Re: [Mod-security-developers] Make test failed
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] Make test failed
|
From: Breno S. <bre...@gm...> - 2013-05-22 14:05:30
|
Could you tell me your libpcre version (compiled and linked) ?
You can run apache and get it in the error.log
On Wed, May 22, 2013 at 11:02 AM, Breno Silva <bre...@gm...> wrote:
> Maybe i can replace this test by another regex.
>
>
> On Wed, May 22, 2013 at 10:57 AM, Pavel Mateja <pa...@ne...> wrote:
>
>> > I'm testing with an external tool that uses libpcre and it is failing to
>> > compile this regex too.
>> > So i'm start thinking (?^ syntax is not supported by libpcre ?
>>
>> As I wrote in first email the 2.7.2 was able to run all tests on the same
>> server running Debian Wheezy. I was just recompiling apache with modules
>> against new libraries.
>> It might be problem with newer version of libpcre in Squeeze.
>> --
>> Pavel Mateja
>>
>> > On Wed, May 22, 2013 at 9:53 AM, Breno Silva <bre...@gm...>
>> wrote:
>> > > Yes. Looks like for some reason the regex is not being compiled.
>> > >
>> > > I will investigate it
>> > >
>> > > On Wed, May 22, 2013 at 9:47 AM, Pavel Mateja <pa...@ne...>
>> wrote:
>> > >> > You should do:
>> > >> >
>> > >> > Make sure there is a core dump area with something like:
>> > >> > CoreDumpDirectory /tmp
>> > >> >
>> > >> > Make sure limits are set to dump core:
>> > >> > ulimit -c unlimited
>> > >> >
>> > >> > Restart and trigger the error. A core file should be in the
>> directory
>> > >> > you specified.
>> > >> >
>> > >> > Then use gdb to get a backtrace:
>> > >> >
>> > >> > gdb /path/to/httpd /path/to/core --batch --quiet \
>> > >> >
>> > >> > -ex "thread apply all bt full" > backtrace.log
>> > >>
>> > >> Hi again. I'm confused.
>> > >>
>> > >> The bug is triggered by msc_test forked by make test not httpd. Just
>> > >> like the
>> > >> core says:
>> > >> core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV),
>> > >> SVR4-style, from
>> > >> './msc_test -t op -n rx -p
>> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)
>> > >> -D 0
>> > >> -r'
>> > >> And gdb complains about right binary:
>> > >> warning: core file may not match specified executable file.
>> > >>
>> > >> I tried to get backtrace against msc_test but I got:
>> > >> warning: Can't read pathname for load map: Input/output error.
>> > >> and the backtrace is useless:
>> > >>
>> > >> [New LWP 2179]
>> > >> [Thread debugging using libthread_db enabled]
>> > >> Using host libthread_db library "/lib/i386-linux-
>> > >> gnu/i686/nosegneg/libthread_db.so.1".
>> > >> Core was generated by `./msc_test -t op -n rx -p
>> > >> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
>> > >> Program terminated with signal 11, Segmentation fault.
>> > >> #0 0x080561d6 in msre_op_rx_execute ()
>> > >>
>> > >> Thread 1 (Thread 0x4046c870 (LWP 2179)):
>> > >> #0 0x080561d6 in msre_op_rx_execute ()
>> > >> No symbol table info available.
>> > >> #1 0x0804c40e in test_op ()
>> > >> No symbol table info available.
>> > >> #2 0x0804d9d3 in main ()
>> > >> No symbol table info available.
>> > >> --
>> > >> Pavel Mateja
>> > >>
>> > >> > On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...>
>> wrote:
>> > >> > > > Hello Pavel,
>> > >> > > >
>> > >> > > > Are you running make CFLAGS=-DMSC_TEST test right ?
>> > >> > >
>> > >> > > Yes, I am.
>> > >> > >
>> > >> > > > Can you send me your backtrace ?
>> > >> > >
>> > >> > > Sure. What exactly do you need?
>> > >> > >
>> > >> > > > Thanks
>> > >> > > >
>> > >> > > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <
>> > >>
>> > >> rai...@ki...
>> > >>
>> > >> > > >wrote:
>> > >> > > > > On 22.05.2013 10:22, Pavel Mateja wrote:
>> > >> > > > > > Hi guys,
>> > >> > > > > > I've upgraded our debian servers from wheezy to squeeze
>> and I
>> > >>
>> > >> can't
>> > >>
>> > >> > > > > > pass
>> > >> > > > >
>> > >> > > > > "make
>> > >> > > > >
>> > >> > > > > > test" of modsecurity any more:
>> > >> > > > > >
>> > >> > > > > > Loaded 8 tests from ./op/rx.t
>> > >> > > > > >
>> > >> > > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > >> > > > > > 2) op "rx": passed
>> > >> > > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > >> > > > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
>> > >> > > > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
>> > >> > > > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
>> > >> > > > > > 7) op "rx": passed
>> > >> > > > > >
>> > >> > > > > > ERROR: Failed to create rule for op "rx": Error creating
>> rule:
>> > >> > > > > > Error
>> > >> > > > >
>> > >> > > > > compiling
>> > >> > > > >
>> > >> > > > > > pattern (offset 2): unrecognized character after (? or (?-
>> > >> > > > > > Test exited with signal 11.
