httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kris Verbeeck <Kris.Verbe...@ubizen.com>
Subject [PATCH] fixes segfault in mod_cache (2.0.40)
Date Mon, 26 Aug 2002 16:20:15 GMT
Hi,

Someone in our QA team tried the following test:

	telnet <host> 80
	GET https://whatever.html HTTP/1.0

this resulted in a segfault for the child that handled the request.
Agreed, this is not a normal HTTP request, but firing enough of them
will surely DoS the server.

Our apache runs on Sparc/Solaris8 and 'httpd -l' gives:

  Compiled in modules:
    core.c
    mod_access.c
    mod_cache.c
    mod_disk_cache.c
    mod_deflate.c
    mod_jk.c
    mod_log_config.c
    mod_env.c
    mod_setenvif.c
    mod_ssl.c
    prefork.c
    http_core.c
    mod_mime.c
    mod_alias.c

Gdb told me that there was a null ppinter dereference in
ap_cache_get_cache_type when it tried to compare the request's
URL with the prefix from the configuration.

The patch will just return NULL when the URL is NULL and results
in no caching for that request (which seems reasonable since there
ios no URL to cache).

ps: I don't know whether the actual fix of this problem should
be in cache_util.c or somewhere in the URI parsing routines.

-- 
ir. Kris Verbeeck
Development Engineer

Ubizen - Ubicenter - Philipssite 5 - 3001 Leuven - Belgium
T:  +32 16 28 70 64
F:  +32 16 28 70 77

Ubizen - We Secure e-business - www.ubizen.com

Mime
View raw message