Changeset 2186 for trunk


Ignore:
Timestamp:
May 5, 2012, 5:40:12 PM (12 years ago)
Author:
ezyang
Message:
Another mitigation to the PHP command line flags vulnerability.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/server/common/patches/httpd-suexec-scripts.patch

    r1877 r2186  
    314314         exit(121);
    315315     }
    316 @@ -614,6 +767,23 @@
     316@@ -614,6 +767,30 @@
    317317     /*
    318318      * Execute the command, replacing our image with its own.
     
    331331+        argv[1] = PHP_PATH;
    332332+        argv[2] = "-f";
     333+        /*
     334+         * argv[3] is the command to run. argv[4] is either an argument or
     335+         * already null. We don't want to pass any arguments through from
     336+         * Apache (since they're untrusted), so we chop off the remainder
     337+         * of argv here.
     338+         */
     339+        argv[4] = 0;
    333340+        execv(PHP_PATH, &argv[1]);
    334341+        log_err("(%d)%s: php exec failed (%s)\n", errno, strerror(errno), argv[1]);
Note: See TracChangeset for help on using the changeset viewer.