https://issues.apache.org/bugzilla/show_bug.cgi?id=56290
Bug ID: 56290
Summary: Crash in TclWeb_InitEnvVars() during child exit
Product: Rivet
Version: 2.0.4
Hardware: PC
OS: FreeBSD
Status: NEW
Severity: regression
Priority: P2
Component: mod_rivet
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
We recently upgraded our development server from Rivet 2.0.5 to 2.1.4 and are
seeing a crash on child exit as a result of a ChildExit script.
We have a ChildExitScript configured in httpd.conf that calls a proc. This proc
does "set row(host) [env HTTP_HOST]" and this causes a core dump in 2.1.4.
Looking at the core file, the code above causes a TclWeb_GetEnvVar(req,
"HTTP_HOST") call in mod_rivet. This subsequently calls
TclWeb_InitEnvVars(req).
Within TclWeb_InitEnvVars():
364 apr_table_t *table = req->req->subprocess_env;
The issue is that all of req's struct values are 0x0 during a child exit:
(gdb) print *req
$1 = {interp = 0x0, req = 0x0, apachereq = 0x0, upload = 0x0,
headers_printed = 0, headers_set = 0, content_sent = 0, environment_set = 0,
charset = 0x0}
So, we have a NULL pointer dereference because req->req == 0x0.
This seems to be a regression, as this didn't happen wit Rivet 2.0.5. Also, it
seems like at the very least there should be an assert() on req->req == NULL.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