>> > >> > > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
>> > >> > > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0"
>> "-r"
>> > >>
>> > >> "1"
>> > >>
>> > >> > > > > > 8) op "rx": failed
>> > >> > > > > >
>> > >> > > > > > Passed: 7; Failed: 1
>> > >> > > > > >
>> > >> > > > > > I've tried version 2.7.2 which passed test on old debian
>> and
>> > >>
>> > >> latest
>> > >>
>> > >> > > > > 2.7.3.
>> > >> > > > >
>> > >> > > > > > Both failed on the same place.
>> > >> > > > > >
>> > >> > > > > > Compilation parameters were:
>> > >> > > > > > ./configure --prefix=/apache/modules/
>> > >>
>> > >> --with-apxs=/apache/bin/apxs
>> > >>
>> > >> > > > > --with-
>> > >> > > > >
>> > >> > > > > > apr=/apache/bin/apr-1-config
>> > >> > > > > > --with-apu=/apache/bin/apu-1-config
>> > >> > > > >
>> > >> > > > > --enable-pcre-
>> > >> > > > >
>> > >> > > > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
>> > >> > > > >
>> > >> > > > > --disable-mlogc
>> > >> > > > >
>> > >> > > > > Since it exits with signal 11 it might be related to this
>> bug:
>> > >> > > > >
>> > >> > > > > https://github.com/SpiderLabs/ModSecurity/issues/23
>> > >> > > > >
>> > >> > > > > It was fixed in this commit
>> > >>
>> > >>
>> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e631
>> > >> 7
>> > >>
>> > >> > > > > af1680f2a007aead
>> > >> > > > >
>> > >> > > > > and should be part of 2.7.2 and later. Maybe the fix didn't
>> > >> > > > > catch
>> > >>
>> > >> all
>> > >>
>> > >> > > > > similar situations?
>> > >> > > > >
>> > >> > > > > Regards,
>> > >> > > > >
>> > >> > > > > Rainer
>> > >>
>> > >>
>> ------------------------------------------------------------------------
>> > >> -
>> > >>
>> > >> > > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>> > >> > > > > New Relic is the only SaaS-based application performance
>> > >>
>> > >> monitoring
>> > >>
>> > >> > > > > service that delivers powerful full stack analytics. Optimize
>> > >> > > > > and monitor your browser, app, & servers with just a few
>> lines
>> > >> > > > > of
>> > >>
>> > >> code.
>> > >>
>> > >> > > > > Try New Relic and get this awesome Nerd Life shirt!
>> > >> > > > > http://p.sf.net/sfu/newrelic_d2d_may
>> > >> > > > > _______________________________________________
>> > >> > > > > mod-security-developers mailing list
>> > >> > > > > mod...@li...
>> > >>
>> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > >>
>> > >> > > > > ModSecurity Services from Trustwave's SpiderLabs:
>> > >> > > > > https://www.trustwave.com/spiderLabs.php
>> > >> > >
>> > >> > > --
>> > >> > > Pavel Mateja
>> > >>
>> > >>
>> ------------------------------------------------------------------------
>> > >> -
>> > >>
>> > >> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>> > >> > > New Relic is the only SaaS-based application performance
>> monitoring
>> > >> > > service that delivers powerful full stack analytics. Optimize and
>> > >> > > monitor your browser, app, & servers with just a few lines of
>> code.
>> > >>
>> > >> Try
>> > >>
>> > >> > > New Relic and get this awesome Nerd Life shirt!
>> > >> > > http://p.sf.net/sfu/newrelic_d2d_may
>> > >> > > _______________________________________________
>> > >> > > mod-security-developers mailing list
>> > >> > > mod...@li...
>> > >> > >
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > >> > > ModSecurity Services from Trustwave's SpiderLabs:
>> > >> > > https://www.trustwave.com/spiderLabs.php
>> > >>
>> > >>
>> ------------------------------------------------------------------------
>> > >> ------ Try New Relic Now & We'll Send You this Cool Shirt
>> > >> New Relic is the only SaaS-based application performance monitoring
>> > >> service
>> > >> that delivers powerful full stack analytics. Optimize and monitor
>> your
>> > >> browser, app, & servers with just a few lines of code. Try New Relic
>> > >> and get this awesome Nerd Life shirt!
>> > >> http://p.sf.net/sfu/newrelic_d2d_may
>> > >> _______________________________________________
>> > >> mod-security-developers mailing list
>> > >> mod...@li...
>> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > >> ModSecurity Services from Trustwave's SpiderLabs:
>> > >> https://www.trustwave.com/spiderLabs.php
>>
>>
>> ------------------------------------------------------------------------------
>> Try New Relic Now & We'll Send You this Cool Shirt
>> New Relic is the only SaaS-based application performance monitoring
>> service
>> that delivers powerful full stack analytics. Optimize and monitor your
>> browser, app, & servers with just a few lines of code. Try New Relic
>> and get this awesome Nerd Life shirt!
>> http://p.sf.net/sfu/newrelic_d2d_may
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>>
>
>
|
