tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Collin McClendon <collin.mcclen...@digiconasp.com>
Subject Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow (logging)
Date Wed, 13 Jul 2005 15:15:09 GMT
Bill,
Thanks again for this tip. After reading the document to my best 
ability, I added this line to the end of 
/usr/local/tomcat/common/classes/logging.propeties :
org.apache.jk.common.MsgAjp = ALL
I got as a result what seemed like no logging at all for this class.
I am setting it to DEBUG now to see what happens, but am I doing this 
correctly at all?
Thanks for your help,
Collin


Bill Barker wrote:

>http://jakarta.apache.org/tomcat/tomcat-5.5-doc/logging.html
>
>----- Original Message -----
>From: "Collin McClendon" <collin.mcclendon@Digiconasp.com>
>To: "Tomcat Developers List" <tomcat-dev@jakarta.apache.org>
>Sent: Tuesday, July 12, 2005 10:57 AM
>Subject: Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
>
>
>Thanks so much for replying! I can understand that concept. Given that
>we are using mod_jk to connect the Apache frontend to Tomcat running
>OpenCMS on the backend, perhaps the way that the application is working
>that is giving us this result?  Also in response to Bill, where can one
>turn on
>DEBUG logging for a specific class such as
>
>org.apache.jk.common.MsgAjp
>
>
>?
>
>I'm thinking that would be in one of the xml config files and I will do
>more research on that, but if you had a quick answer, I'd be happy to
>hear it.
>On the suggestion of Mladen Turk, I did upgrade to mod_jk 1.2.14, I hope
>to see some difference there.
>Thanks again,
>Collin
>
>Remy Maucherat wrote:
>
>  
>
>>Bill Barker wrote:
>>
>>    
>>
>>>The message is simply that you have a header value that is too big
>>>for the
>>>AJP/1.3 protocol to handle.  If you enable DEBUG logging for
>>>org.apache.jk.common.MsgAjp, you should get a dump of the partial
>>>data that
>>>should include the name of the bad header.
>>>      
>>>
>>Given the line, it could be a monster header value, possibly a cookie
>>(the size is 18KB, which is way over the AJP/1.3 capabilities).
>>
>>Rémy (with the neophyte AJP developer hat on)
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>>    
>>
>
>--
>Collin McClendon
>Sr. Microsoft Systems Engineer
>Digicon, Inc.
>collin.mcclendon@digiconasp.com
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
>
>
>This message is intended only for the use of the person(s) listed above as the intended
recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL.  If you are
not an intended recipient, you may not read, copy, or distribute this message or any attachment.
If you received this communication in error, please notify us immediately by e-mail and then
delete all copies of this message and any attachments.
>
>In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet
is not secure. Do not send confidential or sensitive information, such as social security
numbers, account numbers, personal identification numbers and passwords, to us via ordinary
(unencrypted) e-mail.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>  
>

-- 
Collin McClendon
Sr. Microsoft Systems Engineer
Digicon Corporation
collin.mcclendon@digiconasp.com


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message