httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <ylavic....@gmail.com>
Subject Re: httpd 2.4.25, mpm_event, ssl: segfaults
Date Mon, 06 Feb 2017 11:31:18 GMT
On Mon, Feb 6, 2017 at 12:10 PM, Ruediger Pluem <rpluem@apache.org> wrote:
>>
>> What might happen in ssl_io_filter_output() is that buffered
>> output data (already deleted but not cleared) end up being reused
>> on shutdown.
>>
>> Could you please try the attached patch?
>
> Why would we need to handle filter_ctx->pssl == NULL the same way we
> handle META_BUCKETS? filter_ctx->pssl == NULL already causes
> ssl_filter_write to fail. Do I miss any code before that could crash
> in the data case with filter_ctx->pssl == NULL?

No, this hunk was not intended to be proposed/tested (the case should
not happen though, so harmless imo), and anyway was not committed in
r1781582 ([1]).

However I opened the thread "ssl_io_filter_output vs EOC" ([2]), maybe
we could discuss this there?
It seems that we can either error/fail or fall through the filter
stack after the EOC, depending on whether subsequents buckets are in
the same brigade or not.
We probably should clarify (and being consistent on) what to do after
the EOC when TLS is in place (i.e. send whatever follows, besides
metadata, in clear or bail out?).

Regards,
Yann.

[1] http://svn.apache.org/r1781582
[2] https://lists.apache.org/thread.html/714ca91c918e7520b75fae664b2bdee28d7b2a9f9ef78e51d8765c96@%3Cdev.httpd.apache.org%3E

Mime
View raw message