Bug 61817

Summary: AuthLDAPBindPassword exec: directive (ap_get_exec_line()) creates defunct/zombie
Product: Apache httpd-2 Reporter: tutimura <tutimura>
Component: mod_authz_ldapAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: NEW ---    
Severity: normal Keywords: PatchAvailable
Priority: P2    
Version: 2.4.29   
Target Milestone: ---   
Hardware: PC   
OS: Linux   
Attachments: patch to server/util.c (ap_get_exec_line)

Description tutimura@nn.iij4u.or.jp 2017-11-25 06:35:10 UTC
Created attachment 35555 [details]
patch to server/util.c (ap_get_exec_line)

ap_get_exec_line() calls apr_file_close(), but it is not enough to terminate the child process; it should call apr_proc_wait().
I'll attach a patch.

This will occur only when we use
AuthLDAPBindPassword exec:/path/to/command/to/echo/password
directive. Thus it is difficult to reproduce.

So I checked my patch with customized server/log.c.
I added last two lines.

void ap_logs_child_init(apr_pool_t *p, server_rec *s)
    read_handle_t *cur = read_handles;

    while (cur) {
        cur = cur->next;
    const char *argv[] = {"dummyXXXX"};  /* added for test */
    ap_get_exec_line(p, "/bin/mktemp", argv);  /* added for test */

We can easily see defunct mktemp without patch. With patch, we don't see.

% ./apachectl start
% ps aux | grep Z
me       19398  0.0  0.0      0     0 ?        Z    14:42   0:00 [mktemp] <defunct>
me       19399  0.0  0.0      0     0 ?        Z    14:42   0:00 [mktemp] <defunct>
me       19400  0.0  0.0      0     0 ?        Z    14:42   0:00 [mktemp] <defunct>
me       19485  0.0  0.0  14860  2184 pts/3    S+   14:42   0:00 grep --color=auto Z

NOTE: Sorry, argv have no effect. I may misunderstand how to use argv.
Comment 1 schlarbm 2020-11-18 11:22:57 UTC
Hi everyone,

we're seeing this problem with 2.4.46-1~bpo10 (Debian Package), too.

I've created a bug report in the Debian Bug tracker to track it there: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975048

Could this patch be included in the upstream code?