From nobody@hyperreal.com Thu Apr 10 11:34:17 1997 Received: (from nobody@localhost) by hyperreal.com (8.8.4/8.8.4) id LAA24244; Thu, 10 Apr 1997 11:34:17 -0700 (PDT) Message-Id: <199704101834.LAA24244@hyperreal.com> Date: Thu, 10 Apr 1997 11:34:17 -0700 (PDT) From: Christian Gilmore Reply-To: cgilmore@research.att.com To: apbugs@hyperreal.com Subject: core dump with introduction of suexec to apache 1.2b8 X-Send-Pr-Version: 3.2 >Number: 354 >Category: mod_cgi >Synopsis: core dump with introduction of suexec to apache 1.2b8 >Confidential: no >Severity: critical >Priority: medium >Responsible: apache >State: closed >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Thu Apr 10 11:40:01 1997 >Last-Modified: Tue Apr 22 02:24:31 PDT 1997 >Originator: cgilmore@research.att.com >Organization: >Release: 1.2b8 >Environment: IRIX akalice 5.3 11091812 IP22 mips gcc version 2.7.2 >Description: Prior to adding suexec into apache's sbin (/www/www/apache/sbin on my system), I was able to run scripts (as the server's owner) with the "AddHandler cgi-script .cgi" directive. The introduction of suexec has caused any attempt to run a cgi script from a user's directory to dump core. From what I could see from gdb's backtrace: Core was generated by `httpd'. Program terminated with signal 6, Abort. Reading symbols from /usr/lib/libc.so.1...backdone. #0 0xfae25d4 in _kill () at kill.s:15 kill.s:15: No such file or directory. (gdb) back #0 0xfae25d4 in _kill () at kill.s:15 #1 0xfae3930 in raise () at raise.c:22 #2 0xfb1735c in abort () at abort.c:37 #3 0x40e7d4 in seg_fault () #4 #5 0x4268c0 in call_exec () #6 0x43c13c in cgi_child () #7 0x40c844 in spawn_child_err () #8 0x43c580 in cgi_handler () #9 0x415e50 in invoke_handler () #10 0x41abf4 in process_request_internal () #11 0x41ac8c in process_request () #12 0x40fec4 in child_main () #13 0x410194 in make_child () #14 0x411004 in standalone_main () #15 0x4115dc in main () Current language: auto; currently asm (gdb) quit The error occurred after the mod_cgi call to util_script.c's call_exec function. I've checked and re-checked the configuration of suexec and it all appears to be in order. If you like, I'd be happy to send you my configuration files for the server and suexec.h. Here's what the logs had to say. The cgi_log file named in suexec.h was never created/written to. access_log: maestro.research.att.com - - [10/Apr/1997:14:06:56 -0400] "GET /~cgilmore/testksh.cgi HTTP/1.0" 500 404 error_log: [Thu Apr 10 14:06:56 1997] access to /usr/cgilmore/wwwfiles/testksh.cgi failed for maestro.research.att.com, reason: Premature end of script headers script_log: %% [Thu Apr 10 14:06:56 1997] GET /~cgilmore/testksh.cgi HTTP/1.0 %% 500 /usr/cgilmore/wwwfiles/testksh.cgi %request Connection: Keep-Alive User-Agent: Mozilla/2.01S (X11; I; IRIX 5.3 IP22) Host: www.research.att.com:4000 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */* %response %stderr [Thu Apr 10 14:06:56 1997] httpd: caught SIGSEGV, attempting to dump core in /www/www/apache The script testksh.cgi (that I believe is never called): #!/bin/ksh echo "Content-type: text/html" echo echo "

Working?

" >How-To-Repeat: This is an internal server, so I can't give you a usable URL. The only response you would get would be an "Internal Error" message, in any event. >Fix: >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: dgaudet State-Changed-When: Tue Apr 22 02:24:30 PDT 1997 State-Changed-Why: User gives solution to this problem in PR#367. Just cleaning up. >Unformatted: