Re: [mod-security-users] mod_security causing Apache 1.3.33 to ha ng
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] mod_security causing Apache 1.3.33 to ha ng
|
From: Ivan R. <iv...@we...> - 2006-01-11 20:59:40
|
Servedio, Allen (Matrix) wrote: > Just getting ready to... I am working with Ivan on it now. We didn't get to run truss (Allen did not have root on the box) but we narrowed it down pretty much to a problem in the Apache 1.3.x regular expression library. After changing the rule 'SecFilter "<(.|\n)+>" id:1002' to 'SecFilter "<.+>" id:1002' Apache did not hang any more. I have seen a similar problem once before, when I encountered a problem with Apache 2.x on Windows. It turned out to be a PCRE bug which manifested only on Windows because of the smaller stack size. If I recall correctly PCRE uses recursion for subexpressions internally, which leads to stack space consumption when the regex is applied to a long string. I think this is pretty much the same problem. Other modules that use regular expressions would probably suffer too. One solution is to avoid using subexpressions. Another might be to compile mod_security against PCRE (as far as I know the problem I reported was fixed a long time ago). -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com Tel: +44 20 8141 2161, Fax: +44 87 0762 3934 |
