You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Collin McClendon <co...@Digiconasp.com> on 2005/07/12 18:38:20 UTC
mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Hello all,
I was kindly redirected to this list by Mr. Turk, the author of mod_jk.
He suggested that someone here might be able to determine
why when using mod_jk and tomcat and apache, I am getting buffer
overflow messages in the catalina.out logfile. This tends to
happen after 8 hours or so, and after users have been visiting the
website, not when idle. I have the relevant portion of the log here:
My mod_jk as stated is 1.2.10, tomcat is 5.5.9, and apache is 2.0.52-12
(RedHat 4.0ES build).
SEVERE: Buffer overflow: buffer.len=8192 pos=70 data=18568
Jun 28, 2005 6:16:21 PM org.apache.jk.common.MsgAjp cpBytes
SEVERE: Overflow
java.lang.Throwable
at org.apache.jk.common.MsgAjp.cpBytes(MsgAjp.java:172)
at org.apache.jk.common.MsgAjp.appendByteChunk(MsgAjp.java:146)
at org.apache.jk.common.MsgAjp.appendBytes(MsgAjp.java:132)
at
org.apache.jk.server.JkCoyoteHandler.appendHead(JkCoyoteHandler.java:407)
at
org.apache.jk.server.JkCoyoteHandler.action(JkCoyoteHandler.java:425)
at org.apache.coyote.Response.action(Response.java:182)
at org.apache.coyote.Response.sendHeaders(Response.java:374)
at
org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:317)
at
org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:278)
at
org.apache.catalina.connector.Response.finishResponse(Response.java:473)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:307)
at
org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:385)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:748)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:678)
at
org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:871)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
I'd appreciate any help you can offer,
Thank you,
Collin McClendon
--
Collin McClendon
Sr. Microsoft Systems Engineer
Digicon, Inc.
collin.mcclendon@digiconasp.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Posted by Collin McClendon <co...@Digiconasp.com>.
Thanks,
I'll read up on this.
Bill Barker wrote:
>http://jakarta.apache.org/tomcat/tomcat-5.5-doc/logging.html
>
>----- Original Message -----
>From: "Collin McClendon" <co...@Digiconasp.com>
>To: "Tomcat Developers List" <to...@jakarta.apache.org>
>Sent: Tuesday, July 12, 2005 10:57 AM
>Subject: Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
>
>
>Thanks so much for replying! I can understand that concept. Given that
>we are using mod_jk to connect the Apache frontend to Tomcat running
>OpenCMS on the backend, perhaps the way that the application is working
>that is giving us this result? Also in response to Bill, where can one
>turn on
>DEBUG logging for a specific class such as
>
>org.apache.jk.common.MsgAjp
>
>
>?
>
>I'm thinking that would be in one of the xml config files and I will do
>more research on that, but if you had a quick answer, I'd be happy to
>hear it.
>On the suggestion of Mladen Turk, I did upgrade to mod_jk 1.2.14, I hope
>to see some difference there.
>Thanks again,
>Collin
>
>Remy Maucherat wrote:
>
>
>
>>Bill Barker wrote:
>>
>>
>>
>>>The message is simply that you have a header value that is too big
>>>for the
>>>AJP/1.3 protocol to handle. If you enable DEBUG logging for
>>>org.apache.jk.common.MsgAjp, you should get a dump of the partial
>>>data that
>>>should include the name of the bad header.
>>>
>>>
>>Given the line, it could be a monster header value, possibly a cookie
>>(the size is 18KB, which is way over the AJP/1.3 capabilities).
>>
>>Rémy (with the neophyte AJP developer hat on)
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>>
>>
>
>--
>Collin McClendon
>Sr. Microsoft Systems Engineer
>Digicon, Inc.
>collin.mcclendon@digiconasp.com
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
>
>
>This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments.
>
>In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
--
Collin McClendon
Sr. Microsoft Systems Engineer
Digicon, Inc.
collin.mcclendon@digiconasp.com
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow (logging)
Posted by Collin McClendon <co...@digiconasp.com>.
Thanks, I didn't have my head screwed on right there. I see now after
re-reading the documentation, I have to use the right keyword and I
wasn't adding .level = at the end of the class name.
Thanks so much for your help, I hope to have a crash to show logged in
detail. If you or someone would glance at it, that would be of great
help to me.
