Re: [Mod-security-developers] Make test failed
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] Make test failed
|
From: Breno S. <bre...@gm...> - 2013-05-22 14:02:27
|
Maybe i can replace this test by another regex.
On Wed, May 22, 2013 at 10:57 AM, Pavel Mateja <pa...@ne...> wrote:
> > I'm testing with an external tool that uses libpcre and it is failing to
> > compile this regex too.
> > So i'm start thinking (?^ syntax is not supported by libpcre ?
>
> As I wrote in first email the 2.7.2 was able to run all tests on the same
> server running Debian Wheezy. I was just recompiling apache with modules
> against new libraries.
> It might be problem with newer version of libpcre in Squeeze.
> --
> Pavel Mateja
>
> > On Wed, May 22, 2013 at 9:53 AM, Breno Silva <bre...@gm...>
> wrote:
> > > Yes. Looks like for some reason the regex is not being compiled.
> > >
> > > I will investigate it
> > >
> > > On Wed, May 22, 2013 at 9:47 AM, Pavel Mateja <pa...@ne...>
> wrote:
> > >> > You should do:
> > >> >
> > >> > Make sure there is a core dump area with something like:
> > >> > CoreDumpDirectory /tmp
> > >> >
> > >> > Make sure limits are set to dump core:
> > >> > ulimit -c unlimited
> > >> >
> > >> > Restart and trigger the error. A core file should be in the
> directory
> > >> > you specified.
> > >> >
> > >> > Then use gdb to get a backtrace:
> > >> >
> > >> > gdb /path/to/httpd /path/to/core --batch --quiet \
> > >> >
> > >> > -ex "thread apply all bt full" > backtrace.log
> > >>
> > >> Hi again. I'm confused.
> > >>
> > >> The bug is triggered by msc_test forked by make test not httpd. Just
> > >> like the
> > >> core says:
> > >> core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV),
> > >> SVR4-style, from
> > >> './msc_test -t op -n rx -p
> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)
> > >> -D 0
> > >> -r'
> > >> And gdb complains about right binary:
> > >> warning: core file may not match specified executable file.
> > >>
> > >> I tried to get backtrace against msc_test but I got:
> > >> warning: Can't read pathname for load map: Input/output error.
> > >> and the backtrace is useless:
> > >>
> > >> [New LWP 2179]
> > >> [Thread debugging using libthread_db enabled]
> > >> Using host libthread_db library "/lib/i386-linux-
> > >> gnu/i686/nosegneg/libthread_db.so.1".
> > >> Core was generated by `./msc_test -t op -n rx -p
> > >> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
> > >> Program terminated with signal 11, Segmentation fault.
> > >> #0 0x080561d6 in msre_op_rx_execute ()
> > >>
> > >> Thread 1 (Thread 0x4046c870 (LWP 2179)):
> > >> #0 0x080561d6 in msre_op_rx_execute ()
> > >> No symbol table info available.
> > >> #1 0x0804c40e in test_op ()
> > >> No symbol table info available.
> > >> #2 0x0804d9d3 in main ()
> > >> No symbol table info available.
> > >> --
> > >> Pavel Mateja
> > >>
> > >> > On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...>
> wrote:
> > >> > > > Hello Pavel,
> > >> > > >
> > >> > > > Are you running make CFLAGS=-DMSC_TEST test right ?
> > >> > >
> > >> > > Yes, I am.
> > >> > >
> > >> > > > Can you send me your backtrace ?
> > >> > >
> > >> > > Sure. What exactly do you need?
> > >> > >
> > >> > > > Thanks
> > >> > > >
> > >> > > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <
> > >>
> > >> rai...@ki...
> > >>
> > >> > > >wrote:
> > >> > > > > On 22.05.2013 10:22, Pavel Mateja wrote:
> > >> > > > > > Hi guys,
> > >> > > > > > I've upgraded our debian servers from wheezy to squeeze and
> I
> > >>
> > >> can't
> > >>
> > >> > > > > > pass
> > >> > > > >
> > >> > > > > "make
> > >> > > > >
> > >> > > > > > test" of modsecurity any more:
> > >> > > > > >
> > >> > > > > > Loaded 8 tests from ./op/rx.t
> > >> > > > > >
> > >> > > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > >> > > > > > 2) op "rx": passed
> > >> > > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > >> > > > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> > >> > > > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> > >> > > > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> > >> > > > > > 7) op "rx": passed
> > >> > > > > >
> > >> > > > > > ERROR: Failed to create rule for op "rx": Error creating
> rule:
> > >> > > > > > Error
> > >> > > > >
> > >> > > > > compiling
> > >> > > > >
> > >> > > > > > pattern (offset 2): unrecognized character after (? or (?-
> > >> > > > > > Test exited with signal 11.
