Thread: [Mod-security-developers] Make test failed
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
mod-security-developers
|
From: Pavel M. <pa...@ne...> - 2013-05-22 08:49:37
|
Hi guys,
I've upgraded our debian servers from wheezy to squeeze and I can't pass "make
test" of modsecurity any more:
Loaded 8 tests from ./op/rx.t
1) op "rx": passed (Pattern match "" at UNIT_TEST.)
2) op "rx": passed
3) op "rx": passed (Pattern match "" at UNIT_TEST.)
4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
7) op "rx": passed
ERROR: Failed to create rule for op "rx": Error creating rule: Error compiling
pattern (offset 2): unrecognized character after (? or (?-
Test exited with signal 11.
Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
"(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
8) op "rx": failed
Passed: 7; Failed: 1
I've tried version 2.7.2 which passed test on old debian and latest 2.7.3.
Both failed on the same place.
Compilation parameters were:
./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs --with-
apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config --enable-pcre-
match-limit=50000 --enable-pcre-match-limit-recursion=10000 --disable-mlogc
--
Pavel Mateja
|
|
From: Rainer J. <rai...@ki...> - 2013-05-22 11:05:56
|
On 22.05.2013 10:22, Pavel Mateja wrote:
> Hi guys,
> I've upgraded our debian servers from wheezy to squeeze and I can't pass "make
> test" of modsecurity any more:
>
> Loaded 8 tests from ./op/rx.t
> 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> 2) op "rx": passed
> 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> 7) op "rx": passed
> ERROR: Failed to create rule for op "rx": Error creating rule: Error compiling
> pattern (offset 2): unrecognized character after (? or (?-
> Test exited with signal 11.
> Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
> 8) op "rx": failed
> Passed: 7; Failed: 1
>
> I've tried version 2.7.2 which passed test on old debian and latest 2.7.3.
> Both failed on the same place.
>
> Compilation parameters were:
> ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs --with-
> apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config --enable-pcre-
> match-limit=50000 --enable-pcre-match-limit-recursion=10000 --disable-mlogc
Since it exits with signal 11 it might be related to this bug:
https://github.com/SpiderLabs/ModSecurity/issues/23
It was fixed in this commit
https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317af1680f2a007aead
and should be part of 2.7.2 and later. Maybe the fix didn't catch all
similar situations?
Regards,
Rainer
|
|
From: Breno S. <bre...@gm...> - 2013-05-22 12:07:04
|
Hello Pavel,
Are you running make CFLAGS=-DMSC_TEST test right ?
Can you send me your backtrace ?
Thanks
On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <rai...@ki...>wrote:
> On 22.05.2013 10:22, Pavel Mateja wrote:
> > Hi guys,
> > I've upgraded our debian servers from wheezy to squeeze and I can't pass
> "make
> > test" of modsecurity any more:
> >
> > Loaded 8 tests from ./op/rx.t
> > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > 2) op "rx": passed
> > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> > 7) op "rx": passed
> > ERROR: Failed to create rule for op "rx": Error creating rule: Error
> compiling
> > pattern (offset 2): unrecognized character after (? or (?-
> > Test exited with signal 11.
> > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
> > 8) op "rx": failed
> > Passed: 7; Failed: 1
> >
> > I've tried version 2.7.2 which passed test on old debian and latest
> 2.7.3.
> > Both failed on the same place.
> >
> > Compilation parameters were:
> > ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs
> --with-
> > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
> --enable-pcre-
> > match-limit=50000 --enable-pcre-match-limit-recursion=10000
> --disable-mlogc
>
> Since it exits with signal 11 it might be related to this bug:
>
> https://github.com/SpiderLabs/ModSecurity/issues/23
>
> It was fixed in this commit
>
>
> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317af1680f2a007aead
>
> and should be part of 2.7.2 and later. Maybe the fix didn't catch all
> similar situations?
>
> Regards,
>
> Rainer
>
>
> ------------------------------------------------------------------------------
> Try New Relic Now & We'll Send You this Cool Shirt
> New Relic is the only SaaS-based application performance monitoring service
> that delivers powerful full stack analytics. Optimize and monitor your
> browser, app, & servers with just a few lines of code. Try New Relic
> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
|
|
From: Pavel M. <pa...@ne...> - 2013-05-22 12:32:53
|
> Hello Pavel,
>
> Are you running make CFLAGS=-DMSC_TEST test right ?
Yes, I am.
> Can you send me your backtrace ?
Sure. What exactly do you need?
> Thanks
>
> On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <rai...@ki...>wrote:
> > On 22.05.2013 10:22, Pavel Mateja wrote:
> > > Hi guys,
> > > I've upgraded our debian servers from wheezy to squeeze and I can't
> > > pass
> >
> > "make
> >
> > > test" of modsecurity any more:
> > >
> > > Loaded 8 tests from ./op/rx.t
> > >
> > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > > 2) op "rx": passed
> > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> > > 7) op "rx": passed
> > >
> > > ERROR: Failed to create rule for op "rx": Error creating rule: Error
> >
> > compiling
> >
> > > pattern (offset 2): unrecognized character after (? or (?-
> > > Test exited with signal 11.
> > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
> > >
> > > 8) op "rx": failed
> > >
> > > Passed: 7; Failed: 1
> > >
> > > I've tried version 2.7.2 which passed test on old debian and latest
> >
> > 2.7.3.
> >
> > > Both failed on the same place.
> > >
> > > Compilation parameters were:
> > > ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs
> >
> > --with-
> >
> > > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
> >
> > --enable-pcre-
> >
> > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
> >
> > --disable-mlogc
> >
> > Since it exits with signal 11 it might be related to this bug:
> >
> > https://github.com/SpiderLabs/ModSecurity/issues/23
> >
> > It was fixed in this commit
> >
> >
> > https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317
> > af1680f2a007aead
> >
> > and should be part of 2.7.2 and later. Maybe the fix didn't catch all
> > similar situations?
> >
> > Regards,
> >
> > Rainer
> >
> >
> > -------------------------------------------------------------------------
> > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > New Relic is the only SaaS-based application performance monitoring
> > service that delivers powerful full stack analytics. Optimize and
> > monitor your browser, app, & servers with just a few lines of code. Try
> > New Relic and get this awesome Nerd Life shirt!
> > http://p.sf.net/sfu/newrelic_d2d_may
> > _______________________________________________
> > mod-security-developers mailing list
> > mod...@li...
> > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > ModSecurity Services from Trustwave's SpiderLabs:
> > https://www.trustwave.com/spiderLabs.php
--
Pavel Mateja
|
|
From: Breno S. <bre...@gm...> - 2013-05-22 12:36:47
|
You should do:
Make sure there is a core dump area with something like:
CoreDumpDirectory /tmp
Make sure limits are set to dump core:
ulimit -c unlimited
Restart and trigger the error. A core file should be in the directory
you specified.
Then use gdb to get a backtrace:
gdb /path/to/httpd /path/to/core --batch --quiet \
-ex "thread apply all bt full" > backtrace.log
On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...> wrote:
> > Hello Pavel,
> >
> > Are you running make CFLAGS=-DMSC_TEST test right ?
>
> Yes, I am.
>
> > Can you send me your backtrace ?
>
> Sure. What exactly do you need?
>
> > Thanks
> >
> > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <rai...@ki...
> >wrote:
> > > On 22.05.2013 10:22, Pavel Mateja wrote:
> > > > Hi guys,
> > > > I've upgraded our debian servers from wheezy to squeeze and I can't
> > > > pass
> > >
> > > "make
> > >
> > > > test" of modsecurity any more:
> > > >
> > > > Loaded 8 tests from ./op/rx.t
> > > >
> > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > > > 2) op "rx": passed
> > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> > > > 7) op "rx": passed
> > > >
> > > > ERROR: Failed to create rule for op "rx": Error creating rule: Error
> > >
> > > compiling
> > >
> > > > pattern (offset 2): unrecognized character after (? or (?-
> > > > Test exited with signal 11.
> > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
> > > >
> > > > 8) op "rx": failed
> > > >
> > > > Passed: 7; Failed: 1
> > > >
> > > > I've tried version 2.7.2 which passed test on old debian and latest
> > >
> > > 2.7.3.
> > >
> > > > Both failed on the same place.
> > > >
> > > > Compilation parameters were:
> > > > ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs
> > >
> > > --with-
> > >
> > > > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
> > >
> > > --enable-pcre-
> > >
> > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
> > >
> > > --disable-mlogc
> > >
> > > Since it exits with signal 11 it might be related to this bug:
> > >
> > > https://github.com/SpiderLabs/ModSecurity/issues/23
> > >
> > > It was fixed in this commit
> > >
> > >
> > >
> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317
> > > af1680f2a007aead
> > >
> > > and should be part of 2.7.2 and later. Maybe the fix didn't catch all
> > > similar situations?
> > >
> > > Regards,
> > >
> > > Rainer
> > >
> > >
> > >
> -------------------------------------------------------------------------
> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > > New Relic is the only SaaS-based application performance monitoring
> > > service that delivers powerful full stack analytics. Optimize and
> > > monitor your browser, app, & servers with just a few lines of code. Try
> > > New Relic and get this awesome Nerd Life shirt!
> > > http://p.sf.net/sfu/newrelic_d2d_may
> > > _______________________________________________
> > > mod-security-developers mailing list
> > > mod...@li...
> > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > > ModSecurity Services from Trustwave's SpiderLabs:
> > > https://www.trustwave.com/spiderLabs.php
> --
> Pavel Mateja
>
>
> ------------------------------------------------------------------------------
> Try New Relic Now & We'll Send You this Cool Shirt
> New Relic is the only SaaS-based application performance monitoring service
> that delivers powerful full stack analytics. Optimize and monitor your
> browser, app, & servers with just a few lines of code. Try New Relic
> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
|
|
From: Breno S. <bre...@gm...> - 2013-05-22 12:37:13
|
Could you also send me your error.log?
On Wed, May 22, 2013 at 9:36 AM, Breno Silva <bre...@gm...> wrote:
> You should do:
>
> Make sure there is a core dump area with something like:
>
> CoreDumpDirectory /tmp
>
> Make sure limits are set to dump core:
>
> ulimit -c unlimited
>
> Restart and trigger the error. A core file should be in the directory
> you specified.
