Alright, I did my homework this time and worked with a self compiled
version of mod_jk (1.2.41). Still the same error is happening. I traced the
buffer overflow down to line 291 in jk_connect.c (nb_connect):
280> do {
281> rc = connect(sd, (const struct sockaddr *)&addr->sa.sin,
addr->salen);
282> } while (rc == -1 && errno == EINTR);
283>
284> if ((rc == -1) && (errno == EINPROGRESS || errno == EALREADY)
285> && (timeout > 0)) {
286> fd_set wfdset;
287> struct timeval tv;
288> socklen_t rclen = (socklen_t)sizeof(rc);
289>
290> FD_ZERO(&wfdset);
*291> FD_SET(sd, &wfdset);*
292> tv.tv_sec = timeout / 1000;
293> tv.tv_usec = (timeout % 1000) * 1000;
294> rc = select(sd + 1, NULL, &wfdset, NULL, &tv);
>From what I understand a buffer overflow would only happen for FD_SET if
the fd_set gets over 1024 descriptors. I made sure that my ulimit for open
files is set and applied large enough, so that's not it.
I tried to switch FD_SET to poll and it seems to work now also for sd >
1024:
struct pollfd pfd_read;
pfd_read.fd = sd;
pfd_read.events = POLLOUT;
rc = poll(&pfd_read, 1, timeout);
As C/C++ is not my preferred language and I understand the internals for
mod_jk not well enough for a change like this, I have a few questions:
1. Is it normal/expected for nb_connect() to evaluate the IF in line 284 to
TRUE? I wonder if this might be the real cause for my problems in the first
place.
2. In line 305 of the original jk_connect.c there is a FD_ISSET inside an
IF. Is there an equivalent operation for poll or is the whole IF
unnecessary then?
Thanks,
Michael
On 30 June 2016 at 12:16, Michael Diener <mdie...@mdiener.de> wrote:
> Thank you Rainer!
>
> On 29 June 2016 at 14:50, Rainer Jung <rainer.j...@kippdata.de> wrote:
>
>> Can you reproduce? Does it also happen on a test system?
>
>
> It only happens on a live system and I'm not able to reproduce it.
>
>
>
>> Latest we provide in the project is 1.2.41. It is pretty easy to compile
>> yourself and would be an interesting check to see, whether it is just an
>> old already fixed problem.
>
>
>
> You are right, I will test and get back.
>
>
> Viele Grüße,
> Michael
>
>
> --
>
>
--
______________________________
NEW GAME! http://www.dig-pig.com
Michael Diener - Software e.K.
mdie...@mdiener.de
+49 178 501 601 8
www.mdiener.de
@mdienersoftware
Grünberger Str. 62,
10245 Berlin, Germany
Sitz Berlin, Amtsgericht Charlottenburg, HRA 46760 B
USt-IdNr. DE233968393
