Re: [Mod-security-developers] Make test failed
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] Make test failed
|
From: Breno S. <bre...@gm...> - 2013-05-22 13:44:34
|
I'm testing with an external tool that uses libpcre and it is failing to
compile this regex too.
So i'm start thinking (?^ syntax is not supported by libpcre ?
On Wed, May 22, 2013 at 9:53 AM, Breno Silva <bre...@gm...> wrote:
> Yes. Looks like for some reason the regex is not being compiled.
>
> I will investigate it
>
>
> On Wed, May 22, 2013 at 9:47 AM, Pavel Mateja <pa...@ne...> wrote:
>
>> > You should do:
>> >
>> > Make sure there is a core dump area with something like:
>> >
>> > CoreDumpDirectory /tmp
>> >
>> > Make sure limits are set to dump core:
>> >
>> > ulimit -c unlimited
>> >
>> > Restart and trigger the error. A core file should be in the directory
>> > you specified.
>> >
>> > Then use gdb to get a backtrace:
>> >
>> > gdb /path/to/httpd /path/to/core --batch --quiet \
>> > -ex "thread apply all bt full" > backtrace.log
>>
>> Hi again. I'm confused.
>>
>> The bug is triggered by msc_test forked by make test not httpd. Just like
>> the
>> core says:
>> core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV), SVR4-style,
>> from
>> './msc_test -t op -n rx -p (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)
>> -D 0
>> -r'
>> And gdb complains about right binary:
>> warning: core file may not match specified executable file.
>>
>> I tried to get backtrace against msc_test but I got:
>> warning: Can't read pathname for load map: Input/output error.
>> and the backtrace is useless:
>>
>> [New LWP 2179]
>> [Thread debugging using libthread_db enabled]
>> Using host libthread_db library "/lib/i386-linux-
>> gnu/i686/nosegneg/libthread_db.so.1".
>> Core was generated by `./msc_test -t op -n rx -p
>> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
>> Program terminated with signal 11, Segmentation fault.
>> #0 0x080561d6 in msre_op_rx_execute ()
>>
>> Thread 1 (Thread 0x4046c870 (LWP 2179)):
>> #0 0x080561d6 in msre_op_rx_execute ()
>> No symbol table info available.
>> #1 0x0804c40e in test_op ()
>> No symbol table info available.
>> #2 0x0804d9d3 in main ()
>> No symbol table info available.
>> --
>> Pavel Mateja
>>
>> > On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...> wrote:
>> > > > Hello Pavel,
>> > > >
>> > > > Are you running make CFLAGS=-DMSC_TEST test right ?
>> > >
>> > > Yes, I am.
>> > >
>> > > > Can you send me your backtrace ?
>> > >
>> > > Sure. What exactly do you need?
>> > >
>> > > > Thanks
>> > > >
>> > > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <
>> rai...@ki...
>> > > >
>> > > >wrote:
>> > > > > On 22.05.2013 10:22, Pavel Mateja wrote:
>> > > > > > Hi guys,
>> > > > > > I've upgraded our debian servers from wheezy to squeeze and I
>> can't
>> > > > > > pass
>> > > > >
>> > > > > "make
>> > > > >
>> > > > > > test" of modsecurity any more:
>> > > > > >
>> > > > > > Loaded 8 tests from ./op/rx.t
>> > > > > >
>> > > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > > > > > 2) op "rx": passed
>> > > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > > > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
>> > > > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
>> > > > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
>> > > > > > 7) op "rx": passed
>> > > > > >
>> > > > > > ERROR: Failed to create rule for op "rx": Error creating rule:
>> > > > > > Error
>> > > > >
>> > > > > compiling
>> > > > >
>> > > > > > pattern (offset 2): unrecognized character after (? or (?-
>> > > > > > Test exited with signal 11.
>> > > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
>> > > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r"
>> "1"
>> > > > > >
>> > > > > > 8) op "rx": failed
>> > > > > >
>> > > > > > Passed: 7; Failed: 1
>> > > > > >
>> > > > > > I've tried version 2.7.2 which passed test on old debian and
>> latest
>> > > > >
>> > > > > 2.7.3.
>> > > > >
>> > > > > > Both failed on the same place.
>> > > > > >
>> > > > > > Compilation parameters were:
>> > > > > > ./configure --prefix=/apache/modules/
>> --with-apxs=/apache/bin/apxs
>> > > > >
>> > > > > --with-
>> > > > >
>> > > > > > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
>> > > > >
>> > > > > --enable-pcre-
>> > > > >
>> > > > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
>> > > > >
>> > > > > --disable-mlogc
>> > > > >
>> > > > > Since it exits with signal 11 it might be related to this bug:
>> > > > >
>> > > > > https://github.com/SpiderLabs/ModSecurity/issues/23
>> > > > >
>> > > > > It was fixed in this commit
>> > >
>> > >
>> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317
>> > >
>> > > > > af1680f2a007aead
>> > > > >
>> > > > > and should be part of 2.7.2 and later. Maybe the fix didn't catch
>> all
>> > > > > similar situations?
>> > > > >
>> > > > > Regards,
>> > > > >
>> > > > > Rainer
>> > >
>> > >
>> -------------------------------------------------------------------------
>> > >
>> > > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>> > > > > New Relic is the only SaaS-based application performance
>> monitoring
>> > > > > service that delivers powerful full stack analytics. Optimize and
>> > > > > monitor your browser, app, & servers with just a few lines of
>> code.
>> > > > > Try New Relic and get this awesome Nerd Life shirt!
>> > > > > http://p.sf.net/sfu/newrelic_d2d_may
>> > > > > _______________________________________________
>> > > > > mod-security-developers mailing list
>> > > > > mod...@li...
>> > > > >
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > > > > ModSecurity Services from Trustwave's SpiderLabs:
>> > > > > https://www.trustwave.com/spiderLabs.php
>> > >
>> > > --
>> > > Pavel Mateja
>> > >
>> > >
>> > >
>> -------------------------------------------------------------------------
>> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>> > > New Relic is the only SaaS-based application performance monitoring
>> > > service that delivers powerful full stack analytics. Optimize and
>> > > monitor your browser, app, & servers with just a few lines of code.
>> Try
>> > > New Relic and get this awesome Nerd Life shirt!
>> > > http://p.sf.net/sfu/newrelic_d2d_may
>> > > _______________________________________________
>> > > mod-security-developers mailing list
>> > > mod...@li...
>> > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > > ModSecurity Services from Trustwave's SpiderLabs:
>> > > https://www.trustwave.com/spiderLabs.php
>>
>>
>> ------------------------------------------------------------------------------
>> Try New Relic Now & We'll Send You this Cool Shirt
>> New Relic is the only SaaS-based application performance monitoring
>> service
>> that delivers powerful full stack analytics. Optimize and monitor your
>> browser, app, & servers with just a few lines of code. Try New Relic
>> and get this awesome Nerd Life shirt!
>> http://p.sf.net/sfu/newrelic_d2d_may
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>>
>
>
|
