Ticket #1289 (closed defect: fixed)

Opened 9 months ago

Last modified 6 months ago

lighttpd runs in endless loop on FreeBSD

Reported by: moo Assigned to: jan
Priority: normal Milestone: 1.4.17
Component: core Version: 1.4.15
Severity: normal Keywords:
Cc: wosch@freebsd.org Blocking:
Need Feedback: 0

Description

lighttpd runs in endless loop on FreeBSD if a file was shrinked.

There are several programming errors in branches/lighttpd-1.4.x/src/network_freebsd_sendfile.c

First, in line 152 is an off-by-one: 

if (offset > sce->st.st_size) {
[ code deleted to pass the broken Akismet filter ]
    return -1;
}

it should be 

offset >= sce->st.st_size

it does not make sense to open a file and read data past end of file.

This is harmless, sendfile(2) can handle this case: 

     The offset argument specifies where to begin in the file.  Should offset
     fall beyond the end of file, the system will return success and report 0
     bytes sent as described below.

but lighttpd does not check for 0 bytes sent (line 181-187). Now lighttpd runs open/sendfile/close in an endless loop, read & send 0 bytes and used 100% CPU time.

For a fix, see the linux sendfile implementation at src/network_linux_sendfile.c line 177.

Attachments

Change History

08/07/2007 04:46:13 PM changed by moo

  • cc set to wosch@freebsd.org.

reported by wosch@freebsd.org

08/17/2007 10:18:45 PM changed by jan

  • status changed from new to closed.
  • resolution set to fixed.
  • milestone changed from 1.5.0 to 1.4.17.

[1933] takes the code from the linux-sendfile handler as suggested.

08/17/2007 10:22:41 PM changed by jan

[1934] fixes it for 1.5.x

Add/Change #1289 (lighttpd runs in endless loop on FreeBSD)




Change Properties
Action