>
> Then use gdb to get a backtrace:
>
> gdb /path/to/httpd /path/to/core --batch --quiet \
> -ex "thread apply all bt full" > backtrace.log
>
>
> On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...> wrote:
>
>> > Hello Pavel,
>> >
>> > Are you running make CFLAGS=-DMSC_TEST test right ?
>>
>> Yes, I am.
>>
>> > Can you send me your backtrace ?
>>
>> Sure. What exactly do you need?
>>
>> > Thanks
>> >
>> > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <rai...@ki...
>> >wrote:
>> > > On 22.05.2013 10:22, Pavel Mateja wrote:
>> > > > Hi guys,
>> > > > I've upgraded our debian servers from wheezy to squeeze and I can't
>> > > > pass
>> > >
>> > > "make
>> > >
>> > > > test" of modsecurity any more:
>> > > >
>> > > > Loaded 8 tests from ./op/rx.t
>> > > >
>> > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > > > 2) op "rx": passed
>> > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
>> > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
>> > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
>> > > > 7) op "rx": passed
>> > > >
>> > > > ERROR: Failed to create rule for op "rx": Error creating rule: Error
>> > >
>> > > compiling
>> > >
>> > > > pattern (offset 2): unrecognized character after (? or (?-
>> > > > Test exited with signal 11.
>> > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
>> > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
>> > > >
>> > > > 8) op "rx": failed
>> > > >
>> > > > Passed: 7; Failed: 1
>> > > >
>> > > > I've tried version 2.7.2 which passed test on old debian and latest
>> > >
>> > > 2.7.3.
>> > >
>> > > > Both failed on the same place.
>> > > >
>> > > > Compilation parameters were:
>> > > > ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs
>> > >
>> > > --with-
>> > >
>> > > > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
>> > >
>> > > --enable-pcre-
>> > >
>> > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
>> > >
>> > > --disable-mlogc
>> > >
>> > > Since it exits with signal 11 it might be related to this bug:
>> > >
>> > > https://github.com/SpiderLabs/ModSecurity/issues/23
>> > >
>> > > It was fixed in this commit
>> > >
>> > >
>> > >
>> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317
>> > > af1680f2a007aead
>> > >
>> > > and should be part of 2.7.2 and later. Maybe the fix didn't catch all
>> > > similar situations?
>> > >
>> > > Regards,
>> > >
>> > > Rainer
>> > >
>> > >
>> > >
>> -------------------------------------------------------------------------
>> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>> > > New Relic is the only SaaS-based application performance monitoring
>> > > service that delivers powerful full stack analytics. Optimize and
>> > > monitor your browser, app, & servers with just a few lines of code.
>> Try
>> > > New Relic and get this awesome Nerd Life shirt!
>> > > http://p.sf.net/sfu/newrelic_d2d_may
>> > > _______________________________________________
>> > > mod-security-developers mailing list
>> > > mod...@li...
>> > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > > ModSecurity Services from Trustwave's SpiderLabs:
>> > > https://www.trustwave.com/spiderLabs.php
>> --
>> Pavel Mateja
>>
>>
>> ------------------------------------------------------------------------------
>> Try New Relic Now & We'll Send You this Cool Shirt
>> New Relic is the only SaaS-based application performance monitoring
>> service
>> that delivers powerful full stack analytics. Optimize and monitor your
>> browser, app, & servers with just a few lines of code. Try New Relic
>> and get this awesome Nerd Life shirt!
>> http://p.sf.net/sfu/newrelic_d2d_may
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>>
>
>
|
|
From: Breno S. <bre...@gm...> - 2013-05-22 12:41:22
|
Oops you should change the binary to msc_test :)
On Wed, May 22, 2013 at 9:37 AM, Breno Silva <bre...@gm...> wrote:
> Could you also send me your error.log?
>
>
> On Wed, May 22, 2013 at 9:36 AM, Breno Silva <bre...@gm...>wrote:
>
>> You should do:
>>
>> Make sure there is a core dump area with something like:
>>
>> CoreDumpDirectory /tmp
>>
>> Make sure limits are set to dump core:
>>
>> ulimit -c unlimited
>>
>> Restart and trigger the error. A core file should be in the directory
>> you specified.
>>
>> Then use gdb to get a backtrace:
>>
>> gdb /path/to/httpd /path/to/core --batch --quiet \
>> -ex "thread apply all bt full" > backtrace.log
>>
>>
>> On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...> wrote:
>>
>>> > Hello Pavel,
>>> >
>>> > Are you running make CFLAGS=-DMSC_TEST test right ?
>>>
>>> Yes, I am.
>>>
>>> > Can you send me your backtrace ?
>>>
>>> Sure. What exactly do you need?
>>>
>>> > Thanks
>>> >
>>> > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <rai...@ki...
>>> >wrote:
>>> > > On 22.05.2013 10:22, Pavel Mateja wrote:
>>> > > > Hi guys,
>>> > > > I've upgraded our debian servers from wheezy to squeeze and I can't
>>> > > > pass
>>> > >
>>> > > "make
>>> > >
>>> > > > test" of modsecurity any more:
>>> > > >
>>> > > > Loaded 8 tests from ./op/rx.t
>>> > > >
>>> > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
>>> > > > 2) op "rx": passed
>>> > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
>>> > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
>>> > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
>>> > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
>>> > > > 7) op "rx": passed
>>> > > >
>>> > > > ERROR: Failed to create rule for op "rx": Error creating rule:
>>> Error
>>> > >
>>> > > compiling
>>> > >
>>> > > > pattern (offset 2): unrecognized character after (? or (?-
>>> > > > Test exited with signal 11.
>>> > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
>>> > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
>>> > > >
>>> > > > 8) op "rx": failed
>>> > > >
>>> > > > Passed: 7; Failed: 1
>>> > > >
>>> > > > I've tried version 2.7.2 which passed test on old debian and latest
>>> > >
>>> > > 2.7.3.
>>> > >
>>> > > > Both failed on the same place.
>>> > > >
>>> > > > Compilation parameters were:
>>> > > > ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs
>>> > >
>>> > > --with-
>>> > >
>>> > > > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
>>> > >
>>> > > --enable-pcre-
>>> > >
>>> > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
>>> > >
>>> > > --disable-mlogc
>>> > >
>>> > > Since it exits with signal 11 it might be related to this bug:
>>> > >
>>> > > https://github.com/SpiderLabs/ModSecurity/issues/23
>>> > >
>>> > > It was fixed in this commit
>>> > >
>>> > >
>>> > >
>>> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317
>>> > > af1680f2a007aead
>>> > >
>>> > > and should be part of 2.7.2 and later. Maybe the fix didn't catch all
>>> > > similar situations?
>>> > >
>>> > > Regards,
>>> > >
>>> > > Rainer
>>> > >
>>> > >
>>> > >
>>> -------------------------------------------------------------------------
>>> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>>> > > New Relic is the only SaaS-based application performance monitoring
>>> > > service that delivers powerful full stack analytics. Optimize and
>>> > > monitor your browser, app, & servers with just a few lines of code.
>>> Try
>>> > > New Relic and get this awesome Nerd Life shirt!
>>> > > http://p.sf.net/sfu/newrelic_d2d_may
>>> > > _______________________________________________
>>> > > mod-security-developers mailing list
>>> > > mod...@li...
>>> > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>> > > ModSecurity Services from Trustwave's SpiderLabs:
>>> > > https://www.trustwave.com/spiderLabs.php
>>> --
>>> Pavel Mateja
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Try New Relic Now & We'll Send You this Cool Shirt
>>> New Relic is the only SaaS-based application performance monitoring
>>> service
>>> that delivers powerful full stack analytics. Optimize and monitor your
>>> browser, app, & servers with just a few lines of code. Try New Relic
>>> and get this awesome Nerd Life shirt!
>>> http://p.sf.net/sfu/newrelic_d2d_may
>>> _______________________________________________
>>> mod-security-developers mailing list
>>> mod...@li...
>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>> ModSecurity Services from Trustwave's SpiderLabs:
>>> https://www.trustwave.com/spiderLabs.php
>>>
>>
>>
>
|
|
From: Breno S. <bre...@gm...> - 2013-05-22 12:43:00
|
I can just reproduce it running ./msc_test alone:
root@ubuntu:/home/brenosilva/modsecurity-apache_2.7.4/tests# ./msc_test
"-t" "op" "-n" "rx" "-p" "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)"
"-D" "0" "-r" "1"
ERROR: Failed to create rule for op "rx": Error creating rule: Error
compiling pattern (offset 2): unrecognized character after (? or (?-
Segmentation fault
However when running with make test it works fine.
On Wed, May 22, 2013 at 9:41 AM, Breno Silva <bre...@gm...> wrote:
> Oops you should change the binary to msc_test :)
>
>
> On Wed, May 22, 2013 at 9:37 AM, Breno Silva <bre...@gm...>wrote:
>
>> Could you also send me your error.log?
>>
>>
>> On Wed, May 22, 2013 at 9:36 AM, Breno Silva <bre...@gm...>wrote:
>>
>>> You should do:
>>>
>>> Make sure there is a core dump area with something like:
>>>
>>> CoreDumpDirectory /tmp
>>>
>>> Make sure limits are set to dump core:
>>>
>>> ulimit -c unlimited
>>>
>>> Restart and trigger the error. A core file should be in the directory
>>> you specified.
>>>
>>> Then use gdb to get a backtrace:
>>>
>>> gdb /path/to/httpd /path/to/core --batch --quiet \
>>> -ex "thread apply all bt full" > backtrace.log
>>>
>>>
>>> On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...> wrote:
>>>
>>>> > Hello Pavel,
>>>> >
>>>> > Are you running make CFLAGS=-DMSC_TEST test right ?
>>>>
>>>> Yes, I am.
>>>>
>>>> > Can you send me your backtrace ?
>>>>
>>>> Sure. What exactly do you need?
>>>>
>>>> > Thanks
>>>> >
>>>> > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <rai...@ki...
