[Bug 59897] Buffer Overflow in FD_SET in nb_connect (jk_connect.c) leading to apache2 crash

2018-08-22 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=59897

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #4 from Mark Thomas  ---
Many thanks for the patch. Applied to 1.2.x for 1.2.44 onwards.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59897] Buffer Overflow in FD_SET in nb_connect (jk_connect.c) leading to apache2 crash

2017-09-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=59897

Christopher Schultz  changed:

   What|Removed |Added

   Keywords||PatchAvailable

--- Comment #3 from Christopher Schultz  ---
I think this patch is worth serious consideration and testing.

(I feel like we had this conversation elsewhere, too.)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59897] Buffer Overflow in FD_SET in nb_connect (jk_connect.c) leading to apache2 crash

2016-11-03 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=59897

Koen Wilde  changed:

   What|Removed |Added

 CC||kwi...@bol.com

--- Comment #2 from Koen Wilde  ---
Created attachment 34417
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=34417=edit
[PATCH] Use poll(2) in posix nb_connect

This issue is caused by limitations of the select(2) system call. From the
(linux) manpage:

> POSIX allows an implementation to define an upper limit, advertised via the
> constant FD_SETSIZE, on the range of file descriptors that can be specified
> in a file descriptor set.  The Linux kernel imposes no fixed limit, but the
> glibc implementation makes fd_set a fixed-size type, with FD_SETSIZE defined
> as 1024, and the FD_*() macros operating according to that limit.  To
> monitor file descriptors greater than 1023, use poll(2) instead.

As Michiel already noted, poll(2) is already imported in jk_connect.c, so using
poll(2) doesn't add any new dependencies.

I've attached a patch that uses poll(2) if it is available at compile time;
otherwise it falls back to the current select(2) implementation.

On the long run, it would probably be preferable to use some kind of event
library like libuv or libevent that abstracts over the kernel interface, and
automatically uses the optimal one available (e.g. epoll on linux and kqueue on
FreeBSD). This would both improve portability and performance, and possibly
code simplicity.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59897] Buffer Overflow in FD_SET in nb_connect (jk_connect.c) leading to apache2 crash

2016-09-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=59897

Max L  changed:

   What|Removed |Added

 CC||audiot...@gmail.com

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59897] Buffer Overflow in FD_SET in nb_connect (jk_connect.c) leading to apache2 crash

2016-09-19 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=59897

Fredrik Carpio  changed:

   What|Removed |Added

 CC||fredrik.car...@sony.com

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59897] Buffer Overflow in FD_SET in nb_connect (jk_connect.c) leading to apache2 crash

2016-07-25 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=59897

--- Comment #1 from Michael Diener  ---
One more thing to add, although Apache mpm_event is used, most connections are
via SSL, so AFAIK it should behave like mpm_worker.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org