My thanks to everyone for their input on this problem.  While I was unable to 
get the backtrace and whatkilledus modules to report on failure, I isolated the 
cause to the following code in the handler.

The code itself does not segfault and indeed it appears to execute properly, 
retrieving the user-agent string with correct length and logging it.  However, 
when this code is included Apache segfaults some time later.  (It's not the 
logging causing it; the segfault still occurs without the logging.)

I can not see why this code should be overwriting Apache data structures in 
such a way as to cause Apache to segfault.  I have rewritten it several 
different ways and it still causes segfaults.

Might anyone have insight into this issue?


====================== HANDLER CODE ======================

static int bridcheck_handler
       (request_rec *r) {

  const char *ua_pointer;
  char useragent[UA_BUFFERSIZE];
  size_t ualength;
  size_t ualen2;

  /* Retrieve the user-agent string */

      /* Null the last byte in our buffer so that strings are always terminated 
*/
  useragent[UA_BUFFERSIZE-1] = '\0';
      /* Load pointer to the Apache request record user-agent header field */
  ua_pointer = apr_table_get(r->headers_in, "User-Agent");
      /* Find out how long the Apache-supplied string is */
  ualength = strlen(ua_pointer);
      /* Copy only if there's something to copy */
  if (ualength != 0)
      /* Our buffer gets Apache's request record user-agent field */
      /* Protect from segfault by limiting length at buffersize -1 */
    strncpy(useragent, ua_pointer, UA_BUFFERSIZE-1);
      /* Don't use the original strncpy below.  Dissected the functionality 
into pieces above. */
      /*  strncpy(useragent, apr_table_get(r->headers_in, "User-Agent"), 
UA_BUFFERSIZE-1); */
      /* Now that we have our prize ... how long is it? */
  ualen2 = strlen(useragent);

  ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r,
                  "bc: ualength = %u, <%s>",
                  ualength, apr_table_get(r->headers_in, "User-Agent"));
  ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r,
                  "    ualen2   = %u, <%s>",
                  ualen2, useragent);

  return DECLINED;

  }

====================== ERROR LOG EXTRACT ====================

Oct 26 05:10:39  157.55.39.67  bc: ualength = 71, <Mozilla/5.0 (compatible; 
bingbot/2.0; +http://www.bing.com/bingbot.htm)>
Oct 26 05:10:39  157.55.39.67      ualen2   = 71, <Mozilla/5.0 (compatible; 
bingbot/2.0; +http://www.bing.com/bingbot.htm)>
Oct 26 05:11:11  71.6.232.7  bc: ualength = 115, <Mozilla/5.0 (Windows NT 10.0; 
Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 
Safari/537.36>
Oct 26 05:11:11  71.6.232.7      ualen2   = 115, <Mozilla/5.0 (Windows NT 10.0; 
Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 
Safari/537.36>
Oct 26 05:17:33  110.70.47.92  bc: ualength = 120, <Mozilla/5.0 (Linux; Android 
9; SM-G955N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.85 Mobile 
Safari/537.36>
Oct 26 05:17:33  110.70.47.92      ualen2   = 120, <Mozilla/5.0 (Linux; Android 
9; SM-G955N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.85 Mobile 
Safari/537.36>

Reply via email to