diff options
-rwxr-xr-x | buglist.cgi | 6 | ||||
-rw-r--r-- | globals.pl | 6 |
2 files changed, 12 insertions, 0 deletions
diff --git a/buglist.cgi b/buglist.cgi index 747fab520..ff31feb1f 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -1321,6 +1321,12 @@ ReconnectToShadowDatabase(); # to avoid "table out of space" errors on MySQL versions less than 3.23.2. SendSQL("SET OPTION SQL_BIG_TABLES=1") if Param('expectbigqueries'); +# Normally, we ignore SIGTERM and SIGPIPE (see globals.pl) but we need to +# respond to them here to prevent someone DOSing us by reloading a query +# a large number of times. +$::SIG{TERM} = 'DEFAULT'; +$::SIG{PIPE} = 'DEFAULT'; + # Execute the query. SendSQL($query); diff --git a/globals.pl b/globals.pl index cac9669a5..2b35a45cc 100644 --- a/globals.pl +++ b/globals.pl @@ -91,6 +91,12 @@ delete @::ENV{'PATH', 'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; # system call $::ENV{'PATH'} = ''; +# Ignore SIGTERM and SIGPIPE - this prevents DB corruption. If the user closes +# their browser window while a script is running, the webserver sends these +# signals, and we don't want to die half way through a write. +$::SIG{TERM} = 'IGNORE'; +$::SIG{PIPE} = 'IGNORE'; + # Contains the version string for the current running Bugzilla. $::param{'version'} = '2.15'; |