>>>> >wrote:
>>>> > > On 22.05.2013 10:22, Pavel Mateja wrote:
>>>> > > > Hi guys,
>>>> > > > I've upgraded our debian servers from wheezy to squeeze and I
>>>> can't
>>>> > > > pass
>>>> > >
>>>> > > "make
>>>> > >
>>>> > > > test" of modsecurity any more:
>>>> > > >
>>>> > > > Loaded 8 tests from ./op/rx.t
>>>> > > >
>>>> > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
>>>> > > > 2) op "rx": passed
>>>> > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
>>>> > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
>>>> > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
>>>> > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
>>>> > > > 7) op "rx": passed
>>>> > > >
>>>> > > > ERROR: Failed to create rule for op "rx": Error creating rule:
>>>> Error
>>>> > >
>>>> > > compiling
>>>> > >
>>>> > > > pattern (offset 2): unrecognized character after (? or (?-
>>>> > > > Test exited with signal 11.
>>>> > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
>>>> > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
>>>> > > >
>>>> > > > 8) op "rx": failed
>>>> > > >
>>>> > > > Passed: 7; Failed: 1
>>>> > > >
>>>> > > > I've tried version 2.7.2 which passed test on old debian and
>>>> latest
>>>> > >
>>>> > > 2.7.3.
>>>> > >
>>>> > > > Both failed on the same place.
>>>> > > >
>>>> > > > Compilation parameters were:
>>>> > > > ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs
>>>> > >
>>>> > > --with-
>>>> > >
>>>> > > > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
>>>> > >
>>>> > > --enable-pcre-
>>>> > >
>>>> > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
>>>> > >
>>>> > > --disable-mlogc
>>>> > >
>>>> > > Since it exits with signal 11 it might be related to this bug:
>>>> > >
>>>> > > https://github.com/SpiderLabs/ModSecurity/issues/23
>>>> > >
>>>> > > It was fixed in this commit
>>>> > >
>>>> > >
>>>> > >
>>>> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317
>>>> > > af1680f2a007aead
>>>> > >
>>>> > > and should be part of 2.7.2 and later. Maybe the fix didn't catch
>>>> all
>>>> > > similar situations?
>>>> > >
>>>> > > Regards,
>>>> > >
>>>> > > Rainer
>>>> > >
>>>> > >
>>>> > >
>>>> -------------------------------------------------------------------------
>>>> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>>>> > > New Relic is the only SaaS-based application performance monitoring
>>>> > > service that delivers powerful full stack analytics. Optimize and
>>>> > > monitor your browser, app, & servers with just a few lines of code.
>>>> Try
>>>> > > New Relic and get this awesome Nerd Life shirt!
>>>> > > http://p.sf.net/sfu/newrelic_d2d_may
>>>> > > _______________________________________________
>>>> > > mod-security-developers mailing list
>>>> > > mod...@li...
>>>> > >
>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>>> > > ModSecurity Services from Trustwave's SpiderLabs:
>>>> > > https://www.trustwave.com/spiderLabs.php
>>>> --
>>>> Pavel Mateja
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Try New Relic Now & We'll Send You this Cool Shirt
>>>> New Relic is the only SaaS-based application performance monitoring
>>>> service
>>>> that delivers powerful full stack analytics. Optimize and monitor your
>>>> browser, app, & servers with just a few lines of code. Try New Relic
>>>> and get this awesome Nerd Life shirt!
>>>> http://p.sf.net/sfu/newrelic_d2d_may
>>>> _______________________________________________
>>>> mod-security-developers mailing list
>>>> mod...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>>> ModSecurity Services from Trustwave's SpiderLabs:
>>>> https://www.trustwave.com/spiderLabs.php
>>>>
>>>
>>>
>>
>
|
|
From: Pavel M. <pa...@ne...> - 2013-05-22 12:47:49
|
> You should do:
>
> Make sure there is a core dump area with something like:
>
> CoreDumpDirectory /tmp
>
> Make sure limits are set to dump core:
>
> ulimit -c unlimited
>
> Restart and trigger the error. A core file should be in the directory
> you specified.
>
> Then use gdb to get a backtrace:
>
> gdb /path/to/httpd /path/to/core --batch --quiet \
> -ex "thread apply all bt full" > backtrace.log
Hi again. I'm confused.
The bug is triggered by msc_test forked by make test not httpd. Just like the
core says:
core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV), SVR4-style, from
'./msc_test -t op -n rx -p (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0
-r'
And gdb complains about right binary:
warning: core file may not match specified executable file.
I tried to get backtrace against msc_test but I got:
warning: Can't read pathname for load map: Input/output error.
and the backtrace is useless:
[New LWP 2179]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-
gnu/i686/nosegneg/libthread_db.so.1".
Core was generated by `./msc_test -t op -n rx -p
(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
Program terminated with signal 11, Segmentation fault.
#0 0x080561d6 in msre_op_rx_execute ()
Thread 1 (Thread 0x4046c870 (LWP 2179)):
#0 0x080561d6 in msre_op_rx_execute ()
No symbol table info available.
#1 0x0804c40e in test_op ()
No symbol table info available.
#2 0x0804d9d3 in main ()
No symbol table info available.
--
Pavel Mateja
> On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...> wrote:
> > > Hello Pavel,
> > >
> > > Are you running make CFLAGS=-DMSC_TEST test right ?
> >
> > Yes, I am.
> >
> > > Can you send me your backtrace ?
> >
> > Sure. What exactly do you need?
> >
> > > Thanks
> > >
> > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <rai...@ki...
> > >
> > >wrote:
> > > > On 22.05.2013 10:22, Pavel Mateja wrote:
> > > > > Hi guys,
> > > > > I've upgraded our debian servers from wheezy to squeeze and I can't
> > > > > pass
> > > >
> > > > "make
> > > >
> > > > > test" of modsecurity any more:
> > > > >
> > > > > Loaded 8 tests from ./op/rx.t
> > > > >
> > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > > > > 2) op "rx": passed
> > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> > > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> > > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> > > > > 7) op "rx": passed
> > > > >
> > > > > ERROR: Failed to create rule for op "rx": Error creating rule:
> > > > > Error
> > > >
> > > > compiling
> > > >
> > > > > pattern (offset 2): unrecognized character after (? or (?-
> > > > > Test exited with signal 11.
> > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
> > > > >
> > > > > 8) op "rx": failed
> > > > >
> > > > > Passed: 7; Failed: 1
> > > > >
> > > > > I've tried version 2.7.2 which passed test on old debian and latest
> > > >
> > > > 2.7.3.
> > > >
> > > > > Both failed on the same place.
> > > > >
> > > > > Compilation parameters were:
> > > > > ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs
> > > >
> > > > --with-
> > > >
> > > > > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
> > > >
> > > > --enable-pcre-
> > > >
> > > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
> > > >
> > > > --disable-mlogc
> > > >
> > > > Since it exits with signal 11 it might be related to this bug:
> > > >
> > > > https://github.com/SpiderLabs/ModSecurity/issues/23
> > > >
> > > > It was fixed in this commit
> >
> > https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317
> >
> > > > af1680f2a007aead
> > > >
> > > > and should be part of 2.7.2 and later. Maybe the fix didn't catch all
> > > > similar situations?
> > > >
> > > > Regards,
> > > >
> > > > Rainer
> >
> > -------------------------------------------------------------------------
> >
> > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > > > New Relic is the only SaaS-based application performance monitoring
> > > > service that delivers powerful full stack analytics. Optimize and
> > > > monitor your browser, app, & servers with just a few lines of code.
> > > > Try New Relic and get this awesome Nerd Life shirt!
> > > > http://p.sf.net/sfu/newrelic_d2d_may
> > > > _______________________________________________
> > > > mod-security-developers mailing list
> > > > mod...@li...
> > > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > > > ModSecurity Services from Trustwave's SpiderLabs:
> > > > https://www.trustwave.com/spiderLabs.php
> >
> > --
> > Pavel Mateja
> >
> >
> > -------------------------------------------------------------------------
> > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > New Relic is the only SaaS-based application performance monitoring
> > service that delivers powerful full stack analytics. Optimize and
> > monitor your browser, app, & servers with just a few lines of code. Try
> > New Relic and get this awesome Nerd Life shirt!
> > http://p.sf.net/sfu/newrelic_d2d_may
> > _______________________________________________
> > mod-security-developers mailing list
> > mod...@li...
> > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > ModSecurity Services from Trustwave's SpiderLabs:
> > https://www.trustwave.com/spiderLabs.php
|
|
From: Breno S. <bre...@gm...> - 2013-05-22 12:53:16
|
Yes. Looks like for some reason the regex is not being compiled.
I will investigate it
On Wed, May 22, 2013 at 9:47 AM, Pavel Mateja <pa...@ne...> wrote:
> > You should do:
> >
> > Make sure there is a core dump area with something like:
> >
> > CoreDumpDirectory /tmp
> >
> > Make sure limits are set to dump core:
> >
> > ulimit -c unlimited
> >
> > Restart and trigger the error. A core file should be in the directory
> > you specified.
> >
> > Then use gdb to get a backtrace:
> >
> > gdb /path/to/httpd /path/to/core --batch --quiet \
> > -ex "thread apply all bt full" > backtrace.log
>
> Hi again. I'm confused.
>
> The bug is triggered by msc_test forked by make test not httpd. Just like
> the
> core says:
> core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV), SVR4-style,
> from
> './msc_test -t op -n rx -p (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)
> -D 0
> -r'
> And gdb complains about right binary:
> warning: core file may not match specified executable file.
>
> I tried to get backtrace against msc_test but I got:
> warning: Can't read pathname for load map: Input/output error.
> and the backtrace is useless:
>
> [New LWP 2179]
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib/i386-linux-
> gnu/i686/nosegneg/libthread_db.so.1".
> Core was generated by `./msc_test -t op -n rx -p
> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
> Program terminated with signal 11, Segmentation fault.
> #0 0x080561d6 in msre_op_rx_execute ()
>
> Thread 1 (Thread 0x4046c870 (LWP 2179)):
> #0 0x080561d6 in msre_op_rx_execute ()
> No symbol table info available.
