Opened 9 years ago

Closed 9 years ago

#37 closed defect (fixed)

SEGFAULT when testing syntax

Reported by: www.google.com/accounts/o8/id?id=AItOawn4-PLPDRvUy9amcGwVzi74Lox5Uiyk928 Owned by: Maxim Dounin
Priority: minor Milestone:
Component: nginx-module Version: 1.1.x
Keywords: stub_status Cc:
uname -a: Linux ***.com 2.6.36 #4 SMP Mon Feb 21 17:48:32 CET 2011 x86_64 Intel(R) Xeon(R) CPU L5630 @ 2.13GHz GenuineIntel GNU/Linux
nginx -V: nginx: nginx version: nginx/1.1.6
nginx: built by gcc 4.4.0 (GCC)
nginx: TLS SNI support enabled
nginx: configure arguments: --prefix=/usr --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --user=nobody --group=nobody --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --add-module=syslog --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/tmp --http-proxy-temp-path=/tmp --without-http_fastcgi_module --without-http_uwsgi_module --without-http_scgi_module

Description

nginx is segfaulting in src/core/ngx_string.c:253 when running syntax check (-t).
It seems to be related to module stub_status

Here is gdb session :

(gdb) break src/core/ngx_string.c:251
Breakpoint 1 at 0x40b6a8: file src/core/ngx_string.c, line 251.
(gdb) run -t
Starting program: /usr/sbin/nginx -t
[...]

Breakpoint 1, ngx_vslprintf (buf=0x685b1e "", last=0xffffffffffffffff <Address 0xffffffffffffffff out of bounds>,

fmt=0x4633d1 "s, %02d %s %4d %02d:%02d:%02d GMT", args=0x7fffffffe370) at src/core/ngx_string.c:252

[...]
(gdb) info args
buf = 0x685b1e ""
last = 0xffffffffffffffff <Address 0xffffffffffffffff out of bounds>
fmt = 0x4633d1 "s, %02d %s %4d %02d:%02d:%02d GMT"
args = 0x7fffffffe370

(gdb) continue
[... 5 breakpoints at the same point, continue anyway]

Breakpoint 1, ngx_vslprintf (buf=0x7fffffffd64f "", last=0x7fffffffddf0 "(", fmt=0x46b74c "s:%ui", args=0x7fffffffddf0)

at src/core/ngx_string.c:252

252 in src/core/ngx_string.c
(gdb) continue
Continuing.

Program received signal SIGSEGV, Segmentation fault.
ngx_vslprintf (buf=0x7fffffffd64f "", last=0x7fffffffddf0 "(", fmt=0x46b74c "s:%ui", args=0x7fffffffddf0) at src/core/ngx_string.c:253
253 in src/core/ngx_string.c

(gdb) info args
buf = 0x7fffffffd64f ""
last = 0x7fffffffddf0 "("
fmt = 0x46b74c "s:%ui"
args = 0x7fffffffddf0


Nginx config file content


http {

ssl on;
server {

listen 80;
stub_status on;

}

}

Attachments (1)

patch-nginx-ssl-config.txt (1.1 KB ) - added by Maxim Dounin 9 years ago.

Download all attachments as: .zip

Change History (5)

by Maxim Dounin, 9 years ago

Attachment: patch-nginx-ssl-config.txt added

comment:1 by Maxim Dounin, 9 years ago

Owner: changed from somebody to Maxim Dounin
Status: newassigned

Thank you for report. It's the problem in ssl module, attached patch fixes it.

comment:2 by Maxim Dounin, 9 years ago

In [4235/nginx]:

(The changeset message doesn't reference this ticket)

comment:3 by is, 9 years ago

In [4246/nginx]:

(The changeset message doesn't reference this ticket)

comment:4 by Maxim Dounin, 9 years ago

Resolution: fixed
Status: assignedclosed

Fix committed (and merged into stable), thanks.

Note: See TracTickets for help on using tickets.