>Number: 2942
>Category: suexec
>Synopsis: suexec did not work
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Tue Sep 1 16:30:00 PDT 1998
>Last-Modified:
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: 1.3.1
>Environment:
Linux 2.0.33, egcs 1.0.3
>Description:
In my environment suexec did not work, even with no output into the logfile.
The server returned an internal error.
Further investigation showed up, that the static variable "log"
was not initialized. Accidentally in my case it was not NULL,
so the logfile was not opened, instead the error output was done
with an invalid FILE pointer, which led to an crash of the script.
>How-To-Repeat:
>Fix:
The following patch solves the problem
--- suexec.c.orig Wed Sep 2 01:18:30 1998
+++ suexec.c Wed Sep 2 01:05:15 1998
@@ -109,7 +109,7 @@
#define AP_ENVBUF 256
extern char **environ;
-static FILE *log;
+static FILE *log = NULL;
char *safe_env_lst[] =
{
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request ]
[from a developer. ]
[Reply only with text; DO NOT SEND ATTACHMENTS! ]
