Yes, I'd like to do a 2.0.11 soon: We have a few bug fixes committed since 2.0.10 and this crash fix seems like a good time to make a new release. I'll try to get the wheels in motion for an RC1 :-)
On Fri, 21 Jun 2019 at 08:56, Sam Vaughan <samjvaug...@gmail.com> wrote: > > That's great thanks Steve, much appreciated! > > Will there be a 2.0.11 release with this fix? > > Cheers, > > Sam > > > On 21 Jun 2019, at 5:38 pm, Steve Hay <steve.m....@googlemail.com> wrote: > > > > Thanks for the report, Sam (and to Joe for the fix). This is now > > committed to mod_perl trunk: > > http://svn.apache.org/viewvc?view=revision&revision=1861755 > > > > On Thu, 20 Jun 2019 at 09:07, Steve Hay <steve.m....@googlemail.com> wrote: > >> > >> Looks fine to me too. Will give it a test... > >> > >> On Thu, 20 Jun 2019 at 01:28, Philippe Chiasson <go...@ectoplasm.org> > >> wrote: > >>> > >>> Looks good to me > >>> > >>> Sent from the depths of my mind on an iPhone > >>> > >>>> On Jun 19, 2019, at 17:22, Sam Vaughan <samjvaug...@gmail.com> wrote: > >>>> > >>>> Hi mod_perl team, > >>>> > >>>> I reported a bug yesterday to the Apache team, describing a segfault > >>>> that only happens if mod_perl is installed: > >>>> > >>>> https://bz.apache.org/bugzilla/show_bug.cgi?id=63516 > >>>> > >>>> My impression was that it should be fixed in httpd2, but mod_perl is the > >>>> only module that adds a configuration flag to the global > >>>> ap_server_config_defines array, so it has been suggested that a one-line > >>>> change go into the modperl_register_hooks() function instead: > >>>> > >>>> Index: src/modules/perl/mod_perl.c > >>>> --- src/modules/perl/mod_perl.c.orig > >>>> +++ src/modules/perl/mod_perl.c > >>>> @@ -861,7 +861,7 @@ > >>>> > >>>> /* for <IfDefine MODPERL2> and Apache2->define("MODPERL2") */ > >>>> *(char **)apr_array_push(ap_server_config_defines) = > >>>> - apr_pstrdup(p, "MODPERL2"); > >>>> + apr_pstrdup(ap_server_config_defines->pool, "MODPERL2"); > >>>> > >>>> ap_hook_pre_config(modperl_hook_pre_config, > >>>> NULL, NULL, APR_HOOK_MIDDLE); > >>>> > >>>> Essentially, the pool provided as an argument to this function doesn't > >>>> have a long enough lifetime to safely be used as backing storage for the > >>>> "MODPERL2" string. This change uses the pool that the > >>>> ap_server_config_defines array itself was created in, thereby giving the > >>>> "MODPERL2" string the same lifetime as the array it is being added to. > >>>> > >>>> As far as I can tell, this use-after-free bug has been sitting there for > >>>> quite a few years now but Apache only segfaults if your OS is strict > >>>> enough about reclaiming/unmapping freed memory. > >>>> > >>>> Currently, this issue causes httpd2 to segfault during startup the > >>>> majority of the time on OpenBSD 6.5. > >>>> > >>>> I'd really appreciate it if someone could either confirm that the above > >>>> patch is OK and apply it to mod_perl, or jump on the above Apache bug > >>>> report and add a comment explaining why it isn't. > >>>> > >>>> Thanks! > >>>> > >>>> Sam > >>>> > >>>> > >>>> --------------------------------------------------------------------- > >>>> To unsubscribe, e-mail: dev-unsubscr...@perl.apache.org > >>>> For additional commands, e-mail: dev-h...@perl.apache.org > >>>> > >>> > >>> > >>> --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: dev-unsubscr...@perl.apache.org > >>> For additional commands, e-mail: dev-h...@perl.apache.org > >>> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@perl.apache.org > For additional commands, e-mail: dev-h...@perl.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@perl.apache.org For additional commands, e-mail: dev-h...@perl.apache.org
