You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Petr Lampa <la...@fee.vutbr.cz> on 1997/02/06 00:00:01 UTC
general/162: core dump in sub_req_lookup_file() if invalid directive in .htaccess
The contract type is `' with a response time of 3 business hours.
A first analysis should be sent before: Thu Feb 06 09:00:01 PST 1997
>Number: 162
>Category: general
>Synopsis: core dump in sub_req_lookup_file() if invalid directive in .htaccess
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: gnats-admin (GNATS administrator)
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Wed Feb 5 15:00:01 1997
>Originator: lampa@fee.vutbr.cz
>Organization:
apache
>Release: 1.1*, 1.2b*
>Environment:
FreeBSD-2.2BETA
>Description:
Bug reported for 1.1, 1.2b4, not resolved yet.
If a bad directive occurs in .htaccess, and sub_request() goes
first to this directory, then log_reason() will dump,
because it doesn't have initialized r->per_dir_config.
Program received signal SIGSEGV, Segmentation fault.
0x90ee in get_module_config (conf_vector=0x0, m=0x38a20) at http_config.c:112
112 return confv[m->module_index];
(gdb) where
#0 0x90ee in get_module_config (conf_vector=0x0, m=0x38a20)
at http_config.c:112
#1 0x6138 in get_remote_host (conn=0x5401c, dir_config=0x0, type=1)
at http_core.c:316
#2 0xdccf in log_reason (reason=0x5a77c "Invalid command LanguageChacha",
file=0x5a6fc "/home2/WWW/root/BRNO/.htaccess", r=0x5a034) at http_log.c:191
#3 0xaad8 in parse_htaccess (result=0xefbf1a94, r=0x5a034, override=6,
d=0x5a6e4 "/home2/WWW/root/BRNO/",
filename=0x5a6fc "/home2/WWW/root/BRNO/.htaccess") at http_config.c:813
#4 0xbff6 in directory_walk (r=0x5a034) at http_request.c:388
#5 0xcad3 in sub_req_lookup_file (new_file=0xefbf3b00 "BRNO/brno.html",
r=0x54084) at http_request.c:707
#6 0x236c4 in handle_include (in=0x80d3b6c, r=0x54084,
error=0xefbf9b30 "[an error occurred while processing this directive]",
noexec=0) at mod_include.c:470
#7 0x2657d in send_parsed_content (f=0x80d3b6c, r=0x54084)
at mod_include.c:1616
#8 0x26a0e in send_parsed_file (r=0x54084) at mod_include.c:1724
#9 0x26a49 in send_shtml_file (r=0x54084) at mod_include.c:1733
>How-To-Repeat:
>Fix:
Initialize r->per_dir_config for sub_request exactly as in regular request!
Or initialize it at least at the beginning of directory_walk():
*** http_request.c.old Mon Jan 20 11:45:46 1997
--- http_request.c Mon Jan 20 11:40:47 1997
***************
*** 226,231 ****
--- 226,232 ----
* fake one. But don't run through the directory entries.
*/
+ r->per_dir_config = per_dir_defaults;
if (test_filename == NULL) {
r->filename = pstrdup(r->pool, r->uri);
r->finfo.st_mode = 0; /* Not really a file... */
%0
>Audit-Trail:
>Unformatted: