diff options
| author | Stefan Esser | 2014-05-15 14:08:37 +0200 |
|---|---|---|
| committer | Stefan Esser | 2014-05-15 14:08:37 +0200 |
| commit | 355696b80f1787d2fe3768a5b29853288b92e3fa (patch) | |
| tree | 57f3354ad6da8cd53f7f0a54df72a00a38d9b725 /log.c | |
| parent | 18cbd19f1dabbd8f8daafac79dd339ec4c43d322 (diff) | |
Better tracking of non existing/non executable logging scripts
Diffstat (limited to 'log.c')
| -rw-r--r-- | log.c | 28 |
1 files changed, 25 insertions, 3 deletions
| @@ -296,13 +296,24 @@ log_sapi: | |||
| 296 | char cmd[8192], *cmdpos, *bufpos; | 296 | char cmd[8192], *cmdpos, *bufpos; |
| 297 | FILE *in; | 297 | FILE *in; |
| 298 | int space; | 298 | int space; |
| 299 | struct stat st; | ||
| 299 | 300 | ||
| 300 | char *sname = SUHOSIN_G(log_scriptname); | 301 | char *sname = SUHOSIN_G(log_scriptname); |
| 301 | while (isspace(*sname)) ++sname; | 302 | while (isspace(*sname)) ++sname; |
| 302 | if (*sname == 0) goto log_phpscript; | 303 | if (*sname == 0) goto log_phpscript; |
| 303 | 304 | ||
| 304 | ap_php_snprintf(cmd, sizeof(cmd), "%s %s \'", sname, loglevel2string(loglevel)); | 305 | if (VCWD_STAT(sname, &st) < 0) { |
| 305 | space = sizeof(cmd) - strlen(cmd); | 306 | suhosin_log(S_INTERNAL, "unable to find logging shell script %s - file dropped", sname); |
| 307 | goto log_phpscript; | ||
| 308 | } | ||
| 309 | if (access(sname, X_OK|R_OK) < 0) { | ||
| 310 | suhosin_log(S_INTERNAL, "logging shell script %s is not executable - file dropped", sname); | ||
| 311 | goto log_phpscript; | ||
| 312 | } | ||
| 313 | |||
| 314 | /* TODO: clean up this code to calculate size of output dynamically */ | ||
| 315 | ap_php_snprintf(cmd, sizeof(cmd) - 20, "%s %s \'", sname, loglevel2string(loglevel)); | ||
| 316 | space = sizeof(cmd) - strlen(cmd) - 20; | ||
| 306 | cmdpos = cmd + strlen(cmd); | 317 | cmdpos = cmd + strlen(cmd); |
| 307 | bufpos = buf; | 318 | bufpos = buf; |
| 308 | if (space <= 1) return; | 319 | if (space <= 1) return; |
| @@ -321,11 +332,16 @@ log_sapi: | |||
| 321 | } | 332 | } |
| 322 | } | 333 | } |
| 323 | *cmdpos++ = '\''; | 334 | *cmdpos++ = '\''; |
| 335 | *cmdpos++ = ' '; | ||
| 336 | *cmdpos++ = '2'; | ||
| 337 | *cmdpos++ = '>'; | ||
| 338 | *cmdpos++ = '&'; | ||
| 339 | *cmdpos++ = '1'; | ||
| 324 | *cmdpos = 0; | 340 | *cmdpos = 0; |
| 325 | 341 | ||
| 326 | if ((in=VCWD_POPEN(cmd, "r"))==NULL) { | 342 | if ((in=VCWD_POPEN(cmd, "r"))==NULL) { |
| 327 | suhosin_log(S_INTERNAL, "Unable to execute logging shell script: %s", sname); | 343 | suhosin_log(S_INTERNAL, "Unable to execute logging shell script: %s", sname); |
| 328 | return; | 344 | goto log_phpscript; |
| 329 | } | 345 | } |
| 330 | /* read and forget the result */ | 346 | /* read and forget the result */ |
| 331 | while (1) { | 347 | while (1) { |
| @@ -333,6 +349,12 @@ log_sapi: | |||
| 333 | if (readbytes<=0) { | 349 | if (readbytes<=0) { |
| 334 | break; | 350 | break; |
| 335 | } | 351 | } |
| 352 | if (strncmp(cmd, "sh: ", 4) == 0) { | ||
| 353 | /* assume this is an error */ | ||
| 354 | suhosin_log(S_INTERNAL, "Error while executing logging shell script: %s", sname); | ||
| 355 | pclose(in); | ||
| 356 | goto log_phpscript; | ||
| 357 | } | ||
| 336 | } | 358 | } |
| 337 | pclose(in); | 359 | pclose(in); |
| 338 | } | 360 | } |