Project

General

Profile

Bug #2958

lighttpd 1.4.54 segfaults on start in mod_webdav

Added by flynn 4 months ago. Updated 4 months ago.

Status:
Fixed
Priority:
Normal
Assignee:
-
Category:
mod_webdav
Target version:
Start date:
2019-06-05
Due date:
% Done:

100%

Estimated time:
Missing in 1.5.x:

Description

Using the new webdav module, lighttpd crashes on start. The sqlite database /var/cache/lighttpd/lighttpd.webdav.db is created and has a schema.

Just start lighttpd with webdav module enabled and the following webdav configuration:

server.modules += ( "mod_webdav" )
webdav.sqlite-db-name = "/var/cache/lighttpd/lighttpd.webdav.db" 

I get the following backtrace in gdb:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff71ccfa5 in buffer_is_empty (b=0x1) at buffer.h:197
197    buffer.h: Datei oder Verzeichnis nicht gefunden.
(gdb) bt
#0  0x00007ffff71ccfa5 in buffer_is_empty (b=0x1) at buffer.h:197
#1  mod_webdav_worker_init (srv=0x5555555b3e70, p_d=<optimized out>) at mod_webdav.c:1280
#2  0x000055555556aa14 in plugins_call_worker_init (srv=0x5555555b3e70) at plugin.c:352
#3  0x0000555555560b76 in server_main (srv=<optimized out>, argc=<optimized out>, argv=<optimized out>) at server.c:1787
#4  0x0000555555561273 in main (argc=4, argv=0x7fffffffeb48) at server.c:2080

Associated revisions

Revision 075241c7 (diff)
Added by gstrauss 4 months ago

[mod_webdav] fix startup crash w/ multiple conds (fixes #2958)

(thx flynn)

x-ref:
"lighttpd 1.4.54 segfaults on start in mod_webdav"
https://redmine.lighttpd.net/issues/2958

History

#1

Updated by flynn 4 months ago

Im proved stackstrace with source files:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff71ccfa5 in buffer_is_empty (b=0x1) at buffer.h:197
197        return NULL == b || 0 == b->used;
(gdb) bt
#0  0x00007ffff71ccfa5 in buffer_is_empty (b=0x1) at buffer.h:197
#1  mod_webdav_worker_init (srv=0x5555555b3e70, p_d=<optimized out>) at mod_webdav.c:1280
#2  0x000055555556aa14 in plugins_call_worker_init (srv=0x5555555b3e70) at plugin.c:352
#3  0x0000555555560b76 in server_main (srv=<optimized out>, argc=<optimized out>, argv=<optimized out>) at server.c:1787
#4  0x0000555555561273 in main (argc=4, argv=0x7fffffffeb38) at server.c:2080
#2

Updated by gstrauss 4 months ago

  • Status changed from New to Patch Pending
  • Target version changed from 1.4.x to 1.4.55

Looks like I missed converting some code from my alternate branch three years ago, where p->config_storage was (plugin_config *) not (plugin_config **) as it is in lighttpd 1.4.

This should fix it. I will test later this evening.

--- a/src/mod_webdav.c
+++ b/src/mod_webdav.c
@@ -1276,7 +1276,8 @@ SERVER_FUNC(mod_webdav_worker_init)
      */
     plugin_data * const p = (plugin_data *)p_d;
     plugin_config *s = p->config_storage[0];
-    for (int n_context = p->nconfig+1; --n_context; ++s) {
+    const int n_context = p->nconfig;
+    for (int i = 0; i < n_context; ++i) {
         if (!buffer_is_empty(s->sqlite_db_name)
             && mod_webdav_sqlite3_prep(s->sql, s->sqlite_db_name, srv->errh)
                == HANDLER_ERROR)
#3

Updated by gstrauss 4 months ago

The above patch is incorrect and won't process webdav directives which are not in the global scope. Here is a patch that will.

--- a/src/mod_webdav.c
+++ b/src/mod_webdav.c
@@ -1275,8 +1275,8 @@ SERVER_FUNC(mod_webdav_worker_init)
      *   across a fork() system call into the child process.
      */
     plugin_data * const p = (plugin_data *)p_d;
-    plugin_config *s = p->config_storage[0];
-    for (int n_context = p->nconfig+1; --n_context; ++s) {
+    for (int i = 0; i < p->nconfig; ++i) {
+        plugin_config *s = p->config_storage[i];
         if (!buffer_is_empty(s->sqlite_db_name)
             && mod_webdav_sqlite3_prep(s->sql, s->sqlite_db_name, srv->errh)
                == HANDLER_ERROR)
#4

Updated by gstrauss 4 months ago

  • Status changed from Patch Pending to Fixed
  • % Done changed from 0 to 100
#5

Updated by flynn 4 months ago

I tested this patch and lighttpd starts now with webdav module.

Litmus tests run through with one error/warning:

3. propfind_invalid2..... FAIL (PROPFIND with invalid namespace declaration in body (see FAQ) got 207 response not 400)

#6

Updated by gstrauss 4 months ago

flynn, that is explained in the lighttpd documentation for mod_webdav litmus tests

Also available in: Atom