kern/138999: [libc] lighttpd/php-cgi with freebsd sendfile(2)
enabled causing kernel to not reenter userland
Jacob Myers
jacob at whotookspaz.org
Thu Sep 24 10:30:10 UTC 2009
The following reply was made to PR kern/138999; it has been noted by GNATS.
From: Jacob Myers <jacob at whotookspaz.org>
To: bug-followup at FreeBSD.org, jacob at whotookspaz.org
Cc:
Subject: Re: kern/138999: [libc] lighttpd/php-cgi with freebsd sendfile(2)
enabled causing kernel to not reenter userland
Date: Thu, 24 Sep 2009 05:51:38 -0400
This is a multi-part message in MIME format.
--------------040709090100010605060305
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Er, whoops.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.13 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKu0EoAAoJEA933foYakKkoi0P/0eZ3z9frqhqacfcgwJEtXro
6e+cVyqdUp4LsQuh4198jrhuA6IXxAHVUB6JP5wkThA7ml0h5Jwd4w/LV2fPlFvC
F8rYxyLZvrHenUWJoJELyZLt5B4P6QgwLD6+l1nyW6vE4IZZmnfqX9nqbE101xq8
tBcx1THXWAGgd+nrswDfKv5Y7QPzMjdCGA5vfnCQ9TQREoqgvCz0kuWKfHE3SpFc
Pg2d/fyUwHNXOqJbU2N+HLqht+MT5wL/SAitDd5h4sUUtzi9cQ3h1niHwed+ctTP
evsek0wdmfaVcdURNtLGYDos7OAszdVF2yKZO+I2IYiOhDZnGtVrLxM1BPYIcT7R
xnUzIw5/A/u3raNpfkmHKbZkqOLZhu4IqFWmdLUjzKo/LvNoEMsIwIU7Zdcxro7s
gYo5hGw9y2TNBQVOuZLC1/UN6vvAM7/MwL/AdVmP1wbyShg3t6n3pez/o95fy/Iq
4uTqYqQFgbFAZtURXnVm/0x5TjZJKvlSUcE7ckzRhzNOifaO4mEyEIHIPd0EIkdd
qqzQ2OGnAUFXkRqCj15CIDx/qLo5O0jhmy9cCBX/BO4AVwvBXEdPMLl2x9IBTizr
N5QIvEPUY3X9LNZgE5jcbt1hnSq1fmurkfX/ECJ1i4NAv4NhWLGEmeEwrWRtUIin
DzvqkA+brIyLdZKGTmq0
=X+6G
-----END PGP SIGNATURE-----
--------------040709090100010605060305
Content-Type: text/plain;
name="sendfile.sh"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="sendfile.sh"
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# sendfile/lighttpd.conf
# sendfile/upload.php
# sendfile/uploader.php
#
echo x - sendfile/lighttpd.conf
sed 's/^X//' >sendfile/lighttpd.conf << '13d6c5353933d78bbe99686dc1205d95'
Xserver.modules = ( "mod_access",
X "mod_fastcgi")
X
Xserver.document-root = "/usr/local/www/default/"
Xserver.errorlog = "/var/log/lighttpd/default/error.log"
X
Xindex-file.names = ( "index.php", "index.html",
X "index.htm", "default.htm" )
X
Xserver.event-handler = "freebsd-kqueue"
Xserver.network-backend = "freebsd-sendfile"
X
Xmimetype.assign = (
X ".pdf" => "application/pdf",
X ".sig" => "application/pgp-signature",
X ".spl" => "application/futuresplash",
X ".class" => "application/octet-stream",
X ".ps" => "application/postscript",
X ".torrent" => "application/x-bittorrent",
X ".dvi" => "application/x-dvi",
X ".gz" => "application/x-gzip",
X ".pac" => "application/x-ns-proxy-autoconfig",
X ".swf" => "application/x-shockwave-flash",
X ".tar.gz" => "application/x-tgz",
X ".tgz" => "application/x-tgz",
X ".tar" => "application/x-tar",
X ".zip" => "application/zip",
X ".mp3" => "audio/mpeg",
X ".m3u" => "audio/x-mpegurl",
X ".wma" => "audio/x-ms-wma",
X ".wax" => "audio/x-ms-wax",
X ".ogg" => "application/ogg",
X ".wav" => "audio/x-wav",
X ".gif" => "image/gif",
X ".jar" => "application/x-java-archive",
X ".jpg" => "image/jpeg",
X ".jpeg" => "image/jpeg",
X ".png" => "image/png",
X ".xbm" => "image/x-xbitmap",
X ".xpm" => "image/x-xpixmap",
