Welcome! Log In Create A New Profile

Re: nginx segfaulting with mod_security

Forum List Message List New Topic Print View

flubber

April 13, 2014 06:30AM

Registered: 13 years ago
Posts: 3

B.
On Apr 13, 2014 5:18 PM, "Maxim Dounin" <mdounin@mdounin.ru> wrote:

> Hello!
>
> On Sat, Apr 12, 2014 at 04:44:28PM -0700, Robert Paprocki wrote:
>
> > Hello,
> >
> > I have compiled nginx-1.5.13 with modsecurity-2.7.7 and am seeing
> > occasional segfaults when sending requests to the server. mod_security
> > was compiled as a standalone module per the instructions made available
> > at
> >
> https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#Installation_for_NGINX
> .
> > The segfaults appear sporadic and do not seem to match up with any given
> > request. Below is my nginx configuration:
>
> [...]
>
> > Also, a backtrace of the core dump:
> > (gdb) bt
> > #0 0x080a1827 in ngx_http_write_filter (r=0x83bb078, in=0x8baaa6c) at
> > src/http/ngx_http_write_filter_module.c:121
>
> This points to the following code line:
>
> cl->buf = ln->buf;
>
> That is, dereferencing ln->buf fails, which may only happen if the
> buffer chain ("in" argument) is broken.
>
> [...]
>
> > #8 0x080cfc78 in ngx_http_gunzip_body_filter (r=0x83bb078, in=0x8baaa6c)
> > at src/http/modules/ngx_http_gunzip_filter_module.c:184
> > #9 0x081146bd in ngx_http_modsecurity_body_filter (r=0x83bb078,
> > in=0xbf7ff8b4)
> > at
> >
> ../modsecurity-apache_2.7.7/nginx/modsecurity//ngx_http_modsecurity.c:1252
> > #10 0x08055381 in ngx_output_chain (ctx=0x8baa9b8, in=0xbf7ff8b4) at
> > src/core/ngx_output_chain.c:66
>
> And this clearly shows that the buffer chain was chaned by
> mod_security output body filter. Note "in" argument of
> mod_security ("in=0xbf7ff8b4") and gunzip filter which follows it
> ("in=0x8baaa6c").
>
> That is, from the backtrace it looks like mod_security changed the
> buffer chain and did it wrong, with a segfault as a result.
>
> --
> Maxim Dounin
> http://nginx.org/
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
nginx segfaulting with mod_security	Robert Paprocki	April 12, 2014 07:46PM
Re: nginx segfaulting with mod_security	Maxim Dounin	April 13, 2014 06:18AM
Re: nginx segfaulting with mod_security	flubber	April 13, 2014 06:30AM
Re: nginx segfaulting with mod_security	Robert Paprocki	April 13, 2014 11:44PM
Re: nginx segfaulting with mod_security	Maxim Dounin	April 14, 2014 06:46AM
Re: nginx segfaulting with mod_security	Robert Paprocki	April 14, 2014 04:32PM
OT / Re: nginx segfaulting with mod_security	mex	April 14, 2014 06:24PM
Re: OT / Re: nginx segfaulting with mod_security	Robert Paprocki	April 14, 2014 06:52PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 150

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018