Bug 123549 - httpd process name overwritten by mod_perl bug
httpd process name overwritten by mod_perl bug
Status: CLOSED DEFERRED
Product: Fedora Legacy
Classification: Retired
Component: mod_perl (Show other bugs)
fc2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
LEGACY, 2, DEFER
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-05-19 05:58 EDT by Nathan Ollerenshaw
Modified: 2007-04-18 13:07 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-13 10:12:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Nathan Ollerenshaw 2004-05-19 05:58:28 EDT
Description of problem:
There is some overflow in 1.99_12 which causes the process name in the ps list to be 
overwritten with bogus values.

For example, /usr/sbin/httpd will be overwritten to be /usr/sbin/-e

Not cool, and indicates possible buffer overflow.

I fixed the problem by download the SRPM for 1.99_12, downloading the source fo 
1.99_13 from the perl.apache.org site, and updating the spec file then recompiling. The 
symptoms went away.

I'm marking this as High severity because it could be indicative of a severe memory leak - 
under testing with a complex mod_perl webapp (@mail) I found a process with over 1GB of 
memory assigned to it. After upgrading mod_perl this problem went away.

Version-Release number of selected component (if applicable):
mod_perl-1.99_12-2.1

How reproducible:
Always

Steps to Reproduce:
1. Install fedora core 2 (or core 1)
2. Install mod_perl
3. run some mod_perl app and watch the process name get overwritten
    

Additional info:
Comment 1 Nathan Ollerenshaw 2004-05-24 22:28:05 EDT
mod_perl-1.99_14 has been released. It fixes some important bugs, nothing security 
related that I can see - still, if you guys are going to rebuild this package, might be good 
idea to go to 14.
Comment 2 Matthew Miller 2005-04-11 18:20:53 EDT
[Bulk move of FC2 bugs to Fedora Legacy. See
<http://www.redhat.com/archives/fedora-announce-list/2005-April/msg00020.html>.]
Comment 3 Pekka Savola 2005-11-16 08:15:14 EST
This doesn't seem to be important enough to fix just on its own, so mark it DEFER.


Note You need to log in before you can comment on or make changes to this bug.