Description: Stops CGI scripts outputting stderr to client
 which is not compliant with CGI RFC.
Author: Alexandru Mihail, alexandru.mihail2897@gmail.com
Origin: maintainer
Last-Update: 2024-06-19
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/mini_httpd.c
+++ b/mini_httpd.c
@@ -1945,6 +1945,19 @@
 #else /* HAVE_SIGSET */
     (void) signal( SIGPIPE, SIG_DFL );
 #endif /* HAVE_SIGSET */
+    /*
+    **  Kill CGI output from /dev/stderr, which would not follow CGI spec ( #437932 )
+    **  Inspired by similar thttpd/2.25b-11/debian/patches/12-cgi-ignores-stderr.dpatch (thttpd is unmaintained now)
+    */
+    {
+      int tmpfd = open("/dev/null", O_RDWR);
+
+      if ( tmpfd != -1 ) {
+        close(STDERR_FILENO);
+        dup2(tmpfd, STDERR_FILENO);
+        close(tmpfd);
+      }
+    }
 
     /* Run the program. */
     (void) execve( binary, argp, envp );
