httpd: memory hole in function addEnv() and more

Vladimir N. Oleynik dzo at simtreas.ru
Mon Sep 5 08:26:13 UTC 2005 

Dirk,

> Let's have a look into addEnv() from httpd.c
> 
> static void addEnv(const char *name_before_underline,
>             const char *name_after_underline, const char *value)
> {
>   char *s = NULL;
>   const char *underline;
> 
>   if (!value)
>     value = "";
>   underline = *name_after_underline ? "_" : "";
>   asprintf(&s, "%s%s%s=%s", name_before_underline, underline,
>                     name_after_underline, value);
>   if(s) {
>     putenv(s);
>   }
> }
> 
> ************
> 
> 1.) memory hole
> 
> Them memory alloced by asprintf() is never free'd.
> Solution: insert free(s) behind putenv(s).

No.
man putenv()
see libc incompatibility memory allocated sections.

> 2.) interface of addEnv()
> 
> addEnv() takes 2 parameters for bulding the variable name.
> I have analysed all callings and there is no need (including addEnvPort())
> to have 2 of them. And this makes the function and all callings smaller
> again:
> 
> static void addEnv(const char *name, const char *value)
> {
>   char *s = NULL;
>   asprintf(&s, "%s=%s", name, value ? value : "" );
>   if(s) {
>     putenv(s);
>     free(s);
>   }
> }
> 
> If we use this we need also some modification of addEnvPort()
> 
> static void addEnvPort(const char *name)
> {
>       char buf[16];
> 
>       sprintf(buf, "%u", config->port);
>       addEnv(name, buf);
> }
> 
> and the calls must change from
>       addEnvPort("REMOTE");
> to
>       addEnvPort("REMOTE_PORT");

Is not small. I test it.
"REMOTE_ADDR" + "REMOTE_PORT" have 24 bytes (with \0)
"REMOTE" "ADDR" "PORT" have 14 bytes, and addEnvPort() add
environ with and without "_".


> ************
> 
> 3.) usage of addEnv()
> In some source positions I found callings like
>       addEnv("SERVER",         "PROTOCOL", "HTTP/1.0");
> with 3 string constants.
> I think that we can save memory and cpu time if we change such lines into
>     putenv("SERVER_PROTOCOL=HTTP/1.0");
> 
> ************

See previous point.

> 4.)
> In my opinion it does not make sense:
>       addEnv("PATH",           "",         getenv("PATH"));

??


--w
vodz

More information about the busybox mailing list