_apache._global_lock results in segfault when index > number of mutexes -----------------------------------------------------------------------
Key: MODPYTHON-58 URL: http://issues.apache.org/jira/browse/MODPYTHON-58 Project: mod_python Type: Bug Components: core Versions: 3.1.3, 3.2.0, 3.1.4 Environment: All Reporter: Jim Gallacher Priority: Minor All of the following calls will cause a segfault when the index is greater than the number of global mutexes available or index < -1. eg. 32 mutexes created on apache startup index = 100 _apache._global_lock(req.server, None, index) _global_unlock(req.server, None, index) _apache._global_trylock(req.server, None, index) For all of the corresponding functions in _apachemodule.c, the value of index is not checked before using it to access the contents of the global array of mutex locks. eg. rv = apr_global_mutex_lock(glb->g_locks[index]); I'll attach a patch for all three functions that does this check. eg. if ((index > (glb->nlocks)) || (index < -1)) { ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s, "Index %d is out of range for number of global mutex locks", index); PyErr_SetString(PyExc_ValueError, "Lock index is out of range for number of global mutex locks"); return NULL; } -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira