|
From: Ivan R. <iv...@we...> - 2006-03-02 17:31:19
|
Kam...@bd... wrote: > Hello all, > > I would like to ask, if somebody have met similar problem like us: > > The combination of apache 2.2.0 and mod_security 1.9.2 causes crash > under SuSE 9.3. FYI, I am successfully using Apache 2.2.0 on Debian 3.1. > Both apache and mod_security compiles w/o errors, but every request with > mod_security enabled causes SIGSEGV in current thread. > The reason is, that function ap_get_module_config is called with zero in > the module pointer (m). > The bug is the same under worker and prefork mpms. This sounds like some Apache problem. The NULL value is supplied by Apache. > We have this problem since upgrade from apache 2.0 to 2.2 (mainly > because we needed to use new features in mod_proxy). For 2.0 we compiled > (and created RPM) mod_security 1.9.2 with no problems, but the similar > process failed with 2.2. We are not sure if problem could be more in > SuSE or mod_security. Are you able to run any other third-party modules compiled via DSO? -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall Apache Security (O'Reilly): http://www.apachesecurity.net |
