httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stephane duverger <>
Subject [users@httpd] bug in mod_proxy_html or apache2 API ?
Date Mon, 11 Oct 2004 16:24:43 GMT

I think i've found a  bug in the module "proxy_html" using 
Apache/2.0.52 (Debian GNU/Linux) proxy_html/2.4 configured.

The problem occurs after calling "ap_get_module_config()". This function
should init the module's "config struct" with user's configuration or
with default values if i'm correct (set in proxy_html_config() ).

One option seems to be really important: buffer size. It is used to
realloc memory areas.

The fact is that even if i set the "ProxyHTMLBufSize" option manually or
let the default value, the "buffer size" field of the "config struct" is
always set to a huge value (1684369001 according to debug logs).

Then bug occurs, a buffer in a call to preserve() is reallocated with
this value and so realloc() returns 0. It then leads to a segfault in

	ctx->avail += ctx->cfg->bufsz ;
	 newbuf = realloc(ctx->buf, ctx->avail) ;

	preserve(ctx, len) ; // now ctx->buf = 0

[notice] child pid 19977 exit signal Segmentation fault (11)

So it seems that "ap_get_module_config()" does not do its job the right way.
Do you think it's a bug in apache 2 API ?



The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message