> #1 0x0804c40e in test_op ()
> No symbol table info available.
> #2 0x0804d9d3 in main ()
> No symbol table info available.
> --
> Pavel Mateja
>
> > On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...> wrote:
> > > > Hello Pavel,
> > > >
> > > > Are you running make CFLAGS=-DMSC_TEST test right ?
> > >
> > > Yes, I am.
> > >
> > > > Can you send me your backtrace ?
> > >
> > > Sure. What exactly do you need?
> > >
> > > > Thanks
> > > >
> > > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <
> rai...@ki...
> > > >
> > > >wrote:
> > > > > On 22.05.2013 10:22, Pavel Mateja wrote:
> > > > > > Hi guys,
> > > > > > I've upgraded our debian servers from wheezy to squeeze and I
> can't
> > > > > > pass
> > > > >
> > > > > "make
> > > > >
> > > > > > test" of modsecurity any more:
> > > > > >
> > > > > > Loaded 8 tests from ./op/rx.t
> > > > > >
> > > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > > > > > 2) op "rx": passed
> > > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > > > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> > > > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> > > > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> > > > > > 7) op "rx": passed
> > > > > >
> > > > > > ERROR: Failed to create rule for op "rx": Error creating rule:
> > > > > > Error
> > > > >
> > > > > compiling
> > > > >
> > > > > > pattern (offset 2): unrecognized character after (? or (?-
> > > > > > Test exited with signal 11.
> > > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> > > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
> > > > > >
> > > > > > 8) op "rx": failed
> > > > > >
> > > > > > Passed: 7; Failed: 1
> > > > > >
> > > > > > I've tried version 2.7.2 which passed test on old debian and
> latest
> > > > >
> > > > > 2.7.3.
> > > > >
> > > > > > Both failed on the same place.
> > > > > >
> > > > > > Compilation parameters were:
> > > > > > ./configure --prefix=/apache/modules/
> --with-apxs=/apache/bin/apxs
> > > > >
> > > > > --with-
> > > > >
> > > > > > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
> > > > >
> > > > > --enable-pcre-
> > > > >
> > > > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
> > > > >
> > > > > --disable-mlogc
> > > > >
> > > > > Since it exits with signal 11 it might be related to this bug:
> > > > >
> > > > > https://github.com/SpiderLabs/ModSecurity/issues/23
> > > > >
> > > > > It was fixed in this commit
> > >
> > >
> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317
> > >
> > > > > af1680f2a007aead
> > > > >
> > > > > and should be part of 2.7.2 and later. Maybe the fix didn't catch
> all
> > > > > similar situations?
> > > > >
> > > > > Regards,
> > > > >
> > > > > Rainer
> > >
> > >
> -------------------------------------------------------------------------
> > >
> > > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > > > > New Relic is the only SaaS-based application performance monitoring
> > > > > service that delivers powerful full stack analytics. Optimize and
> > > > > monitor your browser, app, & servers with just a few lines of code.
> > > > > Try New Relic and get this awesome Nerd Life shirt!
> > > > > http://p.sf.net/sfu/newrelic_d2d_may
> > > > > _______________________________________________
> > > > > mod-security-developers mailing list
> > > > > mod...@li...
> > > > >
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > > > > ModSecurity Services from Trustwave's SpiderLabs:
> > > > > https://www.trustwave.com/spiderLabs.php
> > >
> > > --
> > > Pavel Mateja
> > >
> > >
> > >
> -------------------------------------------------------------------------
> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > > New Relic is the only SaaS-based application performance monitoring
> > > service that delivers powerful full stack analytics. Optimize and
> > > monitor your browser, app, & servers with just a few lines of code. Try
> > > New Relic and get this awesome Nerd Life shirt!
> > > http://p.sf.net/sfu/newrelic_d2d_may
> > > _______________________________________________
> > > mod-security-developers mailing list
> > > mod...@li...
> > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > > ModSecurity Services from Trustwave's SpiderLabs:
> > > https://www.trustwave.com/spiderLabs.php
>
>
> ------------------------------------------------------------------------------
> Try New Relic Now & We'll Send You this Cool Shirt
> New Relic is the only SaaS-based application performance monitoring service
> that delivers powerful full stack analytics. Optimize and monitor your
> browser, app, & servers with just a few lines of code. Try New Relic
> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
|
|
From: Breno S. <bre...@gm...> - 2013-05-22 13:44:34
|
I'm testing with an external tool that uses libpcre and it is failing to
compile this regex too.
So i'm start thinking (?^ syntax is not supported by libpcre ?
On Wed, May 22, 2013 at 9:53 AM, Breno Silva <bre...@gm...> wrote:
> Yes. Looks like for some reason the regex is not being compiled.
>
> I will investigate it
>
>
> On Wed, May 22, 2013 at 9:47 AM, Pavel Mateja <pa...@ne...> wrote:
>
>> > You should do:
>> >
>> > Make sure there is a core dump area with something like:
>> >
>> > CoreDumpDirectory /tmp
>> >
>> > Make sure limits are set to dump core:
>> >
>> > ulimit -c unlimited
>> >
>> > Restart and trigger the error. A core file should be in the directory
>> > you specified.
>> >
>> > Then use gdb to get a backtrace:
>> >
>> > gdb /path/to/httpd /path/to/core --batch --quiet \
>> > -ex "thread apply all bt full" > backtrace.log
>>
>> Hi again. I'm confused.
>>
>> The bug is triggered by msc_test forked by make test not httpd. Just like
>> the
>> core says:
>> core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV), SVR4-style,
>> from
>> './msc_test -t op -n rx -p (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)
>> -D 0
>> -r'
>> And gdb complains about right binary:
>> warning: core file may not match specified executable file.
>>
>> I tried to get backtrace against msc_test but I got:
>> warning: Can't read pathname for load map: Input/output error.
>> and the backtrace is useless:
>>
>> [New LWP 2179]
>> [Thread debugging using libthread_db enabled]
>> Using host libthread_db library "/lib/i386-linux-
>> gnu/i686/nosegneg/libthread_db.so.1".
>> Core was generated by `./msc_test -t op -n rx -p
>> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
>> Program terminated with signal 11, Segmentation fault.
>> #0 0x080561d6 in msre_op_rx_execute ()
>>
>> Thread 1 (Thread 0x4046c870 (LWP 2179)):
>> #0 0x080561d6 in msre_op_rx_execute ()
>> No symbol table info available.
>> #1 0x0804c40e in test_op ()
>> No symbol table info available.
>> #2 0x0804d9d3 in main ()
>> No symbol table info available.
>> --
>> Pavel Mateja
>>
>> > On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...> wrote:
>> > > > Hello Pavel,
>> > > >
>> > > > Are you running make CFLAGS=-DMSC_TEST test right ?
>> > >
>> > > Yes, I am.
>> > >
>> > > > Can you send me your backtrace ?
>> > >
>> > > Sure. What exactly do you need?
>> > >
>> > > > Thanks
>> > > >
>> > > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <
>> rai...@ki...
>> > > >
>> > > >wrote:
>> > > > > On 22.05.2013 10:22, Pavel Mateja wrote:
>> > > > > > Hi guys,
>> > > > > > I've upgraded our debian servers from wheezy to squeeze and I
>> can't
>> > > > > > pass
>> > > > >
>> > > > > "make
>> > > > >
>> > > > > > test" of modsecurity any more:
>> > > > > >
>> > > > > > Loaded 8 tests from ./op/rx.t
>> > > > > >
>> > > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > > > > > 2) op "rx": passed
>> > > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > > > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
>> > > > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
>> > > > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
>> > > > > > 7) op "rx": passed
>> > > > > >
>> > > > > > ERROR: Failed to create rule for op "rx": Error creating rule:
>> > > > > > Error
>> > > > >
>> > > > > compiling
>> > > > >
>> > > > > > pattern (offset 2): unrecognized character after (? or (?-
>> > > > > > Test exited with signal 11.
>> > > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
>> > > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r"
>> "1"
>> > > > > >
>> > > > > > 8) op "rx": failed
>> > > > > >
>> > > > > > Passed: 7; Failed: 1
>> > > > > >
>> > > > > > I've tried version 2.7.2 which passed test on old debian and
>> latest
>> > > > >
>> > > > > 2.7.3.
>> > > > >
>> > > > > > Both failed on the same place.
>> > > > > >
>> > > > > > Compilation parameters were:
>> > > > > > ./configure --prefix=/apache/modules/
>> --with-apxs=/apache/bin/apxs
>> > > > >
>> > > > > --with-
>> > > > >
>> > > > > > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config
>> > > > >
>> > > > > --enable-pcre-
>> > > > >
>> > > > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
>> > > > >
>> > > > > --disable-mlogc
>> > > > >
>> > > > > Since it exits with signal 11 it might be related to this bug:
>> > > > >
>> > > > > https://github.com/SpiderLabs/ModSecurity/issues/23
>> > > > >
>> > > > > It was fixed in this commit
>> > >
>> > >
>> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e6317
>> > >
>> > > > > af1680f2a007aead
>> > > > >
>> > > > > and should be part of 2.7.2 and later. Maybe the fix didn't catch
>> all
>> > > > > similar situations?
>> > > > >
>> > > > > Regards,
>> > > > >
>> > > > > Rainer
>> > >
>> > >
>> -------------------------------------------------------------------------
>> > >
>> > > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>> > > > > New Relic is the only SaaS-based application performance
>> monitoring
>> > > > > service that delivers powerful full stack analytics. Optimize and
>> > > > > monitor your browser, app, & servers with just a few lines of
>> code.
>> > > > > Try New Relic and get this awesome Nerd Life shirt!
>> > > > > http://p.sf.net/sfu/newrelic_d2d_may
>> > > > > _______________________________________________
>> > > > > mod-security-developers mailing list
>> > > > > mod...@li...
>> > > > >
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > > > > ModSecurity Services from Trustwave's SpiderLabs:
>> > > > > https://www.trustwave.com/spiderLabs.php
>> > >
>> > > --
>> > > Pavel Mateja
>> > >
>> > >
>> > >
>> -------------------------------------------------------------------------
>> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>> > > New Relic is the only SaaS-based application performance monitoring
>> > > service that delivers powerful full stack analytics. Optimize and
>> > > monitor your browser, app, & servers with just a few lines of code.
