--- embedaddon/lighttpd/src/server.c	2013/10/14 10:32:48	1.1.1.1
+++ embedaddon/lighttpd/src/server.c	2014/06/15 20:20:06	1.1.1.2
@@ -172,7 +172,7 @@ static server *server_init(void) {
 	FILE *frandom = NULL;
 
 	server *srv = calloc(1, sizeof(*srv));
-	assert(srv);
+	force_assert(srv);
 #define CLEAN(x) \
 	srv->x = buffer_init();
 
@@ -230,13 +230,13 @@ static server *server_init(void) {
 	srv->startup_ts = srv->cur_ts;
 
 	srv->conns = calloc(1, sizeof(*srv->conns));
-	assert(srv->conns);
+	force_assert(srv->conns);
 
 	srv->joblist = calloc(1, sizeof(*srv->joblist));
-	assert(srv->joblist);
+	force_assert(srv->joblist);
 
 	srv->fdwaitqueue = calloc(1, sizeof(*srv->fdwaitqueue));
-	assert(srv->fdwaitqueue);
+	force_assert(srv->fdwaitqueue);
 
 	srv->srvconf.modules = array_init();
 	srv->srvconf.modules_dir = buffer_init_string(LIBRARY_DIR);
@@ -314,6 +314,9 @@ static void server_free(server *srv) {
 			buffer_free(s->ssl_verifyclient_username);
 #ifdef USE_OPENSSL
 			SSL_CTX_free(s->ssl_ctx);
+			EVP_PKEY_free(s->ssl_pemfile_pkey);
+			X509_free(s->ssl_pemfile_x509);
+			if (NULL != s->ssl_ca_file_cert_names) sk_X509_NAME_pop_free(s->ssl_ca_file_cert_names, X509_NAME_free);
 #endif
 			free(s);
 		}
@@ -817,8 +820,14 @@ int main (int argc, char **argv) {
 		 * to /etc/group
 		 * */
 		if (NULL != grp) {
-			setgid(grp->gr_gid);
-			setgroups(0, NULL);
+			if (-1 == setgid(grp->gr_gid)) {
+				log_error_write(srv, __FILE__, __LINE__, "ss", "setgid failed: ", strerror(errno));
+				return -1;
+			}
+			if (-1 == setgroups(0, NULL)) {
+				log_error_write(srv, __FILE__, __LINE__, "ss", "setgroups failed: ", strerror(errno));
+				return -1;
+			}
 			if (srv->srvconf.username->used) {
 				initgroups(srv->srvconf.username->ptr, grp->gr_gid);
 			}
@@ -841,7 +850,10 @@ int main (int argc, char **argv) {
 #ifdef HAVE_PWD_H
 		/* drop root privs */
 		if (NULL != pwd) {
-			setuid(pwd->pw_uid);
+			if (-1 == setuid(pwd->pw_uid)) {
+				log_error_write(srv, __FILE__, __LINE__, "ss", "setuid failed: ", strerror(errno));
+				return -1;
+			}
 		}
 #endif
 #if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE)
@@ -989,6 +1001,7 @@ int main (int argc, char **argv) {
 	if (pid_fd != -1) {
 		buffer_copy_long(srv->tmp_buf, getpid());
 		buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN("\n"));
+		force_assert(srv->tmp_buf->used > 0);
 		write(pid_fd, srv->tmp_buf->ptr, srv->tmp_buf->used - 1);
 		close(pid_fd);
 		pid_fd = -1;
@@ -1170,18 +1183,17 @@ int main (int argc, char **argv) {
 #ifdef HAVE_FAM_H
 	/* setup FAM */
 	if (srv->srvconf.stat_cache_engine == STAT_CACHE_ENGINE_FAM) {
-		if (0 != FAMOpen2(srv->stat_cache->fam, "lighttpd")) {
+		if (0 != FAMOpen2(&srv->stat_cache->fam, "lighttpd")) {
 			log_error_write(srv, __FILE__, __LINE__, "s",
 					 "could not open a fam connection, dieing.");
 			return -1;
 		}
 #ifdef HAVE_FAMNOEXISTS
-		FAMNoExists(srv->stat_cache->fam);
+		FAMNoExists(&srv->stat_cache->fam);
 #endif
 
-		srv->stat_cache->fam_fcce_ndx = -1;
-		fdevent_register(srv->ev, FAMCONNECTION_GETFD(srv->stat_cache->fam), stat_cache_handle_fdevent, NULL);
-		fdevent_event_set(srv->ev, &(srv->stat_cache->fam_fcce_ndx), FAMCONNECTION_GETFD(srv->stat_cache->fam), FDEVENT_IN);
+		fdevent_register(srv->ev, FAMCONNECTION_GETFD(&srv->stat_cache->fam), stat_cache_handle_fdevent, NULL);
+		fdevent_event_set(srv->ev, &(srv->stat_cache->fam_fcce_ndx), FAMCONNECTION_GETFD(&srv->stat_cache->fam), FDEVENT_IN);
 	}
 #endif