httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lenny Foner <fo...@media.mit.edu>
Subject Serious bug in Apache 1.1.1 "info" module under HP-UX 9.05
Date Fri, 02 Aug 1996 20:25:30 GMT
I just installed Apache 1.1.1 on an HP-UX machine running 9.05.  It
apparently worked fine, except for a serious bug when handling the
"info" module.  For example, if it's configured like this in
access.conf:

    <Location /info>
    SetHandler server-info

    <Limit GET POST>
    order deny,allow
    deny from all
    allow from .media.mit.edu
    </Limit>
    </Location>

...then any fetch of http://blahblahblah/info -does- successfully
fetch the page describing how the server is configured, but it -also-
instantly starts emitting an infinite stream of error messages to the
error log like this:

    [Fri Aug  2 15:49:30 1996] accept: Bad file number
    [Fri Aug  2 15:49:30 1996] - socket error: accept failed

This is absolutely repeatable across server restarts, boots, etc.  I
discovered it when a single access caused the machine to emit 1.2GB of
error messages, until it filled up the root disk and hung the machine.
For example, here's the access log:
    out-of-band.media.mit.edu - - [02/Aug/1996:15:49:30 -0400] "GET /info HTTP/1.0" 200 22056
-
...and the error log:
    [Fri Aug  2 15:49:16 1996] Server configured -- resuming normal operations
    [Fri Aug  2 15:49:30 1996] accept: Bad file number
    [Fri Aug  2 15:49:30 1996] - socket error: accept failed
    [Fri Aug  2 15:49:30 1996] accept: Bad file number
    [Fri Aug  2 15:49:30 1996] - socket error: accept failed
    [Fri Aug  2 15:49:30 1996] accept: Bad file number
    [Fri Aug  2 15:49:30 1996] - socket error: accept failed
    [Fri Aug  2 15:49:30 1996] accept: Bad file number
    [Fri Aug  2 15:49:30 1996] - socket error: accept failed
    [Fri Aug  2 15:49:30 1996] accept: Bad file number
    [Fri Aug  2 15:49:30 1996] - socket error: accept failed
    [Fri Aug  2 15:49:30 1996] accept: Bad file number
    ...forever...

For the moment, I've reconfigured the server by commenting out the
    Module info_module         mod_info.o
line and have commented out the relevant lines in access.conf.  If
you want our complete configuration files, or any other information,
please let me know.  Thanks.

----- End of forwarded message from Lenny Foner -----

-- 
Rob Hartill (robh@imdb.com)
The Internet Movie Database (IMDb)  http://www.imdb.com/
           ...more movie info than you can poke a stick at.

Mime
View raw message