>> Try
>> > > New Relic and get this awesome Nerd Life shirt!
>> > > http://p.sf.net/sfu/newrelic_d2d_may
>> > > _______________________________________________
>> > > mod-security-developers mailing list
>> > > mod...@li...
>> > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > > ModSecurity Services from Trustwave's SpiderLabs:
>> > > https://www.trustwave.com/spiderLabs.php
>>
>>
>> ------------------------------------------------------------------------------
>> Try New Relic Now & We'll Send You this Cool Shirt
>> New Relic is the only SaaS-based application performance monitoring
>> service
>> that delivers powerful full stack analytics. Optimize and monitor your
>> browser, app, & servers with just a few lines of code. Try New Relic
>> and get this awesome Nerd Life shirt!
>> http://p.sf.net/sfu/newrelic_d2d_may
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>>
>
>
|
|
From: Pavel M. <pa...@ne...> - 2013-05-22 13:58:04
|
> I'm testing with an external tool that uses libpcre and it is failing to
> compile this regex too.
> So i'm start thinking (?^ syntax is not supported by libpcre ?
As I wrote in first email the 2.7.2 was able to run all tests on the same
server running Debian Wheezy. I was just recompiling apache with modules
against new libraries.
It might be problem with newer version of libpcre in Squeeze.
--
Pavel Mateja
> On Wed, May 22, 2013 at 9:53 AM, Breno Silva <bre...@gm...> wrote:
> > Yes. Looks like for some reason the regex is not being compiled.
> >
> > I will investigate it
> >
> > On Wed, May 22, 2013 at 9:47 AM, Pavel Mateja <pa...@ne...> wrote:
> >> > You should do:
> >> >
> >> > Make sure there is a core dump area with something like:
> >> > CoreDumpDirectory /tmp
> >> >
> >> > Make sure limits are set to dump core:
> >> > ulimit -c unlimited
> >> >
> >> > Restart and trigger the error. A core file should be in the directory
> >> > you specified.
> >> >
> >> > Then use gdb to get a backtrace:
> >> >
> >> > gdb /path/to/httpd /path/to/core --batch --quiet \
> >> >
> >> > -ex "thread apply all bt full" > backtrace.log
> >>
> >> Hi again. I'm confused.
> >>
> >> The bug is triggered by msc_test forked by make test not httpd. Just
> >> like the
> >> core says:
> >> core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV),
> >> SVR4-style, from
> >> './msc_test -t op -n rx -p (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)
> >> -D 0
> >> -r'
> >> And gdb complains about right binary:
> >> warning: core file may not match specified executable file.
> >>
> >> I tried to get backtrace against msc_test but I got:
> >> warning: Can't read pathname for load map: Input/output error.
> >> and the backtrace is useless:
> >>
> >> [New LWP 2179]
> >> [Thread debugging using libthread_db enabled]
> >> Using host libthread_db library "/lib/i386-linux-
> >> gnu/i686/nosegneg/libthread_db.so.1".
> >> Core was generated by `./msc_test -t op -n rx -p
> >> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
> >> Program terminated with signal 11, Segmentation fault.
> >> #0 0x080561d6 in msre_op_rx_execute ()
> >>
> >> Thread 1 (Thread 0x4046c870 (LWP 2179)):
> >> #0 0x080561d6 in msre_op_rx_execute ()
> >> No symbol table info available.
> >> #1 0x0804c40e in test_op ()
> >> No symbol table info available.
> >> #2 0x0804d9d3 in main ()
> >> No symbol table info available.
> >> --
> >> Pavel Mateja
> >>
> >> > On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...> wrote:
> >> > > > Hello Pavel,
> >> > > >
> >> > > > Are you running make CFLAGS=-DMSC_TEST test right ?
> >> > >
> >> > > Yes, I am.
> >> > >
> >> > > > Can you send me your backtrace ?
> >> > >
> >> > > Sure. What exactly do you need?
> >> > >
> >> > > > Thanks
> >> > > >
> >> > > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <
> >>
> >> rai...@ki...
> >>
> >> > > >wrote:
> >> > > > > On 22.05.2013 10:22, Pavel Mateja wrote:
> >> > > > > > Hi guys,
> >> > > > > > I've upgraded our debian servers from wheezy to squeeze and I
> >>
> >> can't
> >>
> >> > > > > > pass
> >> > > > >
> >> > > > > "make
> >> > > > >
> >> > > > > > test" of modsecurity any more:
> >> > > > > >
> >> > > > > > Loaded 8 tests from ./op/rx.t
> >> > > > > >
> >> > > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> >> > > > > > 2) op "rx": passed
> >> > > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> >> > > > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> >> > > > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> >> > > > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> >> > > > > > 7) op "rx": passed
> >> > > > > >
> >> > > > > > ERROR: Failed to create rule for op "rx": Error creating rule:
> >> > > > > > Error
> >> > > > >
> >> > > > > compiling
> >> > > > >
> >> > > > > > pattern (offset 2): unrecognized character after (? or (?-
> >> > > > > > Test exited with signal 11.
> >> > > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> >> > > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r"
> >>
> >> "1"
> >>
> >> > > > > > 8) op "rx": failed
> >> > > > > >
> >> > > > > > Passed: 7; Failed: 1
> >> > > > > >
> >> > > > > > I've tried version 2.7.2 which passed test on old debian and
> >>
> >> latest
> >>
> >> > > > > 2.7.3.
> >> > > > >
> >> > > > > > Both failed on the same place.
> >> > > > > >
> >> > > > > > Compilation parameters were:
> >> > > > > > ./configure --prefix=/apache/modules/
> >>
> >> --with-apxs=/apache/bin/apxs
> >>
> >> > > > > --with-
> >> > > > >
> >> > > > > > apr=/apache/bin/apr-1-config
> >> > > > > > --with-apu=/apache/bin/apu-1-config
> >> > > > >
> >> > > > > --enable-pcre-
> >> > > > >
> >> > > > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
> >> > > > >
> >> > > > > --disable-mlogc
> >> > > > >
> >> > > > > Since it exits with signal 11 it might be related to this bug:
> >> > > > >
> >> > > > > https://github.com/SpiderLabs/ModSecurity/issues/23
> >> > > > >
> >> > > > > It was fixed in this commit
> >>
> >> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e631
> >> 7
> >>
> >> > > > > af1680f2a007aead
> >> > > > >
> >> > > > > and should be part of 2.7.2 and later. Maybe the fix didn't
> >> > > > > catch
> >>
> >> all
> >>
> >> > > > > similar situations?
> >> > > > >
> >> > > > > Regards,
> >> > > > >
> >> > > > > Rainer
> >>
> >> ------------------------------------------------------------------------
> >> -
> >>
> >> > > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> >> > > > > New Relic is the only SaaS-based application performance
> >>
> >> monitoring
> >>
> >> > > > > service that delivers powerful full stack analytics. Optimize
> >> > > > > and monitor your browser, app, & servers with just a few lines
> >> > > > > of
> >>
> >> code.
> >>
> >> > > > > Try New Relic and get this awesome Nerd Life shirt!
> >> > > > > http://p.sf.net/sfu/newrelic_d2d_may
> >> > > > > _______________________________________________
> >> > > > > mod-security-developers mailing list
> >> > > > > mod...@li...
> >>
> >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >>
> >> > > > > ModSecurity Services from Trustwave's SpiderLabs:
> >> > > > > https://www.trustwave.com/spiderLabs.php
> >> > >
> >> > > --
> >> > > Pavel Mateja
> >>
> >> ------------------------------------------------------------------------
> >> -
> >>
> >> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> >> > > New Relic is the only SaaS-based application performance monitoring
> >> > > service that delivers powerful full stack analytics. Optimize and
> >> > > monitor your browser, app, & servers with just a few lines of code.
> >>
> >> Try
> >>
> >> > > New Relic and get this awesome Nerd Life shirt!
> >> > > http://p.sf.net/sfu/newrelic_d2d_may
> >> > > _______________________________________________
> >> > > mod-security-developers mailing list
> >> > > mod...@li...
> >> > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >> > > ModSecurity Services from Trustwave's SpiderLabs:
> >> > > https://www.trustwave.com/spiderLabs.php
> >>
> >> ------------------------------------------------------------------------
> >> ------ Try New Relic Now & We'll Send You this Cool Shirt
> >> New Relic is the only SaaS-based application performance monitoring
> >> service
> >> that delivers powerful full stack analytics. Optimize and monitor your
> >> browser, app, & servers with just a few lines of code. Try New Relic
> >> and get this awesome Nerd Life shirt!
> >> http://p.sf.net/sfu/newrelic_d2d_may
> >> _______________________________________________
> >> mod-security-developers mailing list
> >> mod...@li...
> >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >> ModSecurity Services from Trustwave's SpiderLabs:
> >> https://www.trustwave.com/spiderLabs.php
|
|
From: Breno S. <bre...@gm...> - 2013-05-22 14:02:27
|
Maybe i can replace this test by another regex.
On Wed, May 22, 2013 at 10:57 AM, Pavel Mateja <pa...@ne...> wrote:
> > I'm testing with an external tool that uses libpcre and it is failing to
> > compile this regex too.
> > So i'm start thinking (?^ syntax is not supported by libpcre ?
>
> As I wrote in first email the 2.7.2 was able to run all tests on the same
> server running Debian Wheezy. I was just recompiling apache with modules
> against new libraries.
> It might be problem with newer version of libpcre in Squeeze.
> --
> Pavel Mateja
>
> > On Wed, May 22, 2013 at 9:53 AM, Breno Silva <bre...@gm...>
> wrote:
> > > Yes. Looks like for some reason the regex is not being compiled.
> > >
> > > I will investigate it
> > >
> > > On Wed, May 22, 2013 at 9:47 AM, Pavel Mateja <pa...@ne...>
> wrote:
> > >> > You should do:
> > >> >
> > >> > Make sure there is a core dump area with something like:
> > >> > CoreDumpDirectory /tmp
> > >> >
> > >> > Make sure limits are set to dump core:
> > >> > ulimit -c unlimited
> > >> >
> > >> > Restart and trigger the error. A core file should be in the
> directory
> > >> > you specified.
