www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Serguei Kouzmine ...@www.russia.net>
Subject config/541: "HTML files <IMG> crate zombies " on FreeBSDLinux
Date Sun, 04 May 1997 13:30:01 GMT

>Number:         541
>Category:       config
>Synopsis:       "HTML files <IMG> crate zombies " on FreeBSDLinux
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache (Apache HTTP Project)
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Sun May  4 06:30:00 1997
>Originator:     sk@www.russia.net
>Organization:
apache
>Release:        1.1.1, 1.2.something
>Environment:
FreeBSDLinux, version:
[being formally entered from email on behalf of the customer]
>Description:
The html :

#! /usr/bin/perl
print "Content-type: text/html\n\n";
print "<META HTTP-EQUIV=\"Refresh\"  CONTENT=10>\n";
$cnt=0;
$maxcnt=10;
while($cnt!=$maxcnt){
print "<IMG SRC=\"/cgi-bin/somebinary?arglist\">\n";
$cnt++;
}

print "</HTML>\n";


This is just enough to start zombie which will be
the httpd responsible for.

Zombies will be the 'somebinary's

The number of zombie creation might range in 1,2,...
(not exactly one zombie)

the frequency of zombie emergence will greately depend on the
system load average, and in order to watch you may have to
sit waiting for a while.

The problem reported by the hackers is the
incorrect loop structure in the alloc.c
fork()/signal()/wait() handling.
The potential problems arizing seem to be easy to
model by waiting in the perl script which produces the HTML
page, while allocing lots of memory in the child 'somebinary'

Regards,
Serguei Kouzmine
>How-To-Repeat:

>Fix:

>Audit-Trail:
>Unformatted:



Mime
View raw message