httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ed Korthof ...@organic.com>
Subject [BUG] SEGV in send_error_response
Date Mon, 19 May 1997 23:50:03 GMT
In 'send_error_response', r->err_headers_out is set to NULL.  That's all
well and good, but when mod_log_config tries to log the event, it throws a
SIGSEGV when trying to dereference the NULL pointer.  I'm not sure where
the ideal place to solve this is -- earlier I put in a bit of error
checking in table_get to avoid the SEGV, which is alright, but there may
be other code which relies on r->err_headers_out being a valid pointer. 

I've attached a patch which solves this indirectly as noted above, but I
think it might make more sense to replace r->err_headers_out with an empty
table (via create_table) than to set it to NULL, as is done below.
<shrug>  I dunno; I don't know this section of code well enough to have a
strong opinion one way or another.

Here is the code w/ line numbers, from http_protocol.c, for the fragment
which sets r->err_headers_out to NULL: 

*********
1747        if (!r->assbackwards) {
1748      
1749            /* For all HTTP/1.x responses for which we generate the message,
1750             * we need to avoid inheriting the "normal status" header fields
1751             * that may have been set by the request handler before the
1752             * error or redirect.
1753             */
1754            r->headers_out = r->err_headers_out;
1755            r->err_headers_out = NULL;
1756            r->content_language = NULL;
1757            r->content_languages = NULL;
1758            r->content_encoding = NULL;
1759            r->clength = 0;
1760            r->content_type = "text/html";
*********

And here is debugging information from gdb right after the SEGV is thrown: 

*********
Program received signal SIGSEGV, Segmentation fault.
0x196d8 in table_get (t=0x0, key=0x7b1f0 "Set-Cookie") at alloc.c:562
562         if (key == NULL) return NULL;
(gdb) bt
#0  0x196d8 in table_get (t=0x0, key=0x7b1f0 "Set-Cookie") at alloc.c:562
#1  0x390a4 in log_header_out (r=0x8afe8, a=0x7b1f0 "Set-Cookie")
    at mod_log_config.c:304
#2  0x39754 in process_item (r=0x8afe8, orig=0x8afe8, item=0x7b070)
    at mod_log_config.c:536
#3  0x39814 in config_log_transaction (r=0x8afe8, cls=0x79f20, 
    default_format=0x10) at mod_log_config.c:560
#4  0x3992c in multi_log_transaction (r=0x8afe8) at mod_log_config.c:591
#5  0x1f22c in run_method (r=0x8afe8, offset=68, run_all=1)
    at http_config.c:264
#6  0x1f2f4 in log_transaction (r=0x8afe8) at http_config.c:292
#7  0x22240 in process_request (r=0x8afe8) at http_request.c:1001
#8  0x1c0cc in child_main (child_num_arg=532256) at http_main.c:1956
#9  0x1c220 in make_child (server_conf=0x79848, child_num=1)
    at http_main.c:2023
#10 0x1c938 in standalone_main (argc=-268436936, argv=0x70d90)
    at http_main.c:2302
#11 0x1ce98 in main (argc=4, argv=0xeffffb54) at http_main.c:2492
(gdb) l 557,562
557     char *table_get (const table *t, const char *key)
558     {
559         table_entry *elts = (table_entry *)t->elts;
560         int i;
561     
562         if (key == NULL) return NULL;
(gdb) p t
$1 = (array_header *) 0x0
*********


     -- Ed Korthof        |  Web Server Engineer --
     -- ed@organic.com    |  Organic Online, Inc --
     -- (415) 278-5676    |  Fax: (415) 284-6891 --

Mime
View raw message