X ".xwd" => "image/x-xwindowdump",
X ".css" => "text/css",
X ".html" => "text/html",
X ".htm" => "text/html",
X ".js" => "text/javascript",
X ".asc" => "text/plain",
X ".c" => "text/plain",
X ".cpp" => "text/plain",
X ".log" => "text/plain",
X ".conf" => "text/plain",
X ".text" => "text/plain",
X ".txt" => "text/plain",
X ".diff" => "text/plain",
X ".patch" => "text/plain",
X ".dtd" => "text/xml",
X ".xml" => "text/xml",
X ".mpeg" => "video/mpeg",
X ".mpg" => "video/mpeg",
X ".mov" => "video/quicktime",
X ".qt" => "video/quicktime",
X ".avi" => "video/x-msvideo",
X ".asf" => "video/x-ms-asf",
X ".asx" => "video/x-ms-asf",
X ".wmv" => "video/x-ms-wmv",
X ".bz2" => "application/x-bzip",
X ".tbz" => "application/x-bzip-compressed-tar",
X ".tar.bz2" => "application/x-bzip-compressed-tar",
X # default mime type
X "" => "application/octet-stream",
X )
X
Xmimetype.use-xattr = "enable"
X
Xaccesslog.filename = "/var/log/lighttpd/default/access.log"
X
Xstatic-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
X
Xserver.pid-file = "/var/run/lighttpd.pid"
X
Xserver.username = "www"
Xserver.groupname = "www"
X
Xfastcgi.server = ( ".php" =>
X ( "localhost" =>
X (
X "socket" => "/var/run/lighttpd/php-fastcgi.socket",
X "bin-path" => "/usr/local/bin/php-cgi",
X "max-procs" => 2
X )
X )
X )
X
X
Xserver.stat-cache-engine = "fam"
X
Xserver.use-ipv6 = "enable"
X$SERVER["socket"] == "0.0.0.0:80" { }
13d6c5353933d78bbe99686dc1205d95
echo x - sendfile/upload.php
sed 's/^X//' >sendfile/upload.php << '5519f8f464a953c27a762163cfade428'
X<html>
X <title>Upload thingy</title>
X </head>
X
X <body>
X <div id="container">
X <div id="mainbody">
X <br />
X <form enctype="multipart/form-data" action="uploader.php" method="POST">
X <h2>Choose a flash thingy to upload:</h2>
X <br />
X <input name="uploadedfile" type="file"/><br />
X <input type="submit" value="Upload"/>
X </form>
X </div>
X </div>
X </body>
X</html>
X
5519f8f464a953c27a762163cfade428
echo x - sendfile/uploader.php
sed 's/^X//' >sendfile/uploader.php << 'fe7d407dda27de3d9cfe521e27e7a469'
X<html>
X <head>
X <title>Upload!</title>
X </head>
X
X <body>
X <div id="container">
X <div id="mainbody">
X <br />
X<?php
X function verify_file()
X {
X // Do we even have a file?
X if ($_FILES['uploadedfile'] == NULL)
X {
X return "No file!";
X }
X
X if ($_FILES['uploadedfile']['size'] < 1048576)
X {
X return "It's not big enough to trigger the bug";
X }
X
X // Where the file is going to be placed
X $target_path = "junk/";
X
X // Add the original filename to our target path.
X $target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
X
X if (file_exists($target_path))
X {
X return "This file already exists.";
X }
X
X if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path))
X {
X return "The file ". basename( $_FILES['uploadedfile']['name']).
X " has been uploaded";
X }
X else
X {
X return "There was an error uploading the file.";
X }
X }
X
X $rvalue = verify_file();
X echo " <h2>$rvalue</h2>\n";
X?>
X </div>
X </div>
X </body>
X</html>
X
fe7d407dda27de3d9cfe521e27e7a469
exit
--------------040709090100010605060305--
More information about the freebsd-net
mailing list