Project

General

Profile

Actions

Bug #3119

closed

Segfault on closing connections

Added by dinoex over 2 years ago. Updated over 2 years ago.

Status:
Duplicate
Priority:
Normal
Category:
core
Target version:
ASK QUESTIONS IN Forums:
No

Description

Segfault after updating to version 1.4.62

server crashed reproducable after a couple of seconds after an HTTPS url was accessed.
build withh pcre2

I guess there is a memory corruption before.

error.log:
2021-12-04 09:16:49: (connections.c.1467) connection closed - keep-alive timeout: 20

Program received signal SIGSEGV, Segmentation fault.
Address not mapped to object.
__free (ptr=<optimized out>) at jemalloc_jemalloc.c:2382
2382 jemalloc_jemalloc.c: No such file or directory.
(gdb) bt
#0 __free (ptr=<optimized out>) at jemalloc_jemalloc.c:2382
#1 0x00000008010cc1dd in BN_free () from /usr/local/lib/libcrypto.so.11
#2 0x0000000801120802 in EC_GROUP_free () from /usr/local/lib/libcrypto.so.11
#3 0x000000080111f067 in EC_KEY_free () from /usr/local/lib/libcrypto.so.11
#4 0x00000008011a4312 in EVP_PKEY_free () from /usr/local/lib/libcrypto.so.11
#5 0x0000000800f30d61 in ?? () from /usr/local/lib/libssl.so.11
#6 0x0000000800f3c5dc in SSL_free () from /usr/local/lib/libssl.so.11
#7 0x0000000800ee336e in handler_ctx_free (hctx=0x800e16ca0) at mod_openssl.c:205
#8 mod_openssl_handle_con_close (con=<optimized out>, p_d=0x80029f0b8) at mod_openssl.c:3444
#9 0x000000000024c24b in plugins_call_fn_con_data (con=0x801407900, e=10) at plugin.c:302
#10 plugins_call_handle_connection_close (con=0x801407900) at plugin.c:362
#11 0x0000000000227fa4 in connection_close (con=0x801407900) at connections.c:83
#12 0x0000000000228d22 in connection_state_machine_loop (r=0x801407900, con=0x801407900) at connections.c:167
#13 0x0000000000228545 in connection_state_machine_h1 (r=0x801407900, con=0x801407900) at connections.c:1378
#14 0x0000000000224587 in server_run_con_queue (joblist=<optimized out>, sentinel=<optimized out>) at server.c:1918
#15 server_main_loop (srv=0x8007e1000) at server.c:1971
#16 0x0000000000222aea in main (argc=4, argv=0x7fffffffea60) at server.c:2045


Related issues 1 (0 open1 closed)

Is duplicate of Bug #3118: Segfault after updating to version 1.4.62FixedActions
Actions #1

Updated by gstrauss over 2 years ago

  • Target version changed from 1.4.xx to 1.4.63

Does the patch I posted in #3118 fix the issue for you?

Actions #2

Updated by gstrauss over 2 years ago

  • Category changed from TLS to core
  • Status changed from New to Duplicate
Actions #3

Updated by gstrauss over 2 years ago

  • Is duplicate of Bug #3118: Segfault after updating to version 1.4.62 added
Actions #4

Updated by dinoex over 2 years ago

Yes, patching the 3 files fixed the issue, thanks.

Actions #5

Updated by gstrauss over 2 years ago

Thank you for reporting the error and verifying the patches. lighttpd 1.4.63 has been released with the fixes. Some more details are in #3118

Actions

Also available in: Atom