Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 826124

Summary: Apache httpd seg faults in JON snmp agent module
Product: [JBoss] JBoss Enterprise Web Server 2 Reporter: Aaron Ogburn <aogburn>
Component: httpdAssignee: Weinan Li <weli>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: 2.0.0CC: aogburn, jsanda, lfuka, loleary
Target Milestone: ---   
Target Release: 2.0.1   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-03 12:58:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 846795, 846796, 850454, 850455    
Bug Blocks:    
Attachments:
Description Flags
Patch to fix seg fault when request method is null none

Description Aaron Ogburn 2012-05-29 16:24:57 UTC 
Description of problem:

There appears to be seg fault issues in JON snmp agent module code.  Core backtrace points to the following::

#0  0x000000372b733cfa in __strcmp_ssse3 () from /lib64/libc.so.6
#1  0x00007fbb38296053 in get_request_type_index () from /opt/webserver/apache/modules/libsnmpmonagt.so
#2  0x00007fbb38291851 in covalent_snmp_logger (r=0x7fbaec017ca0) at snmpagent/mod-snmpagt.c:755
#3  0x0000000000429e40 in ap_run_log_transaction (r=0x7fbaec017ca0) at protocol.c:1697
#4  0x000000000042c0e7 in ap_read_request (conn=0x7fbb3005c828) at protocol.c:940
#5  0x0000000000442e50 in ap_process_http_connection (c=0x7fbb3005c828) at http_core.c:183
#6  0x000000000043f188 in ap_run_process_connection (c=0x7fbb3005c828) at connection.c:43
#7  0x000000000044ba2f in process_socket (thd=0xe6c860, dummy=<value optimized out>) at worker.c:544
#8  worker_thread (thd=0xe6c860, dummy=<value optimized out>) at worker.c:894
#9  0x000000372ba077f1 in start_thread () from /lib64/libpthread.so.0
#10 0x000000372b6e592d in clone () from /lib64/libc.so.6


Version-Release number of selected component (if applicable):

JON 2.3.0


How reproducible:

These events seem to correlate with invalid (blank) requests logged within the SSL access logfile w/HTTP Return code of 408.

  
Actual results:

Process seg faults.


Expected results:

Apache should not seg fault.


Additional info:
Comment 1 Charles Crouch 2012-06-11 14:54:25 UTC 
We should see if we can reproduce in the jon311 timeframe based on the associated support case and ...

"These events seem to correlate with invalid (blank) requests logged within the SSL access logfile w/HTTP Return code of 408."
Comment 2 Larry O'Leary 2012-07-19 16:48:14 UTC 
Created attachment 599203 [details]
Patch to fix seg fault when request method is null

Patch that will resolve this issue. The binaries also need to be rebuilt for all supported platforms and committed under etc/product_connectors/apache-snmp/binaries

Bug 826124 - Apache httpd seg faults in JON snmp agent module
If request method is undefined/empty, the call to get_request_type_index produced a seg fault when a strcmp is performed using the uninitialized memory.
The fix is to treat an undefined/empty request method the same as a undefined protocol and covalent_snmp_logger will simply report method (null) is unsupported.
Comment 4 Larry O'Leary 2012-08-03 01:14:25 UTC 
The source has been updated and committed but we still need to get the binaries prepped for packaging in the kits.
Comment 5 Charles Crouch 2012-08-28 18:24:47 UTC 
Setting to MODIFIED as all dependent issues are resolved
Comment 6 John Sanda 2012-08-30 01:51:20 UTC 
The CR1 build is available at
https://brewweb.devel.redhat.com/buildinfo?buildID=231258. Moving to ON_QA.