Hi, I've got a mod_perl handler which has been working fine for a long time, but just recently two people have managed to trigger a seg fault under specific circumstances.
They are POSTing form data Only happens over https - doesn't happen via http (ie without SSL) A certain combination of bytes in the form seems to trigger this. Doesn't appear to be the *number* of bytes, but can't really be sure. It only happens if the end-user is on 64-bit Windows (Win 7 only so far), on IE9 or Chrome 26 (27 seems to be ok). Doesn't happen on Firefix on 64bit, or on any browser on 32-bit Windows. In my handler, if the first thing I do is print out the POST parameters, then the segfault doesn't happen. So it smells like some kind of memory overwrite. This happens on combinations of: CentOS 5.5 and 6.3 openssl 1.0.0d and 1.0.1e Apache 2.2.22 and 2.2.24 Perl 5.12.3 and 5.16.3 mod_perl 2.0.5, 2.0.7 and 2.0.8 I'll probably try 5.18, though I don't expect any change with that. So now, some questions: Anyone seen anything like this, and have an idea where to look? Any thoughts on where to look / what else to try? What's the best approach to tracking this down? Valgrind? I'm going to try attaching a debugger to an httpd process to see if I can see where it's dying, though I suspect the problem may be happening earlier. I'll have a go with valgrind after that. Cheers, Neil
