httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 12091] New: - Apache 2 httpd-ldap modules crash on Windows on startup
Date Tue, 27 Aug 2002 17:32:36 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12091>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12091

Apache 2 httpd-ldap modules crash on Windows on startup

           Summary: Apache 2 httpd-ldap modules crash on Windows on startup
           Product: Apache httpd-2.0
           Version: 2.0.40
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Critical
          Priority: Other
         Component: Other Modules
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: jessh@ptc.com


The Apache 2 modules in the httpd-ldap sub-project (which should be moved 
into 'experimental' in my opinion and have standard MSVC++ projects created, 
etc -- though I have no vote) crash on Windows 2000 in Apache 2.0.40.

The issue is use of uninitialized memory in util_ldap_cache_init() [in 
util_ldap_cache.c].  This routine declares a variable on stack, 'rmm_lock', and 
passes it to apr_rmm_init() without initializing it.  apr_rmm_init() expects 
this argument to be initialized and causes a later crash on Windows as a result 
of finding random gargly-gook in this structure and interpretting it in such a 
way that does not match the reality of the situation.

My patch (sorry I'm new at this and don't know how to generate proper patches :-
(  ) is to no longer declare this variable and pass NULL to apr_rmm_init() in 
its place -- as apr_rmm_init() can take a NULL for this argument.  This seems 
to work fine on Windows and Solaris -- though I can't get this module to load 
on AIX (no, I've not yet tried the original code....)

The line are (in patch pseudo-syntax):

Lines 293-297:
  apr_status_t util_ldap_cache_init(apr_pool_t *pool, apr_size_t reqsize)
  {
-     apr_anylock_t rmm_lock;

  #if APR_HAS_SHARED_MEMORY

and lines 305-308:
      /* This will create a rmm "handler" to get into the shared memory area */
  -    apr_rmm_init(&util_ldap_rmm, &rmm_lock,
  +    apr_rmm_init(&util_ldap_rmm, NULL,
              (void *)apr_shm_baseaddr_get(util_ldap_shm), reqsize, pool);
  #endif

The only alternative that I see is to add a call to initialize 'rmm_lock', but 
from my brief (and possibly completely wrong) scan of the code it would appear 
that passing null is a more efficient way of accomplishing the same thing.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message