httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cliff Skolnick <>
Subject WWW Form Bug Report: "SegV in mod_digest" on Solaris 2.x (fwd)
Date Wed, 01 May 1996 21:53:00 GMT

sounds like a real bug to ack has been sent.

Cliff Skolnick                            

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- Benjamin Franklin, 1759

---------- Forwarded message ----------
Date: Wed May 1 14:48:37 1996
Subject: WWW Form Bug Report: "SegV in mod_digest" on Solaris 2.x

Operating system: Solaris 2.x, version: 
Version of Apache Used: 
Extra Modules used: mod_digest
URL exhibiting problem: 

Core dump of the server when acessing a page where a .htaccess file is present.
it looks like the mod_digest code is not doing any checkes for whether a certain mime header
is actually present.
it just goes ahead and tries to take the strlen of the header and of course if the header
is not present it will try to take the strlen of a null string andf crash.

I think the mod_digest stuff is enabled in the configuration files by defaults.  It should
at lease be commented out by default and marked as experimental.


Program received signal SIGSEGV, Segmentation fault.
0xef5a2e2c in strlen ()
(gdb) where
#0  0xef5a2e2c in strlen ()
#1  0x3e4a8 in get_digest_rec (r=0x66c50, response=0x5f7b0) at mod_digest.c:124
#2  0x3eb94 in authenticate_digest_user (r=0x66c50) at mod_digest.c:265
#3  0x1e02c in run_method (r=0x66c50, offset=44, run_all=0)
    at http_config.c:224
#4  0x1e1c8 in check_user_id (r=0x66c50) at http_config.c:260
#5  0x212ac in process_request_internal (r=0x66c50) at http_request.c:713
#6  0x213e4 in process_request (r=0x66c50) at http_request.c:740
#7  0x1a92c in child_main (child_num_arg=0) at http_main.c:1176
#8  0x1aabc in make_child (server_conf=0x5ca50, child_num=0)
    at http_main.c:1211
#9  0x1b148 in standalone_main (argc=6, argv=0xeffffdac) at http_main.c:1350
#10 0x1b478 in main (argc=6, argv=0xeffffdac) at http_main.c:1439
(gdb) p auth_line
No symbol "auth_line" in current context.
(gdb) up
#1  0x3e4a8 in get_digest_rec (r=0x66c50, response=0x5f7b0) at mod_digest.c:124
124       int l = strlen(auth_line);
(gdb) p auth_line
$1 = 0x0
(gdb) quit


View raw message