Thanks,
Collin
Bill Barker wrote:
>That's for log4j. For Juli, you want FINE (or FINEST).
>
>----- Original Message -----
>From: "Collin McClendon" <co...@digiconasp.com>
>To: "Tomcat Developers List" <to...@jakarta.apache.org>
>Sent: Wednesday, July 13, 2005 8:15 AM
>Subject: Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow (logging)
>
>
>Bill,
>Thanks again for this tip. After reading the document to my best
>ability, I added this line to the end of
>/usr/local/tomcat/common/classes/logging.propeties :
>org.apache.jk.common.MsgAjp = ALL
>I got as a result what seemed like no logging at all for this class.
>I am setting it to DEBUG now to see what happens, but am I doing this
>correctly at all?
>Thanks for your help,
>Collin
>
>
>Bill Barker wrote:
>
>
>
>>http://jakarta.apache.org/tomcat/tomcat-5.5-doc/logging.html
>>
>>----- Original Message -----
>>From: "Collin McClendon" <co...@Digiconasp.com>
>>To: "Tomcat Developers List" <to...@jakarta.apache.org>
>>Sent: Tuesday, July 12, 2005 10:57 AM
>>Subject: Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
>>
>>
>>Thanks so much for replying! I can understand that concept. Given that
>>we are using mod_jk to connect the Apache frontend to Tomcat running
>>OpenCMS on the backend, perhaps the way that the application is working
>>that is giving us this result? Also in response to Bill, where can one
>>turn on
>>DEBUG logging for a specific class such as
>>
>>org.apache.jk.common.MsgAjp
>>
>>
>>?
>>
>>I'm thinking that would be in one of the xml config files and I will do
>>more research on that, but if you had a quick answer, I'd be happy to
>>hear it.
>>On the suggestion of Mladen Turk, I did upgrade to mod_jk 1.2.14, I hope
>>to see some difference there.
>>Thanks again,
>>Collin
>>
>>Remy Maucherat wrote:
>>
>>
>>
>>
>>
>>>Bill Barker wrote:
>>>
>>>
>>>
>>>
>>>
>>>>The message is simply that you have a header value that is too big
>>>>for the
>>>>AJP/1.3 protocol to handle. If you enable DEBUG logging for
>>>>org.apache.jk.common.MsgAjp, you should get a dump of the partial
>>>>data that
>>>>should include the name of the bad header.
>>>>
>>>>
>>>>
>>>>
>>>Given the line, it could be a monster header value, possibly a cookie
>>>(the size is 18KB, which is way over the AJP/1.3 capabilities).
>>>
>>>Rémy (with the neophyte AJP developer hat on)
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>>
>>>
>>>
>>>
>>>
>>--
>>Collin McClendon
>>Sr. Microsoft Systems Engineer
>>Digicon, Inc.
>>collin.mcclendon@digiconasp.com
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>>
>>
>>
>>
>>This message is intended only for the use of the person(s) listed above as
>>
>>
>the intended recipient(s), and may contain information that is PRIVILEGED
>and CONFIDENTIAL. If you are not an intended recipient, you may not read,
>copy, or distribute this message or any attachment. If you received this
>communication in error, please notify us immediately by e-mail and then
>delete all copies of this message and any attachments.
>
>
>>In addition you should be aware that ordinary (unencrypted) e-mail sent
>>
>>
>through the Internet is not secure. Do not send confidential or sensitive
>information, such as social security numbers, account numbers, personal
>identification numbers and passwords, to us via ordinary (unencrypted)
>e-mail.
>
>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>>
>>
>>
>>
>
>--
>Collin McClendon
>Sr. Microsoft Systems Engineer
>Digicon Corporation
>collin.mcclendon@digiconasp.com
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
>
>
>This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments.
>
>In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
--
Collin McClendon
Sr. Microsoft Systems Engineer
Digicon Corporation
collin.mcclendon@digiconasp.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow (logging)
Posted by Collin McClendon <co...@digiconasp.com>.
Bill,
so far all I've gotten out of FINE logging is a lot of these:
Jul 14, 2005 1:44:36 PM org.apache.jk.common.MsgAjp processHeader
FINE: Received 560 18
We have been monitoring the server, and even though I got no SEVERE
messages, it appears to have hung as before. Am I excluding SEVERE
logging messages when I specify FINE as logging such as this? (I'm
quite positive this is an inclusive logging setting)
org.apache.jk.common.MsgAjp.level = FINEST
org.apache.jk.server.JkMain.level = FINEST
I any case, I have yet to catch the mod_jk in the act of doing a buffer
overflow since changing the logging parameters.
