X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/8618e98eabec2b5677698daa631f195cae92c30b..040047ef04833541ea55ddf0285f940bf268d9b8:/package/uhttpd/src/uhttpd-cgi.c?ds=inline diff --git a/package/uhttpd/src/uhttpd-cgi.c b/package/uhttpd/src/uhttpd-cgi.c index 8c17251b3..ed688514c 100644 --- a/package/uhttpd/src/uhttpd-cgi.c +++ b/package/uhttpd/src/uhttpd-cgi.c @@ -157,6 +157,8 @@ void uh_cgi_request( fd_set reader; fd_set writer; + sigset_t ss; + struct sigaction sa; struct timeval timeout; struct http_response *res; @@ -187,6 +189,10 @@ void uh_cgi_request( /* exec child */ case 0: + /* unblock signals */ + sigemptyset(&ss); + sigprocmask(SIG_SETMASK, &ss, NULL); + /* restore SIGTERM */ sa.sa_flags = 0; sa.sa_handler = SIG_DFL; @@ -201,6 +207,10 @@ void uh_cgi_request( dup2(rfd[1], 1); dup2(wfd[0], 0); + /* avoid leaking our pipe into child-child processes */ + fd_cloexec(rfd[1]); + fd_cloexec(wfd[0]); + /* check for regular, world-executable file _or_ interpreter */ if( ((pi->stat.st_mode & S_IFREG) && (pi->stat.st_mode & S_IXOTH)) || (ip != NULL)