> > >> > > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> > >> > > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0"
> "-r"
> > >>
> > >> "1"
> > >>
> > >> > > > > > 8) op "rx": failed
> > >> > > > > >
> > >> > > > > > Passed: 7; Failed: 1
> > >> > > > > >
> > >> > > > > > I've tried version 2.7.2 which passed test on old debian and
> > >>
> > >> latest
> > >>
> > >> > > > > 2.7.3.
> > >> > > > >
> > >> > > > > > Both failed on the same place.
> > >> > > > > >
> > >> > > > > > Compilation parameters were:
> > >> > > > > > ./configure --prefix=/apache/modules/
> > >>
> > >> --with-apxs=/apache/bin/apxs
> > >>
> > >> > > > > --with-
> > >> > > > >
> > >> > > > > > apr=/apache/bin/apr-1-config
> > >> > > > > > --with-apu=/apache/bin/apu-1-config
> > >> > > > >
> > >> > > > > --enable-pcre-
> > >> > > > >
> > >> > > > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
> > >> > > > >
> > >> > > > > --disable-mlogc
> > >> > > > >
> > >> > > > > Since it exits with signal 11 it might be related to this bug:
> > >> > > > >
> > >> > > > > https://github.com/SpiderLabs/ModSecurity/issues/23
> > >> > > > >
> > >> > > > > It was fixed in this commit
> > >>
> > >>
> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e631
> > >> 7
> > >>
> > >> > > > > af1680f2a007aead
> > >> > > > >
> > >> > > > > and should be part of 2.7.2 and later. Maybe the fix didn't
> > >> > > > > catch
> > >>
> > >> all
> > >>
> > >> > > > > similar situations?
> > >> > > > >
> > >> > > > > Regards,
> > >> > > > >
> > >> > > > > Rainer
> > >>
> > >>
> ------------------------------------------------------------------------
> > >> -
> > >>
> > >> > > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > >> > > > > New Relic is the only SaaS-based application performance
> > >>
> > >> monitoring
> > >>
> > >> > > > > service that delivers powerful full stack analytics. Optimize
> > >> > > > > and monitor your browser, app, & servers with just a few lines
> > >> > > > > of
> > >>
> > >> code.
> > >>
> > >> > > > > Try New Relic and get this awesome Nerd Life shirt!
> > >> > > > > http://p.sf.net/sfu/newrelic_d2d_may
> > >> > > > > _______________________________________________
> > >> > > > > mod-security-developers mailing list
> > >> > > > > mod...@li...
> > >>
> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > >>
> > >> > > > > ModSecurity Services from Trustwave's SpiderLabs:
> > >> > > > > https://www.trustwave.com/spiderLabs.php
> > >> > >
> > >> > > --
> > >> > > Pavel Mateja
> > >>
> > >>
> ------------------------------------------------------------------------
> > >> -
> > >>
> > >> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > >> > > New Relic is the only SaaS-based application performance
> monitoring
> > >> > > service that delivers powerful full stack analytics. Optimize and
> > >> > > monitor your browser, app, & servers with just a few lines of
> code.
> > >>
> > >> Try
> > >>
> > >> > > New Relic and get this awesome Nerd Life shirt!
> > >> > > http://p.sf.net/sfu/newrelic_d2d_may
> > >> > > _______________________________________________
> > >> > > mod-security-developers mailing list
> > >> > > mod...@li...
> > >> > >
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > >> > > ModSecurity Services from Trustwave's SpiderLabs:
> > >> > > https://www.trustwave.com/spiderLabs.php
> > >>
> > >>
> ------------------------------------------------------------------------
> > >> ------ Try New Relic Now & We'll Send You this Cool Shirt
> > >> New Relic is the only SaaS-based application performance monitoring
> > >> service
> > >> that delivers powerful full stack analytics. Optimize and monitor your
> > >> browser, app, & servers with just a few lines of code. Try New Relic
> > >> and get this awesome Nerd Life shirt!
> > >> http://p.sf.net/sfu/newrelic_d2d_may
> > >> _______________________________________________
> > >> mod-security-developers mailing list
> > >> mod...@li...
> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > >> ModSecurity Services from Trustwave's SpiderLabs:
> > >> https://www.trustwave.com/spiderLabs.php
>
>
> ------------------------------------------------------------------------------
> Try New Relic Now & We'll Send You this Cool Shirt
> New Relic is the only SaaS-based application performance monitoring service
> that delivers powerful full stack analytics. Optimize and monitor your
> browser, app, & servers with just a few lines of code. Try New Relic
> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
|
