diff options
Diffstat (limited to 'uhttpd-cgi.c')
| -rw-r--r-- | uhttpd-cgi.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/uhttpd-cgi.c b/uhttpd-cgi.c index 8c17251..ed68851 100644 --- a/uhttpd-cgi.c +++ b/uhttpd-cgi.c @@ -157,6 +157,8 @@ void uh_cgi_request( fd_set reader; fd_set writer; + sigset_t ss; + struct sigaction sa; struct timeval timeout; struct http_response *res; @@ -187,6 +189,10 @@ void uh_cgi_request( /* exec child */ case 0: + /* unblock signals */ + sigemptyset(&ss); + sigprocmask(SIG_SETMASK, &ss, NULL); + /* restore SIGTERM */ sa.sa_flags = 0; sa.sa_handler = SIG_DFL; @@ -201,6 +207,10 @@ void uh_cgi_request( dup2(rfd[1], 1); dup2(wfd[0], 0); + /* avoid leaking our pipe into child-child processes */ + fd_cloexec(rfd[1]); + fd_cloexec(wfd[0]); + /* check for regular, world-executable file _or_ interpreter */ if( ((pi->stat.st_mode & S_IFREG) && (pi->stat.st_mode & S_IXOTH)) || (ip != NULL) |