DO NOT REPLY New: - mod_authz_groupfile.c causes a segfault when r->user is not set

Email lists > Apache Server Bugs Discussion

Thread: DO NOT REPLY New: - mod_authz_groupfile.c causes a segfault when r->user is not set

Search this list only Search all lists
DO NOT REPLY New: - mod_authz_groupfile.c causes a segfault when r->user is not set
United States	2007-07-29 21:19:26
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42 995>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=42995 Summary: mod_authz_groupfile.c causes a segfault when r->user is not set Product: Apache httpd-2 Version: 2.2.4 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Core AssignedTo: bugshttpd.apache.org ReportedBy: nickcpanel.net ap_hook_auth_checker(check_user_access, aszPre, NULL, APR_HOOK_MIDDLE); -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=ema il ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. ------------------------------------------------------------ --------- To unsubscribe, e-mail: bugs-unsubscribehttpd.apache.org For additional commands, e-mail: bugs-helphttpd.apache.org

DO NOT REPLY - mod_authz_groupfile.c causes a segfault when r->user is not set
United States	2007-07-29 21:38:34


DO NOT REPLY - mod_authz_groupfile.c causes a segfault when r->user is not set
United States	2007-07-29 21:40:46
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42 995>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=42995 ------- Additional Comments From nickcpanel.net 2007-07-29 19:40 ------- Should this be a ap_hook_check_user_id instead of ap_hook_auth_checker.. Based on the comment on line 309 on mod_authz_host.c I'd say it does but I'm really not sure when it comes to apache guts: /* This can be access checker since we don't require r->user to be set. */ -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=ema il ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. ------------------------------------------------------------ --------- To unsubscribe, e-mail: bugs-unsubscribehttpd.apache.org For additional commands, e-mail: bugs-helphttpd.apache.org

DO NOT REPLY - mod_authz_groupfile.c causes a segfault when r->user is not set
United States	2007-07-30 14:34:05
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42 995>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=42995 rpluemapache.org changed: What \|Removed \|Added ------------------------------------------------------------ ---------------- Status\|NEW \|NEEDINFO ------- Additional Comments From rpluemapache.org 2007-07-30 12:34 ------- (In reply to comment #2) > Should this be a ap_hook_check_user_id instead of ap_hook_auth_checker.. No. The check_user_id hook is for authentication. mod_authz_groupfile performs authorization. Therefore it needs to be in the auth_checker hook. Furthermore it can only do its job in a meaningful manner if r->user is set (that does not mean that it should crash if r->user is NULL). Could you please provide the configuration that causes this crash? This could be helpful for reproducing the crash. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=ema il ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. ------------------------------------------------------------ --------- To unsubscribe, e-mail: bugs-unsubscribehttpd.apache.org For additional commands, e-mail: bugs-helphttpd.apache.org

DO NOT REPLY - mod_authz_groupfile.c causes a segfault when r->user is not set
United States	2007-07-30 15:10:00
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42 995>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=42995 ------- Additional Comments From nickcpanel.net 2007-07-30 13:10 ------- Created an attachment (id=20567) --> (http://issues.apache.org/bugzilla/attac hment.cgi?id=20567&action=view) Sample .htaccess file -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=ema il ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. ------------------------------------------------------------ --------- To unsubscribe, e-mail: bugs-unsubscribehttpd.apache.org For additional commands, e-mail: bugs-helphttpd.apache.org

DO NOT REPLY - mod_authz_groupfile.c causes a segfault when r->user is not set
United States	2007-07-30 15:11:00
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42 995>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=42995 ------- Additional Comments From nickcpanel.net 2007-07-30 13:11 ------- Created an attachment (id=20568) --> (http://issues.apache.org/bugzilla/attac hment.cgi?id=20568&action=view) sample module that make condition apparent. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=ema il ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. ------------------------------------------------------------ --------- To unsubscribe, e-mail: bugs-unsubscribehttpd.apache.org For additional commands, e-mail: bugs-helphttpd.apache.org

DO NOT REPLY - mod_authz_groupfile.c causes a segfault when r->user is not set
United States	2007-07-30 15:12:54
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42 995>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=42995 ------- Additional Comments From nickcpanel.net 2007-07-30 13:12 ------- The module has been stripped down the the bare minimum needed to make the condition happen. To reproduce /usr/local/apache/bin/apxs -c mod_bug.c /usr/local/apache/bin/apxs -i -a -n bug mod_bug.la Visit site with .htaccess (attached) installed ... make sure you have a group file with anything it in. [Mon Jul 30 15:08:35 2007] [error] [client 198.66.78.2] wait for it [Mon Jul 30 15:08:35 2007] [notice] child pid 18505 exit signal Segmentation fault (11) -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=ema il ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. ------------------------------------------------------------ --------- To unsubscribe, e-mail: bugs-unsubscribehttpd.apache.org For additional commands, e-mail: bugs-helphttpd.apache.org

DO NOT REPLY - mod_authz_groupfile.c causes a segfault when r->user is not set
United States	2007-07-30 15:51:49
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42 995>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=42995 ------- Additional Comments From rpluemapache.org 2007-07-30 13:51 ------- Please provide a configuration that makes this problem reproducible with a vanilla apache. If this only occurs with third party modules it is a bug in the third party module even if mod_authz_group should not seg fault. An authentication module should set r->user. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=ema il ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. ------------------------------------------------------------ --------- To unsubscribe, e-mail: bugs-unsubscribehttpd.apache.org For additional commands, e-mail: bugs-helphttpd.apache.org

DO NOT REPLY - mod_authz_groupfile.c causes a segfault when r->user is not set
United States	2007-07-30 15:55:35
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42 995>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=42995 ------- Additional Comments From nickcpanel.net 2007-07-30 13:55 ------- Its pretty easy to work around by setting r->user but in this case I'm just making up a value to keep it from crashing. (r->user = "********") It really would be nice to not have this hack though. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=ema il ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. ------------------------------------------------------------ --------- To unsubscribe, e-mail: bugs-unsubscribehttpd.apache.org For additional commands, e-mail: bugs-helphttpd.apache.org

[1-9]

about | contact Other archives ( Real Estate discussion Medical topics )