www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Helge Oldach <...@sep.hamburg.com>
Subject mod_proxy/1573: SIGSEGV in proxy module observed with CONNECT request (https)
Date Thu, 18 Dec 1997 16:49:30 GMT

>Number:         1573
>Category:       mod_proxy
>Synopsis:       SIGSEGV in proxy module observed with CONNECT request (https)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Thu Dec 18 08:50:00 PST 1997
>Originator:     hmo@sep.hamburg.com
>Release:        1.3b3
FreeBSD 2.2.5-RELEASE (gcc
#0  0x8097529 in sscanf ()
#1  0x257f0 in proxy_match_ipaddr (This=0x52a64, r=0x6d07c) at proxy_util.c:989
#2  0x1e358 in proxy_handler (r=0x6d07c) at mod_proxy.c:313
#3  0x2eb0b in invoke_handler (r=0x6d07c) at http_config.c:438
#4  0x318dd in process_request_internal (r=0x6d07c) at http_request.c:1117
#5  0x3191b in process_request (r=0x6d07c) at http_request.c:1134
#6  0x29558 in child_main (child_num_arg=0) at http_main.c:2968
#7  0x29687 in make_child (s=0x52034, slot=0, now=882460314)
    at http_main.c:3039
#8  0x2977c in startup_children (number_to_start=5) at http_main.c:3100
#9  0x29d03 in standalone_main (argc=4, argv=0xefbfdd00) at http_main.c:3315
#10 0x2a2d1 in main (argc=4, argv=0xefbfdd00) at http_main.c:3545
Basically the problem occured in an company-internal network when
accessing a https URL through another proxy, which in turn talks to
the Internet. That is, during processing of a CONNECT request.

The httpd.conf setting was this:

ProxyRequests On
ProxyRemote * http://www-proxy.plumcake.com
NoProxy .plumcake.com .plumcake.com:8080
ProxyDomain .plumcake.com

www-proxy.plumcake.com is the internet firewall. Internally the same DNS
domain is used as externally (plumcake.com). For all internal requests
our Apache proxy should talk directly to the hosts. We use address space internally.

Besides, the :8080 syntax above does not work as of 1.3b3 but causes
a debugging message: "@@@@ handle optional port in proxy_is_domainname()".
Some little debugging turned out that `host' was a NULL pointer in
proxy_match_ipaddr(). It looks like a test for NULL was missing.
This test is present in the other three proxy_match methods (_domainname,
_hostname, _word). Here's a quick patch which fixed the problem:

*** proxy_util.c.ORIG   Fri Nov 14 16:59:17 1997
--- proxy_util.c        Thu Dec 18 17:15:54 1997
*** 983,988 ****
--- 983,991 ----
      const char *found;
      const char *host = proxy_get_host_of_request(r);
+     if (host == NULL)         /* some error was logged already */
+       return 0;
      memset(&addr, '\0', sizeof addr);
      memset(ip_addr, '\0', sizeof ip_addr);
[In order for any reply to be added to the PR database, ]
[you need to include <apbugs@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]

View raw message