Thanks for any help you can give,
Collin
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow (logging)
Posted by Bill Barker <wb...@wilshire.com>.
That's for log4j. For Juli, you want FINE (or FINEST).
----- Original Message -----
From: "Collin McClendon" <co...@digiconasp.com>
To: "Tomcat Developers List" <to...@jakarta.apache.org>
Sent: Wednesday, July 13, 2005 8:15 AM
Subject: Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow (logging)
Bill,
Thanks again for this tip. After reading the document to my best
ability, I added this line to the end of
/usr/local/tomcat/common/classes/logging.propeties :
org.apache.jk.common.MsgAjp = ALL
I got as a result what seemed like no logging at all for this class.
I am setting it to DEBUG now to see what happens, but am I doing this
correctly at all?
Thanks for your help,
Collin
Bill Barker wrote:
>http://jakarta.apache.org/tomcat/tomcat-5.5-doc/logging.html
>
>----- Original Message -----
>From: "Collin McClendon" <co...@Digiconasp.com>
>To: "Tomcat Developers List" <to...@jakarta.apache.org>
>Sent: Tuesday, July 12, 2005 10:57 AM
>Subject: Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
>
>
>Thanks so much for replying! I can understand that concept. Given that
>we are using mod_jk to connect the Apache frontend to Tomcat running
>OpenCMS on the backend, perhaps the way that the application is working
>that is giving us this result? Also in response to Bill, where can one
>turn on
>DEBUG logging for a specific class such as
>
>org.apache.jk.common.MsgAjp
>
>
>?
>
>I'm thinking that would be in one of the xml config files and I will do
>more research on that, but if you had a quick answer, I'd be happy to
>hear it.
>On the suggestion of Mladen Turk, I did upgrade to mod_jk 1.2.14, I hope
>to see some difference there.
>Thanks again,
>Collin
>
>Remy Maucherat wrote:
>
>
>
>>Bill Barker wrote:
>>
>>
>>
>>>The message is simply that you have a header value that is too big
>>>for the
>>>AJP/1.3 protocol to handle. If you enable DEBUG logging for
>>>org.apache.jk.common.MsgAjp, you should get a dump of the partial
>>>data that
>>>should include the name of the bad header.
>>>
>>>
>>Given the line, it could be a monster header value, possibly a cookie
>>(the size is 18KB, which is way over the AJP/1.3 capabilities).
>>
>>Rémy (with the neophyte AJP developer hat on)
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>>
>>
>
>--
>Collin McClendon
>Sr. Microsoft Systems Engineer
>Digicon, Inc.
>collin.mcclendon@digiconasp.com
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
>
>
>This message is intended only for the use of the person(s) listed above as
the intended recipient(s), and may contain information that is PRIVILEGED
and CONFIDENTIAL. If you are not an intended recipient, you may not read,
copy, or distribute this message or any attachment. If you received this
communication in error, please notify us immediately by e-mail and then
delete all copies of this message and any attachments.
>
>In addition you should be aware that ordinary (unencrypted) e-mail sent
through the Internet is not secure. Do not send confidential or sensitive
information, such as social security numbers, account numbers, personal
identification numbers and passwords, to us via ordinary (unencrypted)
e-mail.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
--
Collin McClendon
Sr. Microsoft Systems Engineer
Digicon Corporation
collin.mcclendon@digiconasp.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments.
In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow (logging)
Posted by Collin McClendon <co...@digiconasp.com>.
Bill,
Thanks again for this tip. After reading the document to my best
ability, I added this line to the end of
/usr/local/tomcat/common/classes/logging.propeties :
org.apache.jk.common.MsgAjp = ALL
I got as a result what seemed like no logging at all for this class.
I am setting it to DEBUG now to see what happens, but am I doing this
correctly at all?
Thanks for your help,
Collin
Bill Barker wrote:
>http://jakarta.apache.org/tomcat/tomcat-5.5-doc/logging.html
>
>----- Original Message -----
>From: "Collin McClendon" <co...@Digiconasp.com>
>To: "Tomcat Developers List" <to...@jakarta.apache.org>
>Sent: Tuesday, July 12, 2005 10:57 AM
>Subject: Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
>
>
>Thanks so much for replying! I can understand that concept. Given that
>we are using mod_jk to connect the Apache frontend to Tomcat running
>OpenCMS on the backend, perhaps the way that the application is working
>that is giving us this result? Also in response to Bill, where can one
>turn on
>DEBUG logging for a specific class such as
>
>org.apache.jk.common.MsgAjp
>
>
>?
