httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 49246] New: httpd/mod_cache segfaults on pathless request
Date Tue, 04 May 2010 13:20:00 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=49246

           Summary: httpd/mod_cache segfaults on pathless request
           Product: Apache httpd-2
           Version: 2.2.15
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: mod_cache
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: mark@markdrayton.info


When configured with a virtual host, caching and a non-empty
CacheIgnoreURLSessionIdentifiers parameter httpd segfaults on requests with no
path. Configuration:

NameVirtualHost *:80
<VirtualHost *:80>
  ServerName www.example.com
  CacheEnable disk /
  CacheRoot /tmp/cache-root
  CacheDefaultExpire 86400
  CacheIgnoreURLSessionIdentifiers cachebuster
</VirtualHost>

Test:

host:~ tail -0f logs/error_log &
[1] 7637
host:~ (echo "GET http://www.example.com HTTP/1.0"; echo) | nc localhost 80
[Tue May 04 14:12:47 2010] [notice] child pid 7617 exit signal Segmentation
fault (11)

GDB:

(gdb) b ap_process_request
Breakpoint 1 at 0x44d4ac: file http_request.c, line 276.
(gdb) run -X -d /usr/local/apache2
Starting program: /usr/local/apache2/bin/httpd -X -d /usr/local/apache2
[Thread debugging using libthread_db enabled]
[New Thread 0x2b6659641860 (LWP 12669)]

Breakpoint 1, ap_process_request (r=0xd694558) at http_request.c:276
276        if (ap_extended_status)
(gdb) n
278        access_status = ap_run_quick_handler(r, 0);  /* Not a look-up
request */
(gdb) n

Program received signal SIGSEGV, Segmentation fault.
0x0000003e06678fe0 in strchr () from /lib64/libc.so.6
(gdb) bt
#0  0x0000003e06678fe0 in strchr () from /lib64/libc.so.6
#1  0x0000003e06679ade in strrchr () from /lib64/libc.so.6
#2  0x00002b665b066f7f in cache_generate_key_default (r=0xd694558, p=0xd6944e8,
key=0x7fff521544d8) at cache_storage.c:498
#3  0x00002b665b0666c8 in cache_select (r=0xd694558) at cache_storage.c:192
#4  0x00002b665b0638ae in cache_url_handler (r=0xd694558, lookup=0) at
mod_cache.c:112
#5  0x000000000043ba0e in ap_run_quick_handler (r=0xd694558, lookup=0) at
config.c:160
#6  0x000000000044d4e0 in ap_process_request (r=0xd694558) at
http_request.c:278
#7  0x000000000044a049 in ap_process_http_connection (c=0xd68e5b8) at
http_core.c:190
#8  0x000000000044500e in ap_run_process_connection (c=0xd68e5b8) at
connection.c:43
#9  0x0000000000445448 in ap_process_connection (c=0xd68e5b8, csd=0xd68e3c8) at
connection.c:178
#10 0x0000000000454089 in child_main (child_num_arg=0) at prefork.c:662
#11 0x000000000045416c in make_child (s=0xd5b3dd8, slot=0) at prefork.c:702
#12 0x0000000000454701 in ap_mpm_run (_pconf=0xd5ac6c8, plog=0xd5de858,
s=0xd5b3dd8) at prefork.c:978
#13 0x00000000004220ef in main (argc=4, argv=0x7fff52154a78) at main.c:740

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message