Bug 63967 - Missing out-of-memory check in create_process()
Summary: Missing out-of-memory check in create_process()
Status: RESOLVED FIXED
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: Platform (show other bugs)
Version: 2.5-HEAD
Hardware: PC All
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords: FixedInTrunk
Depends on:
Blocks:
 
Reported: 2019-11-27 11:12 UTC by Marc Stern
Modified: 2020-02-24 21:20 UTC (History)
0 users



Attachments
ap_malloc conversion (736 bytes, patch)
2020-02-21 18:25 UTC, Giovanni Bechis
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Marc Stern 2019-11-27 11:12:06 UTC
In create_process() (server/mpm/winnt/mpm_winnt.c), a call to malloc is never checked for success:
>args = malloc((ap_server_conf->process->argc + 1) * sizeof (char*));

We should add a check, like:
if (!args) {
 ap_log_error(APLOG_MARK, APLOG_CRIT, ERROR_NOT_ENOUGH_MEMORY, ap_server_conf, APLOGNO(00XXX)
 "Parent: Cannot allocate memory");
 apr_pool_destroy(ptemp);
 return -1;
}

Same after
>args[0] = malloc(strlen(cmd) + 1);
Comment 1 Giovanni Bechis 2020-02-21 18:25:38 UTC
Created attachment 37034 [details]
ap_malloc conversion

Convert malloc to ap_malloc to have a check.
This should work but I have no Windows build environment to test atm to check.
Comment 2 Marc Stern 2020-02-24 16:07:40 UTC
This builds and runs perfectly under Windows. Thanks
Comment 3 Giovanni Bechis 2020-02-24 21:20:34 UTC
Committed in trunk in r1874470.