>
>I'm thinking that would be in one of the xml config files and I will do
>more research on that, but if you had a quick answer, I'd be happy to
>hear it.
>On the suggestion of Mladen Turk, I did upgrade to mod_jk 1.2.14, I hope
>to see some difference there.
>Thanks again,
>Collin
>
>Remy Maucherat wrote:
>
>
>
>>Bill Barker wrote:
>>
>>
>>
>>>The message is simply that you have a header value that is too big
>>>for the
>>>AJP/1.3 protocol to handle. If you enable DEBUG logging for
>>>org.apache.jk.common.MsgAjp, you should get a dump of the partial
>>>data that
>>>should include the name of the bad header.
>>>
>>>
>>Given the line, it could be a monster header value, possibly a cookie
>>(the size is 18KB, which is way over the AJP/1.3 capabilities).
>>
>>Rémy (with the neophyte AJP developer hat on)
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>>
>>
>
>--
>Collin McClendon
>Sr. Microsoft Systems Engineer
>Digicon, Inc.
>collin.mcclendon@digiconasp.com
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
>
>
>This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments.
>
>In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
--
Collin McClendon
Sr. Microsoft Systems Engineer
Digicon Corporation
collin.mcclendon@digiconasp.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Posted by Bill Barker <wb...@wilshire.com>.
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/logging.html
----- Original Message -----
From: "Collin McClendon" <co...@Digiconasp.com>
To: "Tomcat Developers List" <to...@jakarta.apache.org>
Sent: Tuesday, July 12, 2005 10:57 AM
Subject: Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Thanks so much for replying! I can understand that concept. Given that
we are using mod_jk to connect the Apache frontend to Tomcat running
OpenCMS on the backend, perhaps the way that the application is working
that is giving us this result? Also in response to Bill, where can one
turn on
DEBUG logging for a specific class such as
org.apache.jk.common.MsgAjp
?
I'm thinking that would be in one of the xml config files and I will do
more research on that, but if you had a quick answer, I'd be happy to
hear it.
On the suggestion of Mladen Turk, I did upgrade to mod_jk 1.2.14, I hope
to see some difference there.
Thanks again,
Collin
Remy Maucherat wrote:
> Bill Barker wrote:
>
>> The message is simply that you have a header value that is too big
>> for the
>> AJP/1.3 protocol to handle. If you enable DEBUG logging for
>> org.apache.jk.common.MsgAjp, you should get a dump of the partial
>> data that
>> should include the name of the bad header.
>
>
> Given the line, it could be a monster header value, possibly a cookie
> (the size is 18KB, which is way over the AJP/1.3 capabilities).
>
> Rémy (with the neophyte AJP developer hat on)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
--
Collin McClendon
Sr. Microsoft Systems Engineer
Digicon, Inc.
collin.mcclendon@digiconasp.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments.
In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Posted by Collin McClendon <co...@Digiconasp.com>.
Thanks so much for replying! I can understand that concept. Given that
we are using mod_jk to connect the Apache frontend to Tomcat running
OpenCMS on the backend, perhaps the way that the application is working
that is giving us this result? Also in response to Bill, where can one
turn on
DEBUG logging for a specific class such as
org.apache.jk.common.MsgAjp
?
I'm thinking that would be in one of the xml config files and I will do
more research on that, but if you had a quick answer, I'd be happy to
hear it.
On the suggestion of Mladen Turk, I did upgrade to mod_jk 1.2.14, I hope
to see some difference there.
Thanks again,
Collin
Remy Maucherat wrote:
> Bill Barker wrote:
>
>> The message is simply that you have a header value that is too big
>> for the
>> AJP/1.3 protocol to handle. If you enable DEBUG logging for
>> org.apache.jk.common.MsgAjp, you should get a dump of the partial
>> data that
>> should include the name of the bad header.
>
>
> Given the line, it could be a monster header value, possibly a cookie
> (the size is 18KB, which is way over the AJP/1.3 capabilities).
