diff options
author | Ivan Kohler <ivan@freeside.biz> | 2012-06-12 03:01:29 -0700 |
---|---|---|
committer | Ivan Kohler <ivan@freeside.biz> | 2012-06-12 03:01:29 -0700 |
commit | dc058e6549b8353ae16e8a1b3f6d88b667d5c8d9 (patch) | |
tree | e54358eb591b16a423d74873b30cd3d032618907 /htetc | |
parent | d947f2b79c85632487c96731a4f05b32b757ea95 (diff) |
add file descriptor 0/1 protection from RT 3.8.13 upgrade, RT#18040
Diffstat (limited to 'htetc')
-rw-r--r-- | htetc/handler.pl | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/htetc/handler.pl b/htetc/handler.pl index e065f09..b00ab6d 100644 --- a/htetc/handler.pl +++ b/htetc/handler.pl @@ -31,11 +31,30 @@ my $ah = new HTML::Mason::ApacheHandler ( # #chown (Apache->server->uid, Apache->server->gid, $interp->files_written); +my $protect_fds; + sub handler { #($r) = @_; my $r = shift; + #from rt/bin/webmux.pl(.in) + if ( !$protect_fds && $ENV{'MOD_PERL'} && exists $ENV{'MOD_PERL_API_VERSION'} + && $ENV{'MOD_PERL_API_VERSION'} >= 2 + ) { + # under mod_perl2, STDIN and STDOUT get closed and re-opened, + # however they are not on FD 0 and 1. In this case, the next + # socket that gets opened will occupy one of these FDs, and make + # all system() and open "|-" calls dangerous; for example, the + # DBI handle can get this FD, which later system() calls will + # close by putting garbage into the socket. + $protect_fds = []; + push @{$protect_fds}, IO::Handle->new_from_fd(0, "r") + if fileno(STDIN) != 0; + push @{$protect_fds}, IO::Handle->new_from_fd(1, "w") + if fileno(STDOUT) != 1; + } + # If you plan to intermix images in the same directory as # components, activate the following to prevent Mason from # evaluating image files as components. |