httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@organic.com>
Subject Re: WWW Form Bug Report: "httpd dumps core in mod_include module" on Solaris 2.x (fwd)
Date Tue, 10 Dec 1996 01:24:46 GMT

Could someone familiar with pfclose fix the bugs noted below if they're real?
Thanks.

	Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com  www.apache.org  hyperreal.com  http://www.organic.com/JOBS

---------- Forwarded message ----------
Date: Mon, 9 Dec 1996 12:09:33 +0300 (MSK)
From: Andrew Vasilyev <andy@kremvax.demos.su>
Reply-To: andy@demos.su
To: Brian Behlendorf <brian@organic.com>
Subject: Re: WWW Form Bug Report: "httpd dumps core in mod_include module" on Solaris 2.x

> Andy, could you provide a situation where this was causing core dumps, so we

  There is one problem: when I saw those cores in October on our _busy_
  server with several dozens virtual servers (and administrators :)),
  I've checked them and found the place. But now it is hard to
  put experiments on the working facility, and in usual conditions I
  failed to emulate this bug, but you can see that find_string() is called
  with NULL as the last argument 2 times (in send_parsed_content()) both
  for error conditions. And then we see r->pool in find_string(), where r == NULL!
  But when you try to access memory 0x0+several_bytes under Solaris,
  system kills you :((

> can test out whether this actually fixes a problem?  I see other places in the
> code where arguments to pfclose aren't checked, so I'm just curious as to why
> this would cause problems...

  Hm-m, probably you are right, but is it better to check the pointer
  and escape from dumping core sometimes somewhere? :))) And when I've add
  several extra checks to your code, I sleep better now - with no cores :)))
________
	ANDY

> 	Brian
> 
> > andy@demos.net wrote:
> > >
> > >Submitter: andy@demos.net
> > >Operating system: Solaris 2.x, version: 
> > >Version of Apache Used: 1.1.1 and 1.2b1
> > >Extra Modules used: mod_status
> > >URL exhibiting problem: 
> > >
> > >Symptoms:
> > >--
> > > I've already reported this problem in 1.1.1 when 
> > >pfclose() is called with invalid argument, but the
> > >bug is still here :(((
> > >
> > >Here is a patch:
> > >
> > >*** mod_include.c.orig  Wed Dec  4 18:59:38 1996
> > >--- mod_include.c       Wed Dec  4 19:01:14 1996
> > >***************
> > >*** 122,128 ****
> > >   { \
> > >     int i = getc(f); \
> > >     if(feof(f) || ferror(f) || (i == -1)) { \
> > >!         pfclose(p,f); \
> > >          return r; \
> > >     } \
> > >     c = (char)i; \
> > >--- 122,128 ----
> > >   { \
> > >     int i = getc(f); \
> > >     if(feof(f) || ferror(f) || (i == -1)) { \
> > >!       if(p) pfclose(p, f); else fclose(f); \
> > >          return r; \
> > >     } \
> > >     c = (char)i; \
> > >***************
> > >*** 140,146 ****
> > >  
> > >      p=0;
> > >      while(1) {
> > >!         GET_CHAR(in,c,1,r->pool);
> > >          if(c == str[p]) {
> > >              if((++p) == l)
> > >                  return 0;
> > >--- 140,146 ----
> > >  
> > >      p=0;
> > >      while(1) {
> > >!       GET_CHAR(in,c,1,r?r->pool:NULL);
> > >          if(c == str[p]) {
> > >              if((++p) == l)
> > >                  return 0;
> 
> --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
> brian@organic.com  www.apache.org  hyperreal.com  http://www.organic.com/JOBS
> 
> 



Mime
View raw message