DO NOT REPLY [Bug 45196] New: Apache 2.2. 8 segfaults when trying to connect to a LDAP server

bugzilla Thu, 12 Jun 2008 12:04:41 -0700

https://issues.apache.org/bugzilla/show_bug.cgi?id=45196


           Summary: Apache 2.2.8 segfaults when trying to connect to a LDAP
                    server
           Product: Apache httpd-2
           Version: 2.2.8
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: All
        AssignedTo: [email protected]
        ReportedBy: [EMAIL PROTECTED]


Created an attachment (id=22120)
 --> (https://issues.apache.org/bugzilla/attachment.cgi?id=22120)
Backtrace 

I'm using an Apache 2.2.8 on Linux 2.6.16.13-4-smp and tried to open a
LDAP connection using mod_authz_ldap and mod_auth_digest, but I got a
Segmentation Fault. 

The intereting part of my configuration file follows. Obviously personal
data have been changed due to privacy. 

========
NameVirtualHost myhost:80

ServerName myhost.myintranet

DavLockDB /tmp/DavLockDB
<AuthnProviderAlias ldap ldap-alias1>
AuthLDAPBindDN [EMAIL PROTECTED]
AuthLDAPBindPassword mypass
AuthLDAPURL
"ldap://myserver.myintranet:389/CN=Users,DC=adlab,DC=intranet?sAMAccountName?";
</AuthnProviderAlias>
<VirtualHost myhost:myintranet>
        ServerName myhost.myintranet
        ServerAlias localhost
        ExpiresActive On
        ExpiresDefault now
        Header add Pragma no-cache
        Header add Pragma no-store
        FileETag none

        DocumentRoot /home/myhost/

<Location />

Options +Indexes
Dav On
AuthType Digest
AuthName LDAP_Protected_Place
AuthDigestProvider ldap-alias1
AuthzLDAPAuthoritative on
AuthLDAPGroupAttributeIsDN on
Order deny,allow
Allow from all
  require valid-user

</Location>
<Location /ldap-status>
SetHandler ldap-status
</Location>
</VirtualHost>


====


The next file is the strace of the httpd proccess during an
authentication and the following crash 

===

[pid 29353] <... epoll_wait resumed> {{EPOLLIN, {u32=135864328,
u64=583532467631759368}}}, 2, -1) = 1
[pid 29353] accept(4, {sa_family=AF_INET, sin_port=htons(44829),
sin_addr=inet_addr("172.22.33.136")}, [16]) = 7
[pid 29353] semop(17956929, 0xb7f0d70e, 1) = 0
[pid 29353] futex(0x8140af8, 0x5 /* FUTEX_??? */, 1 <unfinished ...>
[pid 29342] <... futex resumed> )       = 0
[pid 29353] <... futex resumed> )       = 1
[pid 29353] semop(17956929, 0xb7f0d708, 1) = 0
[pid 29353] epoll_wait(6,  <unfinished ...>
[pid 29342] futex(0x8140ac4, FUTEX_WAKE, 1) = 0
[pid 29342] gettimeofday({1213294759, 951728}, NULL) = 0
[pid 29342] fcntl64(7, F_GETFL)         = 0x2 (flags O_RDWR)
[pid 29342] fcntl64(7, F_SETFL, O_RDWR|O_NONBLOCK) = 0
[pid 29342] gettimeofday({1213294759, 952080}, NULL) = 0
[pid 29342] read(7, "GET / HTTP/1.1\r\nHost: im5:8080\r\nUser-Agent:
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008061015
Firefox/3.0\r\nAccept: text/html,application/xhtml
+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5
\r\nAccept-Encoding: gzip,deflate\r\nAccept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nKeep-Alive: 300\r\nConnection:
keep-alive\r\nAuthorization: Digest username=\"lalala\", realm=
\"LDAP_Protected_Place\", nonce=
\"Ba4MKHxPBAA=7d90825f04dcd95723aba0abfb0745c7ad3617b5\", uri=\"/\",
algorithm=MD5, resp"..., 8000) = 605
[pid 29342] gettimeofday({1213294759, 952604}, NULL) = 0
[pid 29342] gettimeofday({1213294759, 952806}, NULL) = 0
[pid 29342] gettimeofday({1213294759, 952917}, NULL) = 0
[pid 29342] stat64("/home/myhost/", {st_mode=S_IFDIR|0755,
st_size=160, ...}) = 0
[pid 29342] open("/.htaccess", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No
such file or directory)
[pid 29342] open("/home/myhost/.htaccess", O_RDONLY|O_LARGEFILE) = -1
ENOENT (No such file or directory)
[pid 29342] open("/home/myhost/.htaccess", O_RDONLY|O_LARGEFILE) = -1
ENOENT (No such file or directory)
[pid 29342] open("/home/myhost/.htaccess", O_RDONLY|O_LARGEFILE) = -1
ENOENT (No such file or directory)
[pid 29342] --- SIGSEGV (Segmentation fault) @ 0 (0) ---
Process 29342 detached
[pid 29325] <... rt_sigtimedwait resumed> 0xbfba83f8) = -1 EINTR
(Interrupted system call)
[pid 29339] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29338] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29333] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29335] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29332] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29352] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29351] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29350] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29349] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29337] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29340] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29328] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29330] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29343] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29341] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29329] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29331] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29334] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29336] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29345] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29348] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29347] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29346] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29344] <... futex resumed> )       = -1 EINTR (Interrupted system
call)
[pid 29353] <... epoll_wait resumed> 8191fb8, 2, -1) = -1 EINTR
(Interrupted system call)
[pid 29339] +++ killed by SIGSEGV +++
Process 29339 detached
[pid 29338] +++ killed by SIGSEGV +++
Process 29338 detached
[pid 29333] +++ killed by SIGSEGV +++
Process 29333 detached
[pid 29335] +++ killed by SIGSEGV +++
Process 29335 detached
[pid 29332] +++ killed by SIGSEGV +++
Process 29332 detached
[pid 29352] +++ killed by SIGSEGV +++
Process 29352 detached
[pid 29351] +++ killed by SIGSEGV +++
Process 29351 detached
[pid 29350] +++ killed by SIGSEGV +++
Process 29350 detached
[pid 29349] +++ killed by SIGSEGV +++
Process 29349 detached
[pid 29337] +++ killed by SIGSEGV +++
Process 29337 detached
[pid 29340] +++ killed by SIGSEGV +++
Process 29340 detached
[pid 29328] +++ killed by SIGSEGV +++
Process 29328 detached
[pid 29330] +++ killed by SIGSEGV +++
Process 29330 detached
[pid 29343] +++ killed by SIGSEGV +++
Process 29343 detached
[pid 29341] +++ killed by SIGSEGV +++
Process 29341 detached
[pid 29329] +++ killed by SIGSEGV +++
Process 29329 detached
[pid 29331] +++ killed by SIGSEGV +++
Process 29331 detached
[pid 29334] +++ killed by SIGSEGV +++
Process 29334 detached
[pid 29336] +++ killed by SIGSEGV +++
Process 29336 detached
[pid 29345] +++ killed by SIGSEGV +++
Process 29345 detached
[pid 29348] +++ killed by SIGSEGV +++
Process 29348 detached
[pid 29347] +++ killed by SIGSEGV +++
Process 29347 detached
[pid 29346] +++ killed by SIGSEGV +++
Process 29346 detached
[pid 29344] +++ killed by SIGSEGV +++
Process 29344 detached
[pid 29353] +++ killed by SIGSEGV +++
Process 29353 detached
[pid 29325] +++ killed by SIGSEGV +++
Process 29325 detached

