diff --git a/apache2/modsecurity.c b/apache2/modsecurity.c index db1732f8f..f8a78abac 100644 --- a/apache2/modsecurity.c +++ b/apache2/modsecurity.c @@ -129,12 +129,20 @@ msc_engine *modsecurity_create(apr_pool_t *mp, int processing_mode) { */ int modsecurity_init(msc_engine *msce, apr_pool_t *mp) { apr_status_t rc; - apr_file_t *auditlog_lock_name; - apr_file_t *geo_lock_name; - apr_file_t *dbm_lock_name; - + apr_file_t *auditlog_lock_file = NULL; + apr_file_t *geo_lock_file = NULL; + apr_file_t *dbm_lock_file = NULL; + const char *temp_dir = NULL; + char *temp_path_template = NULL; + const char *temp_file; + + // get temp path suitable for writing + rc = apr_temp_dir_get(&temp_dir, mp); + if (rc != APR_SUCCESS) { + return -1; + } // use temp path template for lock files - char *path = apr_pstrcat(p, temp_dir, "/modsec-lock-tmp.XXXXXX", NULL); + temp_path_template = apr_pstrcat(mp, temp_dir, "/modsec-lock-tmp.XXXXXX", NULL); msce->auditlog_lock = msce->geo_lock = NULL; #ifdef GLOBAL_COLLECTION_LOCK @@ -152,11 +160,15 @@ int modsecurity_init(msc_engine *msce, apr_pool_t *mp) { curl_global_init(CURL_GLOBAL_ALL); #endif /* Serial audit log mutext */ - rc = apr_file_mktemp(&auditlog_lock_name, path, 0, p) + rc = apr_file_mktemp(&auditlog_lock_file, temp_path_template, 0, mp); if (rc != APR_SUCCESS) { - return -1 + return -1; + } + rc = apr_file_name_get(&temp_file, auditlog_lock_file); + if (rc != APR_SUCCESS) { + return -1; } - rc = apr_global_mutex_create(&msce->auditlog_lock, auditlog_lock_name, APR_LOCK_DEFAULT, mp); + rc = apr_global_mutex_create(&msce->auditlog_lock, temp_file, APR_LOCK_DEFAULT, mp); if (rc != APR_SUCCESS) { return -1; } @@ -175,11 +187,15 @@ int modsecurity_init(msc_engine *msce, apr_pool_t *mp) { } #endif /* SET_MUTEX_PERMS */ - rc = apr_file_mktemp(&geo_lock_name, path, 0, p) + rc = apr_file_mktemp(&geo_lock_file, temp_path_template, 0, mp); if (rc != APR_SUCCESS) { - return -1 + return -1; + } + rc = apr_file_name_get(&temp_file, geo_lock_file); + if (rc != APR_SUCCESS) { + return -1; } - rc = apr_global_mutex_create(&msce->geo_lock, geo_lock_name, APR_LOCK_DEFAULT, mp); + rc = apr_global_mutex_create(&msce->geo_lock, temp_file, APR_LOCK_DEFAULT, mp); if (rc != APR_SUCCESS) { return -1; } @@ -196,11 +212,15 @@ int modsecurity_init(msc_engine *msce, apr_pool_t *mp) { #endif /* SET_MUTEX_PERMS */ #ifdef GLOBAL_COLLECTION_LOCK - rc = apr_file_mktemp(&dbm_lock_name, path, 0, p) + rc = apr_file_mktemp(&dbm_lock_file, temp_path_template, 0, mp); if (rc != APR_SUCCESS) { - return -1 + return -1; + } + rc = apr_file_name_get(&temp_file, dbm_lock_file); + if (rc != APR_SUCCESS) { + return -1; } - rc = apr_global_mutex_create(&msce->dbm_lock, dbm_lock_name, APR_LOCK_DEFAULT, mp); + rc = apr_global_mutex_create(&msce->dbm_lock, temp_file, APR_LOCK_DEFAULT, mp); if (rc != APR_SUCCESS) { return -1; } diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h index 8e1880edc..a12133f9e 100644 --- a/apache2/modsecurity.h +++ b/apache2/modsecurity.h @@ -52,6 +52,7 @@ typedef struct msc_parm msc_parm; #include "apr_md5.h" #include "apr_strings.h" #include "apr_hash.h" +#include "apr_file_io.h" #include "httpd.h" #include "http_config.h" #include "http_log.h" @@ -135,10 +136,10 @@ typedef struct msc_parm msc_parm; #define FATAL_ERROR "ModSecurity: Fatal error (memory allocation or unexpected internal error)!" -static char auditlog_lock_name[L_tmpnam]; -static char geo_lock_name[L_tmpnam]; +static char auditlog_lock_name[APR_PATH_MAX]; +static char geo_lock_name[APR_PATH_MAX]; #ifdef GLOBAL_COLLECTION_LOCK -static char dbm_lock_name[L_tmpnam]; +static char dbm_lock_name[APR_PATH_MAX]; #endif extern DSOLOCAL char *new_server_signature;