On 05/15/2008 05:29 AM, BOYA SUN wrote:
Here is another potential bug we've just discovered, and it seems to be occured
in several places. Please also take a look at it if interested, thanks a lot!
Boya
-----------------------
Bug#7
File Name: /httpd-2.2.8/srclib/apr/file_io/unidx/readwrite.c (63)
Function Name: apr_file_puts()
Code:
304: APR_DECLARE(apr_status_t) apr_file_puts(const char *str, apr_file_t
*thefile)
305: {
306: return apr_file_write_full(thefile, str, strlen(str), NULL);
307: }
Description: An error occur if apr_file_write_full() returns “!APR_SUCCESS”. According to the above code, we infer that an error occurs if apr_file_puts() returns “!APR_SUCCESS”. However, the return values of apr_file_puts() are not checked in the following locations.
\apache\src\log.c(682): apr_file_puts(errstr, logf);
I see nothing reasonable that we can do in this situation but ignoring the
error.
\apache\src\mod_cgi.c(254): apr_file_puts("%request\n", f);
\apache\src\mod_cgi.c(265): apr_file_puts("%response\n", f);
\apache\src\mod_cgi.c(291): apr_file_puts("%stdout\n", f);
\apache\src\mod_cgi.c(295): apr_file_puts("\n", f);
\apache\src\mod_cgi.c(299): apr_file_puts("%stderr\n", f);
\apache\src\mod_cgi.c(300): apr_file_puts(argsbuffer, f);
\apache\src\mod_cgi.c(303): apr_file_puts(argsbuffer, f);
\apache\src\mod_cgi.c(305): apr_file_puts("\n", f);
\apache\src\mod_cgid.c(1029): apr_file_puts("%request\n", f);
\apache\src\mod_cgid.c(1040): apr_file_puts("%response\n", f);
\apache\src\mod_cgid.c(1067): apr_file_puts("%stdout\n", f);
\apache\src\mod_cgid.c(1071): apr_file_puts("\n", f);
\apache\src\mod_cgid.c(1077): apr_file_puts("%stderr\n", f);
\apache\src\mod_cgid.c(1078): apr_file_puts(argsbuffer, f);
\apache\src\mod_cgid.c(1081): apr_file_puts(argsbuffer, f);
\apache\src\mod_cgid.c(1082): apr_file_puts("\n", f);
We might could log an error in all these situations. Somebody eager to fix this
:-)?
Regards
Rüdiger
