Red Hat Bugzilla – Bug 826124
Apache httpd seg faults in JON snmp agent module
Last modified: 2014-01-03 07:58:20 EST
Description of problem:
There appears to be seg fault issues in JON snmp agent module code. Core backtrace points to the following::
#0 0x000000372b733cfa in __strcmp_ssse3 () from /lib64/libc.so.6
#1 0x00007fbb38296053 in get_request_type_index () from /opt/webserver/apache/modules/libsnmpmonagt.so
#2 0x00007fbb38291851 in covalent_snmp_logger (r=0x7fbaec017ca0) at snmpagent/mod-snmpagt.c:755
#3 0x0000000000429e40 in ap_run_log_transaction (r=0x7fbaec017ca0) at protocol.c:1697
#4 0x000000000042c0e7 in ap_read_request (conn=0x7fbb3005c828) at protocol.c:940
#5 0x0000000000442e50 in ap_process_http_connection (c=0x7fbb3005c828) at http_core.c:183
#6 0x000000000043f188 in ap_run_process_connection (c=0x7fbb3005c828) at connection.c:43
#7 0x000000000044ba2f in process_socket (thd=0xe6c860, dummy=<value optimized out>) at worker.c:544
#8 worker_thread (thd=0xe6c860, dummy=<value optimized out>) at worker.c:894
#9 0x000000372ba077f1 in start_thread () from /lib64/libpthread.so.0
#10 0x000000372b6e592d in clone () from /lib64/libc.so.6
Version-Release number of selected component (if applicable):
These events seem to correlate with invalid (blank) requests logged within the SSL access logfile w/HTTP Return code of 408.
Process seg faults.
Apache should not seg fault.
We should see if we can reproduce in the jon311 timeframe based on the associated support case and ...
"These events seem to correlate with invalid (blank) requests logged within the SSL access logfile w/HTTP Return code of 408."
Created attachment 599203 [details]
Patch to fix seg fault when request method is null
Patch that will resolve this issue. The binaries also need to be rebuilt for all supported platforms and committed under etc/product_connectors/apache-snmp/binaries
Bug 826124 - Apache httpd seg faults in JON snmp agent module
If request method is undefined/empty, the call to get_request_type_index produced a seg fault when a strcmp is performed using the uninitialized memory.
The fix is to treat an undefined/empty request method the same as a undefined protocol and covalent_snmp_logger will simply report method (null) is unsupported.
The source has been updated and committed but we still need to get the binaries prepped for packaging in the kits.
Setting to MODIFIED as all dependent issues are resolved
The CR1 build is available at
https://brewweb.devel.redhat.com/buildinfo?buildID=231258. Moving to ON_QA.