You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Cliff Woolley <jw...@virginia.edu> on 2002/04/02 07:16:57 UTC

bio_bucket_in_read bug [was Re: Bump a few more tags. :-)]

On Tue, 2 Apr 2002, Cliff Woolley wrote:

> #3  0x4001b14f in socket_read (a=0x827a000, str=0xbf7fd59c,
> len=0xbf7fd5a0,
>     block=1127800088) at apr_buckets_socket.c:74
> #4  0x80d033b in core_input_filter (f=0x823a950, b=0x823a910,
>     mode=AP_MODE_READBYTES, block=1127800088, readbytes=7) at core.c:3430
> #5  0x80c9c47 in ap_get_brigade (next=0x823a950, bb=0x823a910,
>     mode=AP_MODE_READBYTES, block=1127800088, readbytes=7) at
> util_filter.c:507
> #6  0x8087cb0 in bio_bucket_in_read (bio=0x8226e00,
>     in=0x826c460 "H?@H?@\005];\\~xo\a6$\031D\b \223", inl=7)
>     at ssl_engine_io.c:395
> #7  0x400b2661 in BIO_read () from /usr/lib/libssl.so.0
> Cannot access memory at address 0x7


There appears to be a bug in bio_bucket_in_read: it passes inbio->block as
the block parameter to ap_get_brigade(), but inbio->block is
uninitialized:

/root/apache/httpd-2.0.34/modules/ssl# grep -- "->block" *.[ch]
ssl_engine_io.c:                        AP_MODE_READBYTES, inbio->block,
ssl_engine_io.c:                         &buf, &buf_len, inbio->block);

--Cliff


--------------------------------------------------------------
   Cliff Woolley
   cliffwoolley@yahoo.com
   Charlottesville, VA

Re: bio_bucket_in_read bug [was Re: Bump a few more tags. :-)]

Posted by Cliff Woolley <jw...@virginia.edu>.

On Mon, 1 Apr 2002, Doug MacEachern wrote:

> your grep pattern missed this one:
>     ctx->inbio.block = block;

Doh!  :)

Regardless, the value of ->block that's getting passed in is fried.  Some
of the others might be too, I'll have to go back and poke through gdb more
carefully.

Right now I'm running httpd-test against worker and prefork.

--------------------------------------------------------------
   Cliff Woolley
   cliffwoolley@yahoo.com
   Charlottesville, VA

Re: bio_bucket_in_read bug [was Re: Bump a few more tags. :-)]

Posted by Doug MacEachern <do...@covalent.net>.

your grep pattern missed this one:

    ctx->inbio.block = block;