Bug 46393 - ab segfaults in verbose mode on https sites
Summary: ab segfaults in verbose mode on https sites
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: support (show other bugs)
Version: 2.5-HEAD
Hardware: Other Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Keywords: FixedInTrunk
Depends on:
Reported: 2008-12-14 00:58 UTC by Stefan Fritsch
Modified: 2012-02-26 16:50 UTC (History)
0 users

fix (713 bytes, patch)
2008-12-14 00:58 UTC, Stefan Fritsch
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Fritsch 2008-12-14 00:58:43 UTC
Created attachment 23017 [details]

ab segfaults because it does a double free().

We got this bug report for Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495982

Ryan Niebur created the attached patch that fixes the issue.
Comment 1 Dan Poirier 2009-09-23 11:57:44 UTC
Reproduced on trunk.  Interestingly, I could not reproduce with a local server and a self-signed certificate, but using the URL from the original Debian bug report did trigger the seg fault.

Applied the fix, the seg fault went away.  Verified the doc for SSL_get_peer_cert_chain does say the reference count is not incremented, implying we must not free it.

Fix applied to trunk, r818204
Comment 2 Stefan Fritsch 2012-02-26 16:50:55 UTC
fixed in 2.4.1