package: libapache2-mod-fastcgi
A SEGV can happen in fcgi-fs_get_by_id() because fixups() passes a NULL
pointer to it.
Basically, mod_fastcgi.c:fixups() should verify r->filename is not NULL
before calling fcgi_util_fs_get_by_id(r->filename, uid, gid).
Here's the current mod_fastcgi.c:fixups() which clearly passes
r->filename without checking if it is NULL:
static int
fixups(request_rec * r)
{
uid_t uid;
gid_t gid;
get_request_identity(r, &uid, &gid);
if (fcgi_util_fs_get_by_id(r->filename, uid, gid))
{
r->handler = FASTCGI_HANDLER_NAME;
return OK;
}
return DECLINED;
}
More detailed description and a very small patch was posted here by the
person who found this problem:
http://www.fastcgi.com/archives/fastcgi-developers/2005-April/003673.html
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
