DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=29313>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=29313 mod_forencis cause segmentation faults Summary: mod_forencis cause segmentation faults Product: Apache httpd-1.3 Version: HEAD Platform: All URL: http://idea.hosting.lv/a/tmp/mod_log_forensic-sig11- typescript OS/Version: FreeBSD Status: NEW Severity: Normal Priority: Other Component: Other mods AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Apache 1.3.31 on FreeBSD 4.9 compiled with -O -g with mod_php4. After enabling mod_log_forencis logging the webserver started to expirience occasional segmentation faults. The file in this bug's URL is a typescript with gdb backtraces from three different core files, all showing that the crash occurs on the same instructions inside the mod_forencis: #0 0x28163f99 in log_after (r=0x824b034) at mod_log_forensic.c:236 236 s = ap_pstrcat(r->pool, "-", rcfg->id, "\n", NULL); (gdb) p rcfg $1 = (rcfg *) 0x0 It looks like (by examinig internal structures with gdb and error_log) in all three cases the request was webdav(?) exploit SEARCH /\220\002... with very long URI. The interesting observation: support/check_forensic script could not find any unserved requests. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
