Hi Willy, you are awesome! I am trying it now and give you feedback.
Thanks! Hogan On Thu, Nov 25, 2010 at 1:46 AM, Willy Tarreau <[email protected]> wrote: > Hi Hogan, > > On Wed, Nov 24, 2010 at 09:33:37PM +0800, Hogan Yu wrote: > > Hi Willy, > > I send you an dump core file and I sure that we have some free memory on > > our platform. > > Thank you very much for your core. I could find the issue and indeed it's > not related to a memory shortage, which was the issue I first encountered > when trying your config. > > The issue comes from the mixing of cookies in indirect mode and appsession. > The bug is that the indirect cookie is removed but 3 pointers that point to > the attribute of the next cookies are not updated after the removal, and > they are used by the appsession code. One length computation can get wrong > and cause a memcpy() to be called with a negative value, thus crashing the > process. > > I have issued a critical fix for this, I'd like you to give it a try : > > http://git.1wt.eu/web?p=haproxy-1.4.git;a=commitdiff_plain;h=c5f374 > > In my tests the problem is correctly solved. Once you confirm the issue > is gone, I'll release 1.4.10 with it. > > In the mean time, if there are any user mixing cookies + appsession, I > strongly encourage them to disable the "indirect" keyword on the cookie > line, or to disable either of the two mechanisms until they upgrade to > 1.4.10. > > I know that 1.5-dev3 is affected too, though it's a development version > so it's less critical. I don't know for older 1.4 versions nor for 1.3. > > Cheers, > Willy > > -- Hogan Yu Technical Operations Director Ice BreakerSoftware (Beijing) Lmt. Mobile: 18611746815 Tel:86-10-82800259 82800942 Fax:86-10-82800941