> > >> >
> > >> > Then use gdb to get a backtrace:
> > >> >
> > >> > gdb /path/to/httpd /path/to/core --batch --quiet \
> > >> >
> > >> > -ex "thread apply all bt full" > backtrace.log
> > >>
> > >> Hi again. I'm confused.
> > >>
> > >> The bug is triggered by msc_test forked by make test not httpd. Just
> > >> like the
> > >> core says:
> > >> core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV),
> > >> SVR4-style, from
> > >> './msc_test -t op -n rx -p
> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)
> > >> -D 0
> > >> -r'
> > >> And gdb complains about right binary:
> > >> warning: core file may not match specified executable file.
> > >>
> > >> I tried to get backtrace against msc_test but I got:
> > >> warning: Can't read pathname for load map: Input/output error.
> > >> and the backtrace is useless:
> > >>
> > >> [New LWP 2179]
> > >> [Thread debugging using libthread_db enabled]
> > >> Using host libthread_db library "/lib/i386-linux-
> > >> gnu/i686/nosegneg/libthread_db.so.1".
> > >> Core was generated by `./msc_test -t op -n rx -p
> > >> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
> > >> Program terminated with signal 11, Segmentation fault.
> > >> #0 0x080561d6 in msre_op_rx_execute ()
> > >>
> > >> Thread 1 (Thread 0x4046c870 (LWP 2179)):
> > >> #0 0x080561d6 in msre_op_rx_execute ()
> > >> No symbol table info available.
> > >> #1 0x0804c40e in test_op ()
> > >> No symbol table info available.
> > >> #2 0x0804d9d3 in main ()
> > >> No symbol table info available.
> > >> --
> > >> Pavel Mateja
> > >>
> > >> > On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...>
> wrote:
> > >> > > > Hello Pavel,
> > >> > > >
> > >> > > > Are you running make CFLAGS=-DMSC_TEST test right ?
> > >> > >
> > >> > > Yes, I am.
> > >> > >
> > >> > > > Can you send me your backtrace ?
> > >> > >
> > >> > > Sure. What exactly do you need?
> > >> > >
> > >> > > > Thanks
> > >> > > >
> > >> > > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <
> > >>
> > >> rai...@ki...
> > >>
> > >> > > >wrote:
> > >> > > > > On 22.05.2013 10:22, Pavel Mateja wrote:
> > >> > > > > > Hi guys,
> > >> > > > > > I've upgraded our debian servers from wheezy to squeeze and
> I
> > >>
> > >> can't
> > >>
> > >> > > > > > pass
> > >> > > > >
> > >> > > > > "make
> > >> > > > >
> > >> > > > > > test" of modsecurity any more:
> > >> > > > > >
> > >> > > > > > Loaded 8 tests from ./op/rx.t
> > >> > > > > >
> > >> > > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > >> > > > > > 2) op "rx": passed
> > >> > > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> > >> > > > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> > >> > > > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> > >> > > > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> > >> > > > > > 7) op "rx": passed
> > >> > > > > >
> > >> > > > > > ERROR: Failed to create rule for op "rx": Error creating
> rule:
> > >> > > > > > Error
> > >> > > > >
> > >> > > > > compiling
> > >> > > > >
> > >> > > > > > pattern (offset 2): unrecognized character after (? or (?-
> > >> > > > > > Test exited with signal 11.
> > >> > > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> > >> > > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0"
> "-r"
> > >>
> > >> "1"
> > >>
> > >> > > > > > 8) op "rx": failed
> > >> > > > > >
> > >> > > > > > Passed: 7; Failed: 1
> > >> > > > > >
> > >> > > > > > I've tried version 2.7.2 which passed test on old debian and
> > >>
> > >> latest
> > >>
> > >> > > > > 2.7.3.
> > >> > > > >
> > >> > > > > > Both failed on the same place.
> > >> > > > > >
> > >> > > > > > Compilation parameters were:
> > >> > > > > > ./configure --prefix=/apache/modules/
> > >>
> > >> --with-apxs=/apache/bin/apxs
> > >>
> > >> > > > > --with-
> > >> > > > >
> > >> > > > > > apr=/apache/bin/apr-1-config
> > >> > > > > > --with-apu=/apache/bin/apu-1-config
> > >> > > > >
> > >> > > > > --enable-pcre-
> > >> > > > >
> > >> > > > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
> > >> > > > >
> > >> > > > > --disable-mlogc
> > >> > > > >
> > >> > > > > Since it exits with signal 11 it might be related to this bug:
> > >> > > > >
> > >> > > > > https://github.com/SpiderLabs/ModSecurity/issues/23
> > >> > > > >
> > >> > > > > It was fixed in this commit
> > >>
> > >>
> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e631
> > >> 7
> > >>
> > >> > > > > af1680f2a007aead
> > >> > > > >
> > >> > > > > and should be part of 2.7.2 and later. Maybe the fix didn't
> > >> > > > > catch
> > >>
> > >> all
> > >>
> > >> > > > > similar situations?
> > >> > > > >
> > >> > > > > Regards,
> > >> > > > >
> > >> > > > > Rainer
> > >>
> > >>
> ------------------------------------------------------------------------
> > >> -
> > >>
> > >> > > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > >> > > > > New Relic is the only SaaS-based application performance
> > >>
> > >> monitoring
> > >>
> > >> > > > > service that delivers powerful full stack analytics. Optimize
> > >> > > > > and monitor your browser, app, & servers with just a few lines
> > >> > > > > of
> > >>
> > >> code.
> > >>
> > >> > > > > Try New Relic and get this awesome Nerd Life shirt!
> > >> > > > > http://p.sf.net/sfu/newrelic_d2d_may
> > >> > > > > _______________________________________________
> > >> > > > > mod-security-developers mailing list
> > >> > > > > mod...@li...
> > >>
> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > >>
> > >> > > > > ModSecurity Services from Trustwave's SpiderLabs:
> > >> > > > > https://www.trustwave.com/spiderLabs.php
> > >> > >
> > >> > > --
> > >> > > Pavel Mateja
> > >>
> > >>
> ------------------------------------------------------------------------
> > >> -
> > >>
> > >> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> > >> > > New Relic is the only SaaS-based application performance
> monitoring
> > >> > > service that delivers powerful full stack analytics. Optimize and
> > >> > > monitor your browser, app, & servers with just a few lines of
> code.
> > >>
> > >> Try
> > >>
> > >> > > New Relic and get this awesome Nerd Life shirt!
> > >> > > http://p.sf.net/sfu/newrelic_d2d_may
> > >> > > _______________________________________________
> > >> > > mod-security-developers mailing list
> > >> > > mod...@li...
> > >> > >
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > >> > > ModSecurity Services from Trustwave's SpiderLabs:
> > >> > > https://www.trustwave.com/spiderLabs.php
> > >>
> > >>
> ------------------------------------------------------------------------
> > >> ------ Try New Relic Now & We'll Send You this Cool Shirt
> > >> New Relic is the only SaaS-based application performance monitoring
> > >> service
> > >> that delivers powerful full stack analytics. Optimize and monitor your
> > >> browser, app, & servers with just a few lines of code. Try New Relic
> > >> and get this awesome Nerd Life shirt!
> > >> http://p.sf.net/sfu/newrelic_d2d_may
> > >> _______________________________________________
> > >> mod-security-developers mailing list
> > >> mod...@li...
> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > >> ModSecurity Services from Trustwave's SpiderLabs:
> > >> https://www.trustwave.com/spiderLabs.php
>
>
> ------------------------------------------------------------------------------
> Try New Relic Now & We'll Send You this Cool Shirt
> New Relic is the only SaaS-based application performance monitoring service
> that delivers powerful full stack analytics. Optimize and monitor your
> browser, app, & servers with just a few lines of code. Try New Relic
> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
|
|
From: Breno S. <bre...@gm...> - 2013-05-22 14:05:30
|
Could you tell me your libpcre version (compiled and linked) ?
You can run apache and get it in the error.log
On Wed, May 22, 2013 at 11:02 AM, Breno Silva <bre...@gm...> wrote:
> Maybe i can replace this test by another regex.
>
>
> On Wed, May 22, 2013 at 10:57 AM, Pavel Mateja <pa...@ne...> wrote:
>
>> > I'm testing with an external tool that uses libpcre and it is failing to
>> > compile this regex too.
>> > So i'm start thinking (?^ syntax is not supported by libpcre ?
>>
>> As I wrote in first email the 2.7.2 was able to run all tests on the same
>> server running Debian Wheezy. I was just recompiling apache with modules
>> against new libraries.
>> It might be problem with newer version of libpcre in Squeeze.
>> --
>> Pavel Mateja
>>
>> > On Wed, May 22, 2013 at 9:53 AM, Breno Silva <bre...@gm...>
>> wrote:
>> > > Yes. Looks like for some reason the regex is not being compiled.
>> > >
>> > > I will investigate it
>> > >
>> > > On Wed, May 22, 2013 at 9:47 AM, Pavel Mateja <pa...@ne...>
>> wrote:
>> > >> > You should do:
>> > >> >
>> > >> > Make sure there is a core dump area with something like:
>> > >> > CoreDumpDirectory /tmp
>> > >> >
>> > >> > Make sure limits are set to dump core:
>> > >> > ulimit -c unlimited
>> > >> >
>> > >> > Restart and trigger the error. A core file should be in the
>> directory
>> > >> > you specified.
>> > >> >
>> > >> > Then use gdb to get a backtrace:
>> > >> >
>> > >> > gdb /path/to/httpd /path/to/core --batch --quiet \
>> > >> >
>> > >> > -ex "thread apply all bt full" > backtrace.log
>> > >>
>> > >> Hi again. I'm confused.
>> > >>
>> > >> The bug is triggered by msc_test forked by make test not httpd. Just
>> > >> like the
>> > >> core says:
>> > >> core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV),
>> > >> SVR4-style, from
>> > >> './msc_test -t op -n rx -p
>> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)
>> > >> -D 0
>> > >> -r'
>> > >> And gdb complains about right binary:
>> > >> warning: core file may not match specified executable file.
