Re: [Mod-security-developers] mod_security mis-uses apr_allocator_create
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] mod_security mis-uses apr_allocator_create
|
From: Felipe C. <FC...@tr...> - 2014-08-18 17:18:36
|
Hi Stefan, Thanks for the report. It seems that it is part of the code that needed to be reviewed. I have opened a issue to track this on GitHub, here goes the link: https://github.com/SpiderLabs/ModSecurity/issues/768 Br., Felipe "Zimmerle" Costa Security Researcher, SpiderLabs Trustwave | SMART SECURITY ON DEMAND www.trustwave.com <http://www.trustwave.com/> On 8/15/14 4:03 PM, "Stefan Fritsch" <sf...@sf...> wrote: >Hi, > >mod_security creates a new apr_allocator for every request which is then >destroyed again after the request finishes. This seems to cause bad >performance when used with a threaded mpms and apr's >--enable-allocator-uses-mmap because it causes lots of mmap() and >munmap()s for each request. The allocator-uses-mmap option has been in >use >by Debian/Ubuntu's apr packages for over three years. More information is >available at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758068 > >Why does mod_security do this? Why does it create its own per-request >pool >msr->mp at all? It does not seem to clear or destroy it before the end of >request and so there does not seem to be any advantage over using r->pool >directly. > >Cheers, >Stefan > >-------------------------------------------------------------------------- >---- >_______________________________________________ >mod-security-developers mailing list >mod...@li... >https://lists.sourceforge.net/lists/listinfo/mod-security-developers >ModSecurity Services from Trustwave's SpiderLabs: >https://www.trustwave.com/spiderLabs.php ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. |
