Bug 65575 - Segmentation fault when backend answers with a response not containing the last CRLF
Summary: Segmentation fault when backend answers with a response not containing the la...
Status: NEEDINFO
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_proxy (show other bugs)
Version: 2.4.48
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-09-16 10:52 UTC by sandwood
Modified: 2021-09-16 11:51 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description sandwood 2021-09-16 10:52:16 UTC
If an answering backend sends a ill-formatted http response, 
where instead of two CRLF there is only one, segmentation fault occurs.

Regression since 2.4.46 where there is no error. 

Segfault occurs when trying to log this error  in protocol.c:line 1021 in function ap_get_mime_headers_core : 

Ultimately this will call function gen_unique_id (mod_unique_id.c)  which has been changed for getting the connection current thread (line 194)  but this one is NULL  leading to the segmentation fault.

Other logging related to backend connection not tested, maybe there are impacted too.
Comment 1 Ruediger Pluem 2021-09-16 11:51:29 UTC
Can you please recheck with the just released 2.4.49? This part of the code of mod_unique_id has been reverted in the release.