>> > >>
>> > >> I tried to get backtrace against msc_test but I got:
>> > >> warning: Can't read pathname for load map: Input/output error.
>> > >> and the backtrace is useless:
>> > >>
>> > >> [New LWP 2179]
>> > >> [Thread debugging using libthread_db enabled]
>> > >> Using host libthread_db library "/lib/i386-linux-
>> > >> gnu/i686/nosegneg/libthread_db.so.1".
>> > >> Core was generated by `./msc_test -t op -n rx -p
>> > >> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
>> > >> Program terminated with signal 11, Segmentation fault.
>> > >> #0 0x080561d6 in msre_op_rx_execute ()
>> > >>
>> > >> Thread 1 (Thread 0x4046c870 (LWP 2179)):
>> > >> #0 0x080561d6 in msre_op_rx_execute ()
>> > >> No symbol table info available.
>> > >> #1 0x0804c40e in test_op ()
>> > >> No symbol table info available.
>> > >> #2 0x0804d9d3 in main ()
>> > >> No symbol table info available.
>> > >> --
>> > >> Pavel Mateja
>> > >>
>> > >> > On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...>
>> wrote:
>> > >> > > > Hello Pavel,
>> > >> > > >
>> > >> > > > Are you running make CFLAGS=-DMSC_TEST test right ?
>> > >> > >
>> > >> > > Yes, I am.
>> > >> > >
>> > >> > > > Can you send me your backtrace ?
>> > >> > >
>> > >> > > Sure. What exactly do you need?
>> > >> > >
>> > >> > > > Thanks
>> > >> > > >
>> > >> > > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <
>> > >>
>> > >> rai...@ki...
>> > >>
>> > >> > > >wrote:
>> > >> > > > > On 22.05.2013 10:22, Pavel Mateja wrote:
>> > >> > > > > > Hi guys,
>> > >> > > > > > I've upgraded our debian servers from wheezy to squeeze
>> and I
>> > >>
>> > >> can't
>> > >>
>> > >> > > > > > pass
>> > >> > > > >
>> > >> > > > > "make
>> > >> > > > >
>> > >> > > > > > test" of modsecurity any more:
>> > >> > > > > >
>> > >> > > > > > Loaded 8 tests from ./op/rx.t
>> > >> > > > > >
>> > >> > > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > >> > > > > > 2) op "rx": passed
>> > >> > > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> > >> > > > > > 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
>> > >> > > > > > 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
>> > >> > > > > > 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
>> > >> > > > > > 7) op "rx": passed
>> > >> > > > > >
>> > >> > > > > > ERROR: Failed to create rule for op "rx": Error creating
>> rule:
>> > >> > > > > > Error
>> > >> > > > >
>> > >> > > > > compiling
>> > >> > > > >
>> > >> > > > > > pattern (offset 2): unrecognized character after (? or (?-
>> > >> > > > > > Test exited with signal 11.
>> > >> > > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
>> > >> > > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0"
>> "-r"
>> > >>
>> > >> "1"
>> > >>
>> > >> > > > > > 8) op "rx": failed
>> > >> > > > > >
>> > >> > > > > > Passed: 7; Failed: 1
>> > >> > > > > >
>> > >> > > > > > I've tried version 2.7.2 which passed test on old debian
>> and
>> > >>
>> > >> latest
>> > >>
>> > >> > > > > 2.7.3.
>> > >> > > > >
>> > >> > > > > > Both failed on the same place.
>> > >> > > > > >
>> > >> > > > > > Compilation parameters were:
>> > >> > > > > > ./configure --prefix=/apache/modules/
>> > >>
>> > >> --with-apxs=/apache/bin/apxs
>> > >>
>> > >> > > > > --with-
>> > >> > > > >
>> > >> > > > > > apr=/apache/bin/apr-1-config
>> > >> > > > > > --with-apu=/apache/bin/apu-1-config
>> > >> > > > >
>> > >> > > > > --enable-pcre-
>> > >> > > > >
>> > >> > > > > > match-limit=50000 --enable-pcre-match-limit-recursion=10000
>> > >> > > > >
>> > >> > > > > --disable-mlogc
>> > >> > > > >
>> > >> > > > > Since it exits with signal 11 it might be related to this
>> bug:
>> > >> > > > >
>> > >> > > > > https://github.com/SpiderLabs/ModSecurity/issues/23
>> > >> > > > >
>> > >> > > > > It was fixed in this commit
>> > >>
>> > >>
>> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e631
>> > >> 7
>> > >>
>> > >> > > > > af1680f2a007aead
>> > >> > > > >
>> > >> > > > > and should be part of 2.7.2 and later. Maybe the fix didn't
>> > >> > > > > catch
>> > >>
>> > >> all
>> > >>
>> > >> > > > > similar situations?
>> > >> > > > >
>> > >> > > > > Regards,
>> > >> > > > >
>> > >> > > > > Rainer
>> > >>
>> > >>
>> ------------------------------------------------------------------------
>> > >> -
>> > >>
>> > >> > > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>> > >> > > > > New Relic is the only SaaS-based application performance
>> > >>
>> > >> monitoring
>> > >>
>> > >> > > > > service that delivers powerful full stack analytics. Optimize
>> > >> > > > > and monitor your browser, app, & servers with just a few
>> lines
>> > >> > > > > of
>> > >>
>> > >> code.
>> > >>
>> > >> > > > > Try New Relic and get this awesome Nerd Life shirt!
>> > >> > > > > http://p.sf.net/sfu/newrelic_d2d_may
>> > >> > > > > _______________________________________________
>> > >> > > > > mod-security-developers mailing list
>> > >> > > > > mod...@li...
>> > >>
>> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > >>
>> > >> > > > > ModSecurity Services from Trustwave's SpiderLabs:
>> > >> > > > > https://www.trustwave.com/spiderLabs.php
>> > >> > >
>> > >> > > --
>> > >> > > Pavel Mateja
>> > >>
>> > >>
>> ------------------------------------------------------------------------
>> > >> -
>> > >>
>> > >> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
>> > >> > > New Relic is the only SaaS-based application performance
>> monitoring
>> > >> > > service that delivers powerful full stack analytics. Optimize and
>> > >> > > monitor your browser, app, & servers with just a few lines of
>> code.
>> > >>
>> > >> Try
>> > >>
>> > >> > > New Relic and get this awesome Nerd Life shirt!
>> > >> > > http://p.sf.net/sfu/newrelic_d2d_may
>> > >> > > _______________________________________________
>> > >> > > mod-security-developers mailing list
>> > >> > > mod...@li...
>> > >> > >
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > >> > > ModSecurity Services from Trustwave's SpiderLabs:
>> > >> > > https://www.trustwave.com/spiderLabs.php
>> > >>
>> > >>
>> ------------------------------------------------------------------------
>> > >> ------ Try New Relic Now & We'll Send You this Cool Shirt
>> > >> New Relic is the only SaaS-based application performance monitoring
>> > >> service
>> > >> that delivers powerful full stack analytics. Optimize and monitor
>> your
>> > >> browser, app, & servers with just a few lines of code. Try New Relic
>> > >> and get this awesome Nerd Life shirt!
>> > >> http://p.sf.net/sfu/newrelic_d2d_may
>> > >> _______________________________________________
>> > >> mod-security-developers mailing list
>> > >> mod...@li...
>> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> > >> ModSecurity Services from Trustwave's SpiderLabs:
>> > >> https://www.trustwave.com/spiderLabs.php
>>
>>
>> ------------------------------------------------------------------------------
>> Try New Relic Now & We'll Send You this Cool Shirt
>> New Relic is the only SaaS-based application performance monitoring
>> service
>> that delivers powerful full stack analytics. Optimize and monitor your
>> browser, app, & servers with just a few lines of code. Try New Relic
>> and get this awesome Nerd Life shirt!
>> http://p.sf.net/sfu/newrelic_d2d_may
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>>
>
>
|
|
From: Pavel M. <pa...@ne...> - 2013-05-22 14:12:57
|
> Could you tell me your libpcre version (compiled and linked) ?
>
> You can run apache and get it in the error.log
The old working one is:
ModSecurity: PCRE compiled version="8.2 "; loaded version="8.02 2010-03-19"
The new broken one is:
ModSecurity: PCRE compiled version="8.2 "; loaded version="8.30 2012-02-04"
debian package: libpcre3:i386 1:8.30-5
> On Wed, May 22, 2013 at 11:02 AM, Breno Silva <bre...@gm...> wrote:
> > Maybe i can replace this test by another regex.
> >
> > On Wed, May 22, 2013 at 10:57 AM, Pavel Mateja <pa...@ne...> wrote:
> >> > I'm testing with an external tool that uses libpcre and it is failing
> >> > to compile this regex too.
> >> > So i'm start thinking (?^ syntax is not supported by libpcre ?
> >>
> >> As I wrote in first email the 2.7.2 was able to run all tests on the
> >> same server running Debian Wheezy. I was just recompiling apache with
> >> modules against new libraries.
> >> It might be problem with newer version of libpcre in Squeeze.
> >> --
> >> Pavel Mateja
> >>
> >> > On Wed, May 22, 2013 at 9:53 AM, Breno Silva <bre...@gm...>
> >>
> >> wrote:
> >> > > Yes. Looks like for some reason the regex is not being compiled.
> >> > >
> >> > > I will investigate it
> >> > >
> >> > > On Wed, May 22, 2013 at 9:47 AM, Pavel Mateja <pa...@ne...>
> >>
> >> wrote:
> >> > >> > You should do:
> >> > >> >
> >> > >> > Make sure there is a core dump area with something like:
> >> > >> > CoreDumpDirectory /tmp
> >> > >> >
> >> > >> > Make sure limits are set to dump core:
> >> > >> > ulimit -c unlimited
> >> > >> >
> >> > >> > Restart and trigger the error. A core file should be in the
> >>
> >> directory
> >>
> >> > >> > you specified.
