[Bug 1504354] [NEW] Invalid memory access on ap_server_config_defines
You have been subscribed to a public bug by Robie Basak (racb):
A bug in the Apache2 HTTP server results in invalid memory references
in the ap_server_config_defines array after a graceful restart. This
can result in server config variables defined by means of the Define
directive appearing to be undefined after a graceful restart. This
can cause incorrect processing of configuration files. It can also
cause the server to exit due to invalid configuration, even though
the configtest prior to reload succeeded.
This bug was reported upstream against Apache 2.4.6 and 2.4.10. It
appears in the 2.4.7-1ubuntu4.7 found in trusty-proposed, but was
fixed in 2.4.12 and so does not appear in wily.
This is upstream PR 56008 and 57328.
[Test Case]
- apt-get install apache2
- Copy ifdefine-test.conf (attached) to /etc/apache2/sites-available
- a2ensite ifdefine-test.conf
- service apache2 restart
- Observe that http:///foo.html returns the default page
(same as http:///)
- service apache2 reload
- Examine /var/log/apache2/error.log; observe the warning message
"Config variable ${TEST2} is not defined"
- Observe that http:///foo.html now returns a 404.
With the bug fixed, the warning message will not appear, and the
foo.html URL will continue to work after the reload.
[Regression Potential]
Low.
The change is textually small (one line), but has a significant effect:
it ensures that a fresh copy is made of the array containing defined
variables each time the config file is read. Without this, on reloads
the original array (containing variables defined on the command line)
is modified directly, causing it to contain string pointers that will
become invalid when the configuration memory pool is released.
The patch only changes what happens when the configuration pool is
released, avoiding leaking memory references across successive reads
of the config file. As such, it is unlikely have any negative effect
on processing of the configuration, and extremely unlikely to have any
effect on operations once the server configuration has been read.
This change was applied upstream in December, 2014 and appears in the
upstream 2.4.12 release, which is in wily. The patch also appears in
2.4.10-10+deb8u2, which has been in Debian stable for about 5 weeks.
** Affects: apache2
Importance: Critical
Status: Fix Released
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: New
** Tags: patch
--
Invalid memory access on ap_server_config_defines
https://bugs.launchpad.net/bugs/1504354
You received this bug notification because you are a member of Ubuntu Server
Team, which is subscribed to the bug report.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1504354] [NEW] Invalid memory access on ap_server_config_defines
Public bug reported:
A bug in the Apache2 HTTP server results in invalid memory references
in the ap_server_config_defines array after a graceful restart. This
can result in server config variables defined by means of the Define
directive appearing to be undefined after a graceful restart. This
can cause incorrect processing of configuration files. It can also
cause the server to exit due to invalid configuration, even though
the configtest prior to reload succeeded.
This bug was reported upstream against Apache 2.4.6 and 2.4.10. It
appears in the 2.4.7-1ubuntu4.7 found in trusty-proposed, but was
fixed in 2.4.12 and so does not appear in wily.
This is upstream PR 56008 and 57328.
[Test Case]
- apt-get install apache2
- Copy ifdefine-test.conf (attached) to /etc/apache2/sites-available
- a2ensite ifdefine-test.conf
- service apache2 restart
- Observe that http:///foo.html returns the default page
(same as http:///)
- service apache2 reload
- Examine /var/log/apache2/error.log; observe the warning message
"Config variable ${TEST2} is not defined"
- Observe that http:///foo.html now returns a 404.
With the bug fixed, the warning message will not appear, and the
foo.html URL will continue to work after the reload.
[Regression Potential]
Low.
The change is textually small (one line), but has a significant effect:
it ensures that a fresh copy is made of the array containing defined
variables each time the config file is read. Without this, on reloads
the original array (containing variables defined on the command line)
is modified directly, causing it to contain string pointers that will
become invalid when the configuration memory pool is released.
The patch only changes what happens when the configuration pool is
released, avoiding leaking memory references across successive reads
of the config file. As such, it is unlikely have any negative effect
on processing of the configuration, and extremely unlikely to have any
effect on operations once the server configuration has been read.
This change was applied upstream in December, 2014 and appears in the
upstream 2.4.12 release, which is in wily. The patch also appears in
2.4.10-10+deb8u2, which has been in Debian stable for about 5 weeks.
** Affects: apache2
Importance: Unknown
Status: Unknown
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: New
** Bug watch added: bz.apache.org/bugzilla/ #57328
https://bz.apache.org/bugzilla/show_bug.cgi?id=57328
** Also affects: apache2 via
https://bz.apache.org/bugzilla/show_bug.cgi?id=57328
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1504354
Title:
Invalid memory access on ap_server_config_defines
To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1504354/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
