Apache Mod-Python - Created: (MODPYTHON-58) _apache._global_lock results in segfault when index > numbe

This is Interesting: Free IT Magazines  
Home > Archive > Apache Mod-Python > June 2005 > Created: (MODPYTHON-58) _apache._global_lock results in segfault when index > numbe





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Created: (MODPYTHON-58) _apache._global_lock results in segfault when index > numbe
Jim Gallacher (JIRA)

2005-06-01, 5:46 pm

_apache._global_lock results in segfault when index > number of mutexes
-----------------------------------------------------------------------

Key: MODPYTHON-58
URL: http://issues.apache.org/jira/browse/MODPYTHON-58
Project: mod_python
Type: Bug
Components: core
Versions: 3.1.3, 3.2.0, 3.1.4
Environment: All
Reporter: Jim Gallacher
Priority: Minor


All of the following calls will cause a segfault when the index is greater than the number of global mutexes available or index < -1.

eg. 32 mutexes created on apache startup

index = 100
_apache._global_lock(req.server, None, index)
_global_unlock(req.server, None, index)
_apache._global_trylock(req.server, None, index)

For all of the corresponding functions in _apachemodule.c, the value of index is not checked before using it to access the contents of the global array of mutex locks.

eg.
rv = apr_global_mutex_lock(glb->g_locks[index]);

I'll attach a patch for all three functions that does this check.

eg.

if ((index > (glb->nlocks)) || (index < -1)) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
"Index %d is out of range for number of global mutex locks", index);
PyErr_SetString(PyExc_ValueError,
"Lock index is out of range for number of global mutex locks");
return NULL;
}

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com