Checkout Tools
  • last updated 1 hour ago
Constraints: committers
Constraints: files
Constraints: dates
Fix a NULL pointer dereference

* server/scoreboard.c (ap_increment_counts): In certain cases like certain

invalid requests r->method might be NULL here. r->method_number defaults

to M_GET and hence is M_GET in these cases.

* server/scoreboard.c (open_scoreboard): Create the scoreboard in the

parent of pconf rather than creating another global pool.

PR: 43471

mod_status: Cumulate CPU time of exited child

processes in the "cu" and "cs" values.

Add CPU time of the parent process to the

"c" and "s" values.

  1. … 5 more files in changeset.
mod_status: Add cumulated response duration time

in milliseconds.

  1. … 4 more files in changeset.
Fix PR54848 in a 2.4.x backportable format. Ideally deprecating the use

of ->client in whatever version of 2.4 this is added into would be

more logical.

  1. … 6 more files in changeset.
core, mpm_event: Add ap_update_sb_handle() to avoid a small memory leak of

sizeof(ap_sb_handle_t) when re-entering event's process_socket().

  1. … 3 more files in changeset.
80 chars

PR60647: ACC per connection not available w/ event MPM

  1. … 4 more files in changeset.
Revert to 2.4.1 behavior and null the request and vhost as appropriate. PR 59333

Ensure http2 follows http in the meaning of

status WRITE (meaning 'in the request processing

phase' even if still consuming the request body,

not literally in a 'now writing' state).

Ensure a number of MPMs and the h2 connection io

no longer clobber the request status line during

state-only changes. While at it, clean up some

very ugly formatting and unnecessary decoration,

and avoid the wordy _from_conn() flavor when we

are not passing a connection_rec.

Ensure the useragent_ip is only used in the case

where it has been initialized, fall back on the

connection's remote_ip if the status is accidently

updated from an uninitialized request_rec.

  1. … 8 more files in changeset.
scoreboard/status: follow up to 1739146.

Comment not needed anymore...

scoreboard/status: follow up to r1739008.

Restore (completely) pre-2.4.20 behaviour w.r.t. preserved values.

r1739008 was still unnessessarily blanking some values for the time of

BUSY_READ -> BUSY_WRITE (with blocking MPMs).

scoreboard/status: Keep previous worker connection/request data when idle as

prior to 2.4.20.

  1. … 1 more file in changeset.
Make ap_find_child_by_pid() look at all slots that have ever been used.

This is preparation to allow to use more scoreboard slots in mpm event.

A rather ugly patch since the code was refactored recently to exclude

the simple patch for 2.4.x, illustrated below.

Completes the changeset r1729930 and resolves all 2.4.19-dev corrections,

but other 2.5.0-dev specific changes may still be needed on trunk.

--- server/scoreboard.c (revision 1729907)

+++ server/scoreboard.c (working copy)

@@ -491,9 +491,8 @@

ws->conn_bytes = 0;


if (r) {

- const char *client = ap_get_remote_host(c, r->per_dir_config,


- if (!client || !strcmp(client, c->client_ip)) {

+ const char *client;

+ if (!(client = ap_get_useragent_host(r, REMOTE_NOLOOKUP, NULL))) {

apr_cpystrn(ws->client, r->useragent_ip, sizeof(ws->client));


else {

scoreboard addition of protocol, new ap_udpte_child_status methods
  1. … 3 more files in changeset.
core: fix scoreboard alignment issues and crash (SIGBUS) on picky hardware.
core: follow up to r1668532: always initialize optional_fn pointers in ap_create_scoreboard().
core: Initialize scoreboard's used optional functions on graceful restarts to

avoid a crash when relocation occurs. PR 57177.

  1. … 1 more file in changeset.
* server/scoreboard.c: Check for child_num < 0 also in ap_update_child_status

and ap_update_child_status_from_conn. PR 56767.

mod_status should honor remote_ip as documented

SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling,

which could lead to a heap buffer overflow. Thanks to Marek Kroemeke

working with HP's Zero Day Initiative for reporting this.

* include/scoreboard.h: Add ap_copy_scoreboard_worker.

* server/scoreboard.c (ap_copy_scoreboard_worker): New function.

* modules/generators/mod_status.c (status_handler): Use it.

* modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise.

Reviewed by: trawick, jorton, covener, jim

Submitted by: jorton, covener

  1. … 4 more files in changeset.
Have static analyser tool happy.

Point 2 of PR 54936

save a apr_time_now() call for every request.
core: Respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR for the

scoreboard (ScoreBoardFile).

  1. … 4 more files in changeset.
Revert r1294936 (Jeff's revert) and fix NetWare / Win32 build.

Added the missing AP_DECLARE* decorations for the function

implementations and variables.

  1. … 5 more files in changeset.
Add the port number to the vhost's name in the scoreboard

  1. … 1 more file in changeset.
SECURITY (CVE-2012-0031): Fix possible crash on shutdown if a child

changes the sb_type field in the scoreboard. Since unprivileged

children should not be able to affect the parent in this way, this is

treated as a Low severity security issue.

Thanks to "halfdog" <me> for reporting this issue.

* include/scoreboard.h (global_score): Remove sb_type field.

* include/ap_mmn.h: Bump MMN for above.

* server/scoreboard.c (ap_cleanup_scoreboard, ap_create_scoreboard):

Use a static global to store store the scoreboard type.

  1. … 2 more files in changeset.
Add lots of unique tags to error log messages

  1. … 172 more files in changeset.
More cleanup: Expand tabs and some more indentation fixes

No functional change

  1. … 50 more files in changeset.