===


Then, I'll add the last lines of the ltrace of the httpd. 

===

geteuid()
= 0
setuid(65534)
= 0
apr_time_now(5, 11, 20, 39, 24)
= 0x8e162468
apr_snprintf(0xbfcd84e7, 8165, 0x8096d80, 0x80924c8, 24)
= 8
apr_snprintf(0xbfcd84ef, 8157, 0x8096d86, 0xb7ad9e64, 1670)
= 20
apr_vsnprintf(0xbfcd64cc, 8137, 0xb7ad9af0, 0xbfcda538, 1670)
= 72
apr_file_puts(0xbfcd84cc, 0x80a70d8, 8137, 0xbfcda538, 1670)
= 0
apr_file_flush(0x80a70d8, 0x80a70d8, 8137, 0xbfcda538, 1670)
= 0
apr_time_now(0xb7ad9e64, 0xbfcd8503, 0xbfcda4d8, 0x80787bc, 0xb7ad9e64)
= 0x8e162742
apr_snprintf(0xbfcd84d7, 8165, 0x8096d80, 0x80924c8, 0xb7ad9e64)
= 8
apr_snprintf(0xbfcd84df, 8157, 0x8096d86, 0xb7ad9e64, 1761)
= 20
apr_vsnprintf(0xbfcd64bc, 8137, 0xb7ad99f8, 0xbfcda528, 1761)
= 71
apr_file_puts(0xbfcd84bc, 0x80a70d8, 8137, 0xbfcda528, 1761)
= 0
apr_file_flush(0x80a70d8, 0x80a70d8, 8137, 0xbfcda528, 1761)
= 0
apr_setup_signal_thread(0x8140920, 0x80aaf98, 0x8140920, 0x80a3008, 0)
= 0
calloc(1, 100)
= 0x8188e18
apr_palloc(0x8140920, 16, 0x8140920, 0x80a3008, 0)
= 0x8140a40
apr_threadattr_create(0xbfcda5e8, 0x8140920, 0x8140920, 0x80a3008, 0)
= 0
apr_threadattr_detach_set(0x8140a50, 0, 0x8140920, 0x80a3008, 0)
= 0
apr_thread_create(0xbfcda5e4, 0x8140a50, 0x8087810, 0x8140a40, 0x8140920
<unfinished ...>
+++ killed by SIGTRAP +++

===

The backtrace of the error is attached.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 45196] New: Apache 2.2. 8 segfaults when trying to connect to a LDAP server

Reply via email to