Bug #3096: Segfaults in mod_openssl_cert_cb() (misconfigured lighttpd.conf) - Lighttpd - lighty labs

Actions

Copy link

Bug #3096

closed

Segfaults in mod_openssl_cert_cb() (misconfigured lighttpd.conf)

Added by bjornfor over 3 years ago. Updated over 3 years ago.

Status:

Invalid

Priority:

Normal

Category:

Target version:

1.4.x

ASK QUESTIONS IN Forums:

Description

Hi, I'm on lighttpd-1.4.59 and see segfaults in mod_openssl_cert_cb():

$ sudo coredumpctl debug
  ...
  warning: Unable to find libthread_db matching inferior's thread library, thread debugging will not be available.
  Core was generated by `/nix/store/v760939ywffha1y5gw2zgz4xxzpwlp2c-lighttpd-1.4.59/sbin/lighttpd -D -f'.
  Program terminated with signal SIGSEGV, Segmentation fault.
  #0  0x00007f081aabcaaa in mod_openssl_cert_cb (ssl=0x20cd090, arg=&lt;optimized out&gt;) at mod_openssl.c:1058
  1058    mod_openssl.c: No such file or directory.
  (gdb) bt
  #0  0x00007f081aabcaaa in mod_openssl_cert_cb (ssl=0x20cd090, arg=&lt;optimized out&gt;) at mod_openssl.c:1058
  #1  0x00007f081aa82b95 in tls_post_process_client_hello () from /nix/store/m3gdqvg4m7m0llr1f0izkh3kgiipd88p-openssl-1.1.1k/lib/libssl.so.1.1
  #2  0x00007f081aa71a9d in state_machine.part () from /nix/store/m3gdqvg4m7m0llr1f0izkh3kgiipd88p-openssl-1.1.1k/lib/libssl.so.1.1
  #3  0x00007f081aa46366 in ssl3_read_bytes () from /nix/store/m3gdqvg4m7m0llr1f0izkh3kgiipd88p-openssl-1.1.1k/lib/libssl.so.1.1
  #4  0x00007f081aa4e170 in ssl3_read () from /nix/store/m3gdqvg4m7m0llr1f0izkh3kgiipd88p-openssl-1.1.1k/lib/libssl.so.1.1
  #5  0x00007f081aa5aa03 in SSL_read () from /nix/store/m3gdqvg4m7m0llr1f0izkh3kgiipd88p-openssl-1.1.1k/lib/libssl.so.1.1
  #6  0x00007f081aabf237 in connection_read_cq_ssl (con=0x2043410, cq=0x20436c0, max_bytes=&lt;optimized out&gt;) at mod_openssl.c:2978
  #7  0x0000000000421d24 in connection_read_header_more (olen=&lt;optimized out&gt;, c=&lt;optimized out&gt;, cq=0x20436c0, con=0x2043410) at connections.c:618
  #8  connection_handle_read_state (con=0x2043410) at connections.c:757
  #9  0x0000000000423631 in connection_state_machine_loop (r=0x2043410, con=0x2043410) at connections.c:1079
  #10 0x0000000000422dcf in connection_state_machine_h1 (con=0x2043410, r=0x2043410) at connections.c:1418
  #11 connection_state_machine (con=0x2043410) at connections.c:1436
  #12 0x00000000004265dd in network_server_handle_fdevent (context=0x20361e0, revents=&lt;optimized out&gt;) at network.c:66
  #13 0x0000000000438be3 in fdevent_linux_sysepoll_poll (ev=0x203c380, timeout_ms=&lt;optimized out&gt;) at fdevent_linux_sysepoll.c:43
  #14 0x0000000000431804 in fdevent_poll (ev=0x203c380, timeout_ms=&lt;optimized out&gt;) at fdevent.c:436
  #15 0x000000000041f968 in server_main_loop (srv=0x1f95500) at server.c:1923
  #16 0x000000000040dedc in main (argc=4, argv=0x7ffe501b7d08) at server.c:1965

I'm not sure what exactly triggers it, it doesn't seem to happen all the time,
but it does happen several times a day (on my home server). Concretely, 44
times yesterday and 32 times so far today.

I started noticing the segfaults after I upgraded from NixOS 20.09 with
lighttpd-1.4.55 and openssl-1.1.1k to NixOS 21.05 with lighttpd-1.4.59 and
openssl-1.1.1k (unchanged).

Any ideas?