> > #0 0x75c50 in ap_bgetopt (fb=0x2020346b, optname=1, optval=0x169e60) at buff.c:407
> ^^^^^^^^^^
> ASCII: " 4k"
Ah, nice catch. The 0x20's should have tipped this off for me.
> Hmmm. Is that the current source? There was a bug in the ap_vformatter
> stuff (ap/ap_snprintf.c) until 98/05/11 10:49:21. It would essentially
> lead to a memory overwrite like the one you observe here. I was lucky
> to find a constellation where *every* request dumped core, so I could
> nail down enough clues.
> My guess is that the connection structure contains valid values initially,
> but the ->client pointer is overwritten later on.
I was last able to do a cvs update on May 20th. Right now there is
something broken on the cvs server at Apache.org. I have been trying to
find a request that will consistently crash the server, but it isn't
happening. Not sure what sort of magic mumbo I need here to get it to do
it.
-Rasmus
|