Bug 489956
Summary: | URLs longer than 2048 chars cause SEGV on 64bit | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 3 | Reporter: | Martin Poole <mpoole> | ||||||||
Component: | squid | Assignee: | Jiri Skala <jskala> | ||||||||
Status: | CLOSED NEXTRELEASE | QA Contact: | |||||||||
Severity: | high | Docs Contact: | |||||||||
Priority: | high | ||||||||||
Version: | 3.9 | CC: | aglotov, ovasik, tao | ||||||||
Target Milestone: | --- | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | x86_64 | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2010-05-13 10:30:08 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Attachments: |
|
Description
Martin Poole
2009-03-12 17:04:01 UTC
Created attachment 334969 [details]
perl reproducer
Created attachment 334971 [details]
squid cache.log with debugging enabled.
Additional notes. This does not occur with RHEL4 & RHEL5 versions. Core dumps do not give a usable backtrace. # gdb /usr/sbin/squid core.28659 GNU gdb Red Hat Linux (6.3.0.0-1.138.el3rh) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu"...(no debugging symbols found) Using host libthread_db library "/lib64/tls/libthread_db.so.1". (no debugging symbols found) Core was generated by `(squid) -D'. Program terminated with signal 6, Aborted. #0 0x0000002a96491745 in ?? () (gdb) where #0 0x0000002a96491745 in ?? () #1 0x0000002a96492eb3 in ?? () #2 0x0000000000000020 in ?? () #3 0x0000000000000000 in ?? () (gdb) info reg rax 0x0 0 rbx 0x0 0 rcx 0xffffffffffffffff -1 rdx 0x6 6 rsi 0x6ff3 28659 rdi 0x6ff3 28659 rbp 0x7fbfff8ca0 0x7fbfff8ca0 rsp 0x7fbfff8b58 0x7fbfff8b58 r8 0x6ff3 28659 r9 0x6 6 r10 0x8 8 r11 0x206 518 r12 0x1 1 r13 0x7fbfff9780 548682045312 r14 0x7fbfff9930 548682045744 r15 0x7fbfff92c8 548682044104 rip 0x2a96491745 0x2a96491745 eflags 0x206 518 cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 (gdb) Created attachment 411632 [details]
This patch fixes the issue for me
As this patch code is used in RHEL-4 version of squid (in fact ifdefed for the case that va_copy() is not supported on system ), closed that next release. Patch seems to be simple and safe, but RHEL-3 is really close to EOL. Update to RHEL-4 or later is recommended, if you want to have this issue fixed. http://www2.gr.squid-cache.org/mail-archive/squid-dev/200311/0072.html and http://bugs.squid-cache.org/show_bug.cgi?id=753 for reference of upstream fix. |