>
> Rémy (with the neophyte AJP developer hat on)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
--
Collin McClendon
Sr. Microsoft Systems Engineer
Digicon, Inc.
collin.mcclendon@digiconasp.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Posted by Collin McClendon <co...@digiconasp.com>.
Thank you Bill!
I will happily continue to the other list, at least I know my logging is
set to capture the correct events and I have a clue as to what might be
the cause.
-Collin
Bill Barker wrote:
>"Collin McClendon" <co...@digiconasp.com> wrote in message
>news:42D6C5C2.5080801@digiconasp.com...
>
>
>>I've enabled the logging per your suggestions, and not having heard back
>>in a bit, I was hoping someone could clue in to why I get plenty of FINE
>>messages for org.apache.jk.common.MsgAjp, but no longer get SEVERE
>>messages. I'm also trying consistently crash mod_jk, but not having much
>>luck, OpenCMS is the webapp invovled here, I haven't gotten any feed back
>>from their dev list.
>>
>>
>
>You get plenty of FINE messages, since those are primarily for developers
>trying to understand the protocol traffic ;-). You haven't gotten SEVERE
>messages for the simple reason that none of them have been triggered. (as
>an aside, MsgAjp only currently logs at either SEVERE or FINE).
>
>As Remy mentions below, the most likely problems are with a 'Set-Cookie'
>header (with a ridiculously big cookie), or with a 'Location' header (from a
>sendRedirect with a ridiculously big query-string). Personally, I'm betting
>on the second (since the Response body was less than 8K). In any case, this
>is starting to border on [OT] for this list, and may be better continued on
>tomcat-user@jakarta.apache.org. Don't worry, both Remy an me lurk there
>;-).
>
>
>
>>Thanks,
>>Collin
>>
>>
>>Remy Maucherat wrote:
>>
>>
>>
>>>Bill Barker wrote:
>>>
>>>
>>>
>>>>The message is simply that you have a header value that is too big for
>>>>the
>>>>AJP/1.3 protocol to handle. If you enable DEBUG logging for
>>>>org.apache.jk.common.MsgAjp, you should get a dump of the partial data
>>>>that
>>>>should include the name of the bad header.
>>>>
>>>>
>>>Given the line, it could be a monster header value, possibly a cookie
>>>(the size is 18KB, which is way over the AJP/1.3 capabilities).
>>>
>>>Rémy (with the neophyte AJP developer hat on)
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>>
>>>
>>>
>>--
>>Collin McClendon
>>Sr. Microsoft Systems Engineer
>>Digicon Corporation
>>collin.mcclendon@digiconasp.com
>>
>>
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Posted by Bill Barker <wb...@wilshire.com>.
"Collin McClendon" <co...@digiconasp.com> wrote in message
news:42D6C5C2.5080801@digiconasp.com...
> I've enabled the logging per your suggestions, and not having heard back
> in a bit, I was hoping someone could clue in to why I get plenty of FINE
> messages for org.apache.jk.common.MsgAjp, but no longer get SEVERE
> messages. I'm also trying consistently crash mod_jk, but not having much
> luck, OpenCMS is the webapp invovled here, I haven't gotten any feed back
> from their dev list.
You get plenty of FINE messages, since those are primarily for developers
trying to understand the protocol traffic ;-). You haven't gotten SEVERE
messages for the simple reason that none of them have been triggered. (as
an aside, MsgAjp only currently logs at either SEVERE or FINE).
As Remy mentions below, the most likely problems are with a 'Set-Cookie'
header (with a ridiculously big cookie), or with a 'Location' header (from a
sendRedirect with a ridiculously big query-string). Personally, I'm betting
on the second (since the Response body was less than 8K). In any case, this
is starting to border on [OT] for this list, and may be better continued on
tomcat-user@jakarta.apache.org. Don't worry, both Remy an me lurk there
;-).
> Thanks,
> Collin
>
>
> Remy Maucherat wrote:
>
>> Bill Barker wrote:
>>
>>> The message is simply that you have a header value that is too big for
>>> the
>>> AJP/1.3 protocol to handle. If you enable DEBUG logging for
>>> org.apache.jk.common.MsgAjp, you should get a dump of the partial data
>>> that
>>> should include the name of the bad header.
>>
>>
>> Given the line, it could be a monster header value, possibly a cookie
>> (the size is 18KB, which is way over the AJP/1.3 capabilities).
>>
>> R�my (with the neophyte AJP developer hat on)
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>
> --
> Collin McClendon
> Sr. Microsoft Systems Engineer
> Digicon Corporation
> collin.mcclendon@digiconasp.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Posted by Collin McClendon <co...@digiconasp.com>.
I've enabled the logging per your suggestions, and not having heard back
in a bit, I was hoping someone could clue in to why I get plenty of FINE
messages for org.apache.jk.common.MsgAjp, but no longer get SEVERE
messages. I'm also trying consistently crash mod_jk, but not having
much luck, OpenCMS is the webapp invovled here, I haven't gotten any
feed back from their dev list.
Thanks,
Collin
Remy Maucherat wrote:
> Bill Barker wrote:
>
>> The message is simply that you have a header value that is too big
>> for the
>> AJP/1.3 protocol to handle. If you enable DEBUG logging for
>> org.apache.jk.common.MsgAjp, you should get a dump of the partial
>> data that
>> should include the name of the bad header.
>
>
> Given the line, it could be a monster header value, possibly a cookie
> (the size is 18KB, which is way over the AJP/1.3 capabilities).
>
> Rémy (with the neophyte AJP developer hat on)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
--
Collin McClendon
Sr. Microsoft Systems Engineer
Digicon Corporation
collin.mcclendon@digiconasp.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Posted by Remy Maucherat <re...@apache.org>.
Bill Barker wrote:
> The message is simply that you have a header value that is too big for the
> AJP/1.3 protocol to handle. If you enable DEBUG logging for
> org.apache.jk.common.MsgAjp, you should get a dump of the partial data that
> should include the name of the bad header.
Given the line, it could be a monster header value, possibly a cookie
(the size is 18KB, which is way over the AJP/1.3 capabilities).
Rémy (with the neophyte AJP developer hat on)
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
Posted by Bill Barker <wb...@wilshire.com>.
The message is simply that you have a header value that is too big for the
AJP/1.3 protocol to handle. If you enable DEBUG logging for
org.apache.jk.common.MsgAjp, you should get a dump of the partial data that
should include the name of the bad header.
----- Original Message -----
From: "Collin McClendon" <co...@Digiconasp.com>
To: <to...@jakarta.apache.org>
Sent: Tuesday, July 12, 2005 9:38 AM
Subject: mod_jk 1.2.10 and tomcat 5.5.9 buffer overflow
> Hello all,
> I was kindly redirected to this list by Mr. Turk, the author of mod_jk.
> He suggested that someone here might be able to determine
> why when using mod_jk and tomcat and apache, I am getting buffer
> overflow messages in the catalina.out logfile. This tends to
> happen after 8 hours or so, and after users have been visiting the
> website, not when idle. I have the relevant portion of the log here:
> My mod_jk as stated is 1.2.10, tomcat is 5.5.9, and apache is 2.0.52-12
> (RedHat 4.0ES build).
>
> SEVERE: Buffer overflow: buffer.len=8192 pos=70 data=18568
> Jun 28, 2005 6:16:21 PM org.apache.jk.common.MsgAjp cpBytes
> SEVERE: Overflow
> java.lang.Throwable
> at org.apache.jk.common.MsgAjp.cpBytes(MsgAjp.java:172)
> at org.apache.jk.common.MsgAjp.appendByteChunk(MsgAjp.java:146)
> at org.apache.jk.common.MsgAjp.appendBytes(MsgAjp.java:132)
> at
> org.apache.jk.server.JkCoyoteHandler.appendHead(JkCoyoteHandler.java:407)
> at
> org.apache.jk.server.JkCoyoteHandler.action(JkCoyoteHandler.java:425)
> at org.apache.coyote.Response.action(Response.java:182)
> at org.apache.coyote.Response.sendHeaders(Response.java:374)
> at
> org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:317)
> at
> org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:278)
> at
> org.apache.catalina.connector.Response.finishResponse(Response.java:473)
> at
>
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
> at
> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:307)
> at
> org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:385)
> at
org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:748)
> at
>
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:678)
> at
> org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:871)
> at
>
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav
a:684)
> at java.lang.Thread.run(Thread.java:595)
>
> I'd appreciate any help you can offer,
> Thank you,
> Collin McClendon
>
> --
> Collin McClendon
> Sr. Microsoft Systems Engineer
> Digicon, Inc.
> collin.mcclendon@digiconasp.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments.
In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org