r4995 - trunk/varnish-cache/bin/varnishd
phk at varnish-cache.org
phk at varnish-cache.org
Sat Jul 3 11:04:57 CEST 2010
Author: phk
Date: 2010-07-03 11:04:57 +0200 (Sat, 03 Jul 2010)
New Revision: 4995
Modified:
trunk/varnish-cache/bin/varnishd/mgt_vcc.c
Log:
Move the dlopen/dlsym/dlclose check of newly compiled VCL code to
a sub process, to make contamination of the MGR process impossible.
Modified: trunk/varnish-cache/bin/varnishd/mgt_vcc.c
===================================================================
--- trunk/varnish-cache/bin/varnishd/mgt_vcc.c 2010-06-30 12:55:57 UTC (rev 4994)
+++ trunk/varnish-cache/bin/varnishd/mgt_vcc.c 2010-07-03 09:04:57 UTC (rev 4995)
@@ -55,6 +55,7 @@
#include "mgt_cli.h"
#include "heritage.h"
+#include "vcl.h"
#include "vss.h"
struct vclprog {
@@ -124,16 +125,6 @@
}
/*--------------------------------------------------------------------
- * Invoke system C compiler in a sub-process
- */
-
-static void
-run_cc(void *priv)
-{
- (void)execl("/bin/sh", "/bin/sh", "-c", priv, NULL);
-}
-
-/*--------------------------------------------------------------------
* Invoke system VCC compiler in a sub-process
*/
@@ -168,7 +159,6 @@
fprintf(stderr, "Cannot open %s", vp->sf);
exit (1);
}
- mgt_got_fd(fd);
l = strlen(csrc);
i = write(fd, csrc, l);
if (i != l) {
@@ -181,6 +171,57 @@
}
/*--------------------------------------------------------------------
+ * Invoke system C compiler in a sub-process
+ */
+
+static void
+run_cc(void *priv)
+{
+ (void)execl("/bin/sh", "/bin/sh", "-c", priv, NULL);
+}
+
+/*--------------------------------------------------------------------
+ * Attempt to open compiled VCL in a sub-process
+ */
+
+static void
+run_dlopen(void *priv)
+{
+ const char *of;
+ void *dlh;
+ struct VCL_conf const *cnf;
+
+ of = priv;
+
+ /* Try to load the object into the management process */
+ if ((dlh = dlopen(of, RTLD_NOW | RTLD_LOCAL)) == NULL) {
+ fprintf(stderr,
+ "Compiled VCL program failed to load:\n %s\n",
+ dlerror());
+ exit(1);
+ }
+
+ cnf = dlsym(dlh, "VCL_conf");
+ if (cnf == NULL) {
+ fprintf(stderr, "Compiled VCL program, metadata not found\n");
+ exit(1);
+ }
+
+ if (cnf->magic != VCL_CONF_MAGIC) {
+ fprintf(stderr, "Compiled VCL program, mangled metadata\n");
+ exit(1);
+ }
+
+ if (dlclose(dlh)) {
+ fprintf(stderr,
+ "Compiled VCL program failed to unload:\n %s\n",
+ dlerror());
+ exit(1);
+ }
+ exit(0);
+}
+
+/*--------------------------------------------------------------------
* Compile a VCL program, return shared object, errors in sb.
*/
@@ -193,7 +234,6 @@
char of[sizeof sf + 1];
char *retval;
int sfd, i;
- void *dlh;
struct vcc_priv vp;
/* Create temporary C source file */
@@ -235,25 +275,14 @@
(void)unlink(sf);
vsb_delete(cmdsb);
+ if (!i)
+ i = SUB_run(sb, run_dlopen, of, "dlopen", 10);
+
if (i) {
(void)unlink(of);
return (NULL);
}
- /* Try to load the object into the management process */
- if ((dlh = dlopen(of, RTLD_NOW | RTLD_LOCAL)) == NULL) {
- vsb_printf(sb,
- "Compiled VCL program failed to load:\n %s", dlerror());
- (void)unlink(of);
- return (NULL);
- }
-
- /*
- * XXX: we should look up and check the handle in the loaded
- * object
- */
-
- AZ(dlclose(dlh));
retval = strdup(of);
XXXAN(retval);
return (retval);
More information about the varnish-commit
mailing list