Source: lighttpd Version: 1.4.45-1 Severity: important Dear Maintainer,
While serving Ookla Speedtest HTTP legacy fallback service with lighttpd, the lighttpd 1.4.45-1 (latest stable) segfaults several times an hour. Apr 12 15:30:18 systemd[1]: lighttpd.service: Main process exited, code=killed, status=11/SEGV Apr 12 15:30:18 systemd[1]: lighttpd.service: Unit entered failed state. Apr 12 15:30:18 systemd[1]: lighttpd.service: Failed with result 'signal'. Apr 12 15:30:18 systemd[1]: lighttpd.service: Service hold-off time over, scheduling restart. (request.c.436) fd: 9 request-len: 367 \nPOST /speedtest/upload.php?x=1523552422398. HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Type: application/x-www-form-urlencoded\r\nTransfer-Encoding: chunked\r\n\r\n (log.c.217) server started Root cause looks to be Lighttpd bug, which has been resolved in 1.4.46: https://redmine.lighttpd.net/issues/2822 If the speedtest-cli client is performing the common test towards the Lighttpd, then after several POST messages lighttpd instance crashes with SEGV. 2018-04-13 10:00:19: (request.c.436) fd: 16 request-len: 367 \nPOST /speedtest/upload.php?x=1523602817877. HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Type: application/x-www-form-urlencoded\r\nTransfer-Encoding: chunked\r\nHost: speedtest.host.url\r\nUser-Agent: Mozilla/5.0 (FreeBSD; U; 64bit; en-us) Python/3.6.5 (KHTML, like Gecko) speedtest-cli/1.0.7\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n 2018-04-13 10:00:19: (response.c.350) -- splitting Request-URI 2018-04-13 10:00:19: (response.c.351) Request-URI : /speedtest/upload.php?x=1523602817877. 2018-04-13 10:00:19: (response.c.352) URI-scheme : http 2018-04-13 10:00:19: (response.c.353) URI-authority : speedtest.host.url 2018-04-13 10:00:19: (response.c.354) URI-path (raw) : /speedtest/upload.php 2018-04-13 10:00:19: (response.c.355) URI-path (clean): /speedtest/upload.php 2018-04-13 10:00:19: (response.c.356) URI-query : x=1523602817877. 2018-04-13 10:00:19: (mod_access.c.148) -- mod_access_uri_handler called 2018-04-13 10:00:19: (response.c.490) -- before doc_root 2018-04-13 10:00:19: (response.c.491) Doc-Root : /var/www/html 2018-04-13 10:00:19: (response.c.492) Rel-Path : /speedtest/upload.php 2018-04-13 10:00:19: (response.c.493) Path : 2018-04-13 10:00:19: (response.c.542) -- after doc_root 2018-04-13 10:00:19: (response.c.543) Doc-Root : /var/www/html 2018-04-13 10:00:19: (response.c.544) Rel-Path : /speedtest/upload.php 2018-04-13 10:00:19: (response.c.545) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (response.c.562) -- logical -> physical 2018-04-13 10:00:19: (response.c.563) Doc-Root : /var/www/html 2018-04-13 10:00:19: (response.c.564) Basedir : /var/www/html 2018-04-13 10:00:19: (response.c.565) Rel-Path : /speedtest/upload.php 2018-04-13 10:00:19: (response.c.566) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (response.c.583) -- handling physical path 2018-04-13 10:00:19: (response.c.584) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (response.c.591) -- file found 2018-04-13 10:00:19: (response.c.592) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (response.c.753) -- handling subrequest 2018-04-13 10:00:19: (response.c.754) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (mod_access.c.148) -- mod_access_uri_handler called 2018-04-13 10:00:19: (mod_fastcgi.c.3500) handling it in mod_fastcgi 2018-04-13 10:00:19: (connections-glue.c.403) chunked data size too large -> 400 2018-04-13 10:00:19: (response.c.122) Response-Header: \nHTTP/1.1 400 Bad Request\r\nContent-Type: text/html\r\nContent-Length: 349\r\nConnection: close\r\nDate: Fri, 13 Apr 2018 07:00:19 GMT\r\nServer: lighttpd/1.4.45\r\n\r\n 2018-04-13 10:00:19: (request.c.436) fd: 18 request-len: 367 \nPOST /speedtest/upload.php?x=1523602817933. HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Type: application/x-www-form-urlencoded\r\nTransfer-Encoding: chunked\r\nHost: speedtest.host.url\r\nUser-Agent: Mozilla/5.0 (FreeBSD; U; 64bit; en-us) Python/3.6.5 (KHTML, like Gecko) speedtest-cli/1.0.7\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n 2018-04-13 10:00:19: (response.c.350) -- splitting Request-URI 2018-04-13 10:00:19: (response.c.351) Request-URI : /speedtest/upload.php?x=1523602817933. 2018-04-13 10:00:19: (response.c.352) URI-scheme : http 2018-04-13 10:00:19: (response.c.353) URI-authority : speedtest.host.url 2018-04-13 10:00:19: (response.c.354) URI-path (raw) : /speedtest/upload.php 2018-04-13 10:00:19: (response.c.355) URI-path (clean): /speedtest/upload.php 2018-04-13 10:00:19: (response.c.356) URI-query : x=1523602817933. 2018-04-13 10:00:19: (mod_access.c.148) -- mod_access_uri_handler called 2018-04-13 10:00:19: (response.c.490) -- before doc_root 2018-04-13 10:00:19: (response.c.491) Doc-Root : /var/www/html 2018-04-13 10:00:19: (response.c.492) Rel-Path : /speedtest/upload.php 2018-04-13 10:00:19: (response.c.493) Path : 2018-04-13 10:00:19: (response.c.542) -- after doc_root 2018-04-13 10:00:19: (response.c.543) Doc-Root : /var/www/html 2018-04-13 10:00:19: (response.c.544) Rel-Path : /speedtest/upload.php 2018-04-13 10:00:19: (response.c.545) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (response.c.562) -- logical -> physical 2018-04-13 10:00:19: (response.c.563) Doc-Root : /var/www/html 2018-04-13 10:00:19: (response.c.564) Basedir : /var/www/html 2018-04-13 10:00:19: (response.c.565) Rel-Path : /speedtest/upload.php 2018-04-13 10:00:19: (response.c.566) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (response.c.583) -- handling physical path 2018-04-13 10:00:19: (response.c.584) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (response.c.591) -- file found 2018-04-13 10:00:19: (response.c.592) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (response.c.753) -- handling subrequest 2018-04-13 10:00:19: (response.c.754) Path : /var/www/html/speedtest/upload.php 2018-04-13 10:00:19: (mod_access.c.148) -- mod_access_uri_handler called 2018-04-13 10:00:19: (mod_fastcgi.c.3500) handling it in mod_fastcgi 2018-04-13 10:00:19: (log.c.217) server started -- System Information: Debian Release: 9.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores) Locale: LANG=et_EE.UTF-8, LC_CTYPE=et_EE.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)