Alright, I did my homework this time and worked with a self compiled version of mod_jk (1.2.41). Still the same error is happening. I traced the buffer overflow down to line 291 in jk_connect.c (nb_connect):
280> do { 281> rc = connect(sd, (const struct sockaddr *)&addr->sa.sin, addr->salen); 282> } while (rc == -1 && errno == EINTR); 283> 284> if ((rc == -1) && (errno == EINPROGRESS || errno == EALREADY) 285> && (timeout > 0)) { 286> fd_set wfdset; 287> struct timeval tv; 288> socklen_t rclen = (socklen_t)sizeof(rc); 289> 290> FD_ZERO(&wfdset); *291> FD_SET(sd, &wfdset);* 292> tv.tv_sec = timeout / 1000; 293> tv.tv_usec = (timeout % 1000) * 1000; 294> rc = select(sd + 1, NULL, &wfdset, NULL, &tv); >From what I understand a buffer overflow would only happen for FD_SET if the fd_set gets over 1024 descriptors. I made sure that my ulimit for open files is set and applied large enough, so that's not it. I tried to switch FD_SET to poll and it seems to work now also for sd > 1024: struct pollfd pfd_read; pfd_read.fd = sd; pfd_read.events = POLLOUT; rc = poll(&pfd_read, 1, timeout); As C/C++ is not my preferred language and I understand the internals for mod_jk not well enough for a change like this, I have a few questions: 1. Is it normal/expected for nb_connect() to evaluate the IF in line 284 to TRUE? I wonder if this might be the real cause for my problems in the first place. 2. In line 305 of the original jk_connect.c there is a FD_ISSET inside an IF. Is there an equivalent operation for poll or is the whole IF unnecessary then? Thanks, Michael On 30 June 2016 at 12:16, Michael Diener <mdie...@mdiener.de> wrote: > Thank you Rainer! > > On 29 June 2016 at 14:50, Rainer Jung <rainer.j...@kippdata.de> wrote: > >> Can you reproduce? Does it also happen on a test system? > > > It only happens on a live system and I'm not able to reproduce it. > > > >> Latest we provide in the project is 1.2.41. It is pretty easy to compile >> yourself and would be an interesting check to see, whether it is just an >> old already fixed problem. > > > > You are right, I will test and get back. > > > Viele Grüße, > Michael > > > -- > > -- ______________________________ NEW GAME! http://www.dig-pig.com Michael Diener - Software e.K. mdie...@mdiener.de +49 178 501 601 8 www.mdiener.de @mdienersoftware Grünberger Str. 62, 10245 Berlin, Germany Sitz Berlin, Amtsgericht Charlottenburg, HRA 46760 B USt-IdNr. DE233968393