|
From: Ewald D. <ewa...@t-...> - 2013-11-27 15:17:53
|
With Apache 2.4.6 and mpm_worker configured as a reverse proxy I get
segmentation faults when I enable modsecurity 2.7.5 with
"SecRequestBodyAccess On" and then send large amounts of POST requests
to a misconfigured backend server that just drops the requests.
This is what I did:
On Debian unstable I installed Apache 2.4.6, enabled multithreading via
mpm_worker, and configured a simple reverse proxy. I also enabled
modsecurity 2.7.5 with SecRequestBodyAccess. No rules were enabled.
Here is the configuration for the reverse proxy and modsecurity:
<Location />
SecRuleEngine On
SecRequestBodyAccess On
ProxyPass http://backend:8080/
ProxyPassReverse http://backend:8080/
</Location>
This is what I run to simulate the request-dropping backend server:
faucet 8080 --out echo ""
If a client sends a request, the reverse proxy sends a "502 Bad Gateway"
response and logs the following errors:
[...] (104)Connection reset by peer: [client 10.128.128.81:49143]
AH01102: error reading status line from remote server backend:8080
[...] AH00898: Error reading from remote server returned by /
So everything works as expected.
Now I send POST requests in parallel by starting this loop on multiple
shells, the more the better (data_file is 22k if that matters):
while true ; do curl -d @data_file http://frontend/ ; done
Every once in a while I get a segmentation fault. These segmentation
faults happen "anywhere" so I'm not sure if providing a backtrace is of
any help.
Is this a bug or am I doing something wrong? Thanks for your help!
|
