https://issues.apache.org/bugzilla/show_bug.cgi?id=52816
Bug #: 52816
Summary: Potential segfault in socache_shmcb_create
Product: Apache httpd-2
Version: 2.4.1
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: All
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
In Apache-2.4.1, the mod_dav_fs module has potential bug which may lead to
segment fault.
The problem is the use of ap_server_root_relative() which may return a NULL
pointer. The current version doesn't check whether the return value is NULL or
not, but directly manipulate on it.
As is known, some misconfigurations may cause ap_server_root_relative() to
return a NULL pointer such as using a nonexistent drive letter on Windows (see
https://issues.apache.org/bugzilla/show_bug.cgi?id=39722).
maybe the following patch makes sense?
*** mod_socache_shmcb.c 2012-03-03 14:15:48.010321827 -0800
--- test.c 2012-03-03 14:15:26.537838321 -0800
***************
*** 287,292 ****
--- 287,294 ----
ctx->data_file = path = ap_server_root_relative(p, arg);
+ if(!path)
+ return "Invalid cache path";
cp = strrchr(path, '(');
cp2 = path + strlen(path) - 1;
PS: the "arg" is from the configuration parameter, for example, if you use:
SSLSessionCache "shmcb:g:\somepath"
The arg is g:\somepath
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