> >> > >> >
> >> > >> > Then use gdb to get a backtrace:
> >> > >> >
> >> > >> > gdb /path/to/httpd /path/to/core --batch --quiet \
> >> > >> >
> >> > >> > -ex "thread apply all bt full" > backtrace.log
> >> > >>
> >> > >> Hi again. I'm confused.
> >> > >>
> >> > >> The bug is triggered by msc_test forked by make test not httpd.
> >> > >> Just like the
> >> > >> core says:
> >> > >> core: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV),
> >> > >> SVR4-style, from
> >> > >> './msc_test -t op -n rx -p
> >>
> >> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)
> >>
> >> > >> -D 0
> >> > >> -r'
> >> > >> And gdb complains about right binary:
> >> > >> warning: core file may not match specified executable file.
> >> > >>
> >> > >> I tried to get backtrace against msc_test but I got:
> >> > >> warning: Can't read pathname for load map: Input/output error.
> >> > >> and the backtrace is useless:
> >> > >>
> >> > >> [New LWP 2179]
> >> > >> [Thread debugging using libthread_db enabled]
> >> > >> Using host libthread_db library "/lib/i386-linux-
> >> > >> gnu/i686/nosegneg/libthread_db.so.1".
> >> > >> Core was generated by `./msc_test -t op -n rx -p
> >> > >> (?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$) -D 0 -r'.
> >> > >> Program terminated with signal 11, Segmentation fault.
> >> > >> #0 0x080561d6 in msre_op_rx_execute ()
> >> > >>
> >> > >> Thread 1 (Thread 0x4046c870 (LWP 2179)):
> >> > >> #0 0x080561d6 in msre_op_rx_execute ()
> >> > >> No symbol table info available.
> >> > >> #1 0x0804c40e in test_op ()
> >> > >> No symbol table info available.
> >> > >> #2 0x0804d9d3 in main ()
> >> > >> No symbol table info available.
> >> > >> --
> >> > >> Pavel Mateja
> >> > >>
> >> > >> > On Wed, May 22, 2013 at 9:32 AM, Pavel Mateja <pa...@ne...>
> >>
> >> wrote:
> >> > >> > > > Hello Pavel,
> >> > >> > > >
> >> > >> > > > Are you running make CFLAGS=-DMSC_TEST test right ?
> >> > >> > >
> >> > >> > > Yes, I am.
> >> > >> > >
> >> > >> > > > Can you send me your backtrace ?
> >> > >> > >
> >> > >> > > Sure. What exactly do you need?
> >> > >> > >
> >> > >> > > > Thanks
> >> > >> > > >
> >> > >> > > > On Wed, May 22, 2013 at 8:05 AM, Rainer Jung <
> >> > >>
> >> > >> rai...@ki...
> >> > >>
> >> > >> > > >wrote:
> >> > >> > > > > On 22.05.2013 10:22, Pavel Mateja wrote:
> >> > >> > > > > > Hi guys,
> >> > >> > > > > > I've upgraded our debian servers from wheezy to squeeze
> >>
> >> and I
> >>
> >> > >> can't
> >> > >>
> >> > >> > > > > > pass
> >> > >> > > > >
> >> > >> > > > > "make
> >> > >> > > > >
> >> > >> > > > > > test" of modsecurity any more:
> >> > >> > > > > >
> >> > >> > > > > > Loaded 8 tests from ./op/rx.t
> >> > >> > > > > >
> >> > >> > > > > > 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> >> > >> > > > > > 2) op "rx": passed
> >> > >> > > > > > 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> >> > >> > > > > > 4) op "rx": passed (Pattern match "abc" at
> >> > >> > > > > > UNIT_TEST.) 5) op "rx": passed (Pattern match "def"
> >> > >> > > > > > at UNIT_TEST.) 6) op "rx": passed (Pattern match
> >> > >> > > > > > "ghi" at UNIT_TEST.) 7) op "rx": passed
> >> > >> > > > > >
> >> > >> > > > > > ERROR: Failed to create rule for op "rx": Error creating
> >>
> >> rule:
> >> > >> > > > > > Error
> >> > >> > > > >
> >> > >> > > > > compiling
> >> > >> > > > >
> >> > >> > > > > > pattern (offset 2): unrecognized character after (? or
> >> > >> > > > > > (?- Test exited with signal 11.
> >> > >> > > > > > Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> >> > >> > > > > > "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0"
> >>
> >> "-r"
> >>
> >> > >> "1"
> >> > >>
> >> > >> > > > > > 8) op "rx": failed
> >> > >> > > > > >
> >> > >> > > > > > Passed: 7; Failed: 1
> >> > >> > > > > >
> >> > >> > > > > > I've tried version 2.7.2 which passed test on old debian
> >>
> >> and
> >>
> >> > >> latest
> >> > >>
> >> > >> > > > > 2.7.3.
> >> > >> > > > >
> >> > >> > > > > > Both failed on the same place.
> >> > >> > > > > >
> >> > >> > > > > > Compilation parameters were:
> >> > >> > > > > > ./configure --prefix=/apache/modules/
> >> > >>
> >> > >> --with-apxs=/apache/bin/apxs
> >> > >>
> >> > >> > > > > --with-
> >> > >> > > > >
> >> > >> > > > > > apr=/apache/bin/apr-1-config
> >> > >> > > > > > --with-apu=/apache/bin/apu-1-config
> >> > >> > > > >
> >> > >> > > > > --enable-pcre-
> >> > >> > > > >
> >> > >> > > > > > match-limit=50000
> >> > >> > > > > > --enable-pcre-match-limit-recursion=10000
> >> > >> > > > >
> >> > >> > > > > --disable-mlogc
> >> > >> > > > >
> >> > >> > > > > Since it exits with signal 11 it might be related to this
> >>
> >> bug:
> >> > >> > > > > https://github.com/SpiderLabs/ModSecurity/issues/23
> >> > >> > > > >
> >> > >> > > > > It was fixed in this commit
> >>
> >> https://github.com/SpiderLabs/ModSecurity/commit/3f6c14de5993b8b2c66e631
> >>
> >> > >> 7
> >> > >>
> >> > >> > > > > af1680f2a007aead
> >> > >> > > > >
> >> > >> > > > > and should be part of 2.7.2 and later. Maybe the fix didn't
> >> > >> > > > > catch
> >> > >>
> >> > >> all
> >> > >>
> >> > >> > > > > similar situations?
> >> > >> > > > >
> >> > >> > > > > Regards,
> >> > >> > > > >
> >> > >> > > > > Rainer
> >>
> >> ------------------------------------------------------------------------
> >>
> >> > >> -
> >> > >>
> >> > >> > > > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> >> > >> > > > > New Relic is the only SaaS-based application performance
> >> > >>
> >> > >> monitoring
> >> > >>
> >> > >> > > > > service that delivers powerful full stack analytics.
> >> > >> > > > > Optimize and monitor your browser, app, & servers with
> >> > >> > > > > just a few
> >>
> >> lines
> >>
> >> > >> > > > > of
> >> > >>
> >> > >> code.
> >> > >>
> >> > >> > > > > Try New Relic and get this awesome Nerd Life shirt!
> >> > >> > > > > http://p.sf.net/sfu/newrelic_d2d_may
> >> > >> > > > > _______________________________________________
> >> > >> > > > > mod-security-developers mailing list
> >> > >> > > > > mod...@li...
> >> > >>
> >> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developer
> >> > >> s
> >> > >>
> >> > >> > > > > ModSecurity Services from Trustwave's SpiderLabs:
> >> > >> > > > > https://www.trustwave.com/spiderLabs.php
> >> > >> > >
> >> > >> > > --
> >> > >> > > Pavel Mateja
> >>
> >> ------------------------------------------------------------------------
> >>
> >> > >> -
> >> > >>
> >> > >> > > ----- Try New Relic Now & We'll Send You this Cool Shirt
> >> > >> > > New Relic is the only SaaS-based application performance
> >>
> >> monitoring
> >>
> >> > >> > > service that delivers powerful full stack analytics. Optimize
> >> > >> > > and monitor your browser, app, & servers with just a few lines
> >> > >> > > of
> >>
> >> code.
> >>
> >> > >> Try
> >> > >>
> >> > >> > > New Relic and get this awesome Nerd Life shirt!
> >> > >> > > http://p.sf.net/sfu/newrelic_d2d_may
> >> > >> > > _______________________________________________
> >> > >> > > mod-security-developers mailing list
> >> > >> > > mod...@li...
> >>
> >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >>
> >> > >> > > ModSecurity Services from Trustwave's SpiderLabs:
> >> > >> > > https://www.trustwave.com/spiderLabs.php
> >>
> >> ------------------------------------------------------------------------
> >>
> >> > >> ------ Try New Relic Now & We'll Send You this Cool Shirt
> >> > >> New Relic is the only SaaS-based application performance monitoring
> >> > >> service
> >> > >> that delivers powerful full stack analytics. Optimize and monitor
> >>
> >> your
> >>
> >> > >> browser, app, & servers with just a few lines of code. Try New
> >> > >> Relic and get this awesome Nerd Life shirt!
> >> > >> http://p.sf.net/sfu/newrelic_d2d_may
> >> > >> _______________________________________________
> >> > >> mod-security-developers mailing list
> >> > >> mod...@li...
> >> > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developer
> >> > >> s ModSecurity Services from Trustwave's SpiderLabs:
> >> > >> https://www.trustwave.com/spiderLabs.php
> >>
> >> ------------------------------------------------------------------------
> >> ------ Try New Relic Now & We'll Send You this Cool Shirt
> >> New Relic is the only SaaS-based application performance monitoring
> >> service
> >> that delivers powerful full stack analytics. Optimize and monitor your
> >> browser, app, & servers with just a few lines of code. Try New Relic
> >> and get this awesome Nerd Life shirt!
> >> http://p.sf.net/sfu/newrelic_d2d_may
> >> _______________________________________________
> >> mod-security-developers mailing list
> >> mod...@li...
> >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >> ModSecurity Services from Trustwave's SpiderLabs:
> >> https://www.trustwave.com/spiderLabs.php
--
Pavel Mateja
|
Thanks for helping keep SourceForge clean.
X