level >= 9) {
698707
msr_log(msr, 9, "collections_remove_stale: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),

0 commit comments

Comments
 (0)