bug in /etc/init.d/thttpd script
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
thttpd (Debian) |
Fix Released
|
Unknown
|
|||
thttpd (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: thttpd
The script checks for already running thttpd daemon using this idiom:
PID=`cat $PIDFILE`
if ps ax | grep -q "^$PID"; then
This works only if the PID number starts at first column in "ps ax"
output. This, however, is not always the case depending on the longest
PID number in the output there are leading spaces front of the shorter
PID numbers. Like this:
...
2874 ? Ss 0:00 /usr/sbin/thttpd
...
32457 pts/1 S 0:00 /bin/zsh
...
Under these circumstances the script does not function properly since
cannot determine running status correctly.
To fix the problem, modify all "grep line" as shown below:
if ps ax | grep -q "^ *$PID"; then
Note the space between ^ and *.
I have not checked if any other script uses this idiom.
The bug can be a minor security risk....
This web interface sucks. Is there any way to communicate with you guys
by good old fashioned email? Or at least upload the description as a
text file, so the reporter can use a decent editor.
Regards,
Peter
Changed in thttpd: | |
status: | New → Confirmed |
Changed in thttpd (Debian): | |
status: | Unknown → Fix Released |
Oops, the correct fix must have one more space after PID:
if ps ax | grep -q "^ *$PID "; then
Peter