[Mod-security-developers] Reverse proxy, SecRequestBodyAccess, segmentation fault
Brought to you by:
victorhora,
zimmerletw
From: Ewald D. <ewa...@t-...> - 2013-11-27 15:17:53
|
With Apache 2.4.6 and mpm_worker configured as a reverse proxy I get segmentation faults when I enable modsecurity 2.7.5 with "SecRequestBodyAccess On" and then send large amounts of POST requests to a misconfigured backend server that just drops the requests. This is what I did: On Debian unstable I installed Apache 2.4.6, enabled multithreading via mpm_worker, and configured a simple reverse proxy. I also enabled modsecurity 2.7.5 with SecRequestBodyAccess. No rules were enabled. Here is the configuration for the reverse proxy and modsecurity: <Location /> SecRuleEngine On SecRequestBodyAccess On ProxyPass http://backend:8080/ ProxyPassReverse http://backend:8080/ </Location> This is what I run to simulate the request-dropping backend server: faucet 8080 --out echo "" If a client sends a request, the reverse proxy sends a "502 Bad Gateway" response and logs the following errors: [...] (104)Connection reset by peer: [client 10.128.128.81:49143] AH01102: error reading status line from remote server backend:8080 [...] AH00898: Error reading from remote server returned by / So everything works as expected. Now I send POST requests in parallel by starting this loop on multiple shells, the more the better (data_file is 22k if that matters): while true ; do curl -d @data_file http://frontend/ ; done Every once in a while I get a segmentation fault. These segmentation faults happen "anywhere" so I'm not sure if providing a backtrace is of any help. Is this a bug or am I doing something wrong? Thanks for your help! |