Nginx worker crashes when "if" directive specified in location with MDS enabled #98
Assignees
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Core dump contains:
Program terminated with signal 11, Segmentation fault.
#0 modsecurity::Rule::getFinalVars (this=this@entry=0x21c4680, trans=trans@entry=0x186a4f0) at rule.cc:495
495 if (a.second->m_isExclusion) {
backtrace:
#0 modsecurity::Rule::getFinalVars (this=this@entry=0x21c4680, trans=trans@entry=0x186a4f0) at rule.cc:495
#1 0x00007f4b05981f12 in modsecurity::Rule::evaluate (this=0x21c4680, trans=0x186a4f0, ruleMessage=std::shared_ptr (count 1, weak 0) 0x2da23e0) at rule.cc:803
#2 0x00007f4b059742ca in modsecurity::Rules::evaluate (this=0x1896650, phase=phase@entry=3, transaction=transaction@entry=0x186a4f0) at rules.cc:228
#3 0x00007f4b059627d2 in modsecurity::Transaction::processRequestBody (this=0x186a4f0) at transaction.cc:808
#4 0x00000000005045f2 in ngx_http_modsecurity_pre_access_handler (r=0x1882f20) at ngx_http_modsecurity/src/ngx_http_modsecurity_pre_access.c:199
#5 0x000000000046af43 in ngx_http_core_generic_phase (r=0x1882f20, ph=0x2d3f528) at src/http/ngx_http_core_module.c:882
#6 0x000000000046ae93 in ngx_http_core_run_phases (r=0x1882f20) at src/http/ngx_http_core_module.c:860
#7 0x000000000046ae01 in ngx_http_handler (r=0x1882f20) at src/http/ngx_http_core_module.c:843
#8 0x000000000047ac80 in ngx_http_process_request (r=0x1882f20) at src/http/ngx_http_request.c:1921
#9 0x0000000000479609 in ngx_http_process_request_headers (rev=0x7f4af71ba0d0) at src/http/ngx_http_request.c:1348
#10 0x00000000004789ec in ngx_http_process_request_line (rev=0x7f4af71ba0d0) at src/http/ngx_http_request.c:1028
#11 0x000000000047759e in ngx_http_wait_request_handler (rev=0x7f4af71ba0d0) at src/http/ngx_http_request.c:503
#12 0x0000000000459e3b in ngx_epoll_process_events (cycle=0x1865520, timer=60000, flags=1) at src/event/modules/ngx_epoll_module.c:902
#13 0x0000000000448eae in ngx_process_events_and_timers (cycle=0x1865520) at src/event/ngx_event.c:242
#14 0x00000000004576c1 in ngx_worker_process_cycle (cycle=0x1865520, data=0x3) at src/os/unix/ngx_process_cycle.c:749
#15 0x0000000000453fb5 in ngx_spawn_process (cycle=0x1865520, proc=0x4575da <ngx_worker_process_cycle>, data=0x3, name=0x535943 "worker process", respawn=-3) at src/os/unix/ngx_process.c:198
#16 0x000000000045650b in ngx_start_worker_processes (cycle=0x1865520, n=4, type=-3) at src/os/unix/ngx_process_cycle.c:358
#17 0x0000000000455b28 in ngx_master_process_cycle (cycle=0x1865520) at src/os/unix/ngx_process_cycle.c:130
#18 0x0000000000414e56 in main (argc=3, argv=0x7ffe88c4b148) at src/core/nginx.c:375
full backtrace:
#0 modsecurity::Rule::getFinalVars (this=this@entry=0x21c4680, trans=trans@entry=0x186a4f0) at rule.cc:495
a = @0x18ed688: {first = 942431, second = std::unique_ptrmodsecurity::Variables::Variable containing 0x0}
__for_range =
exclusions_update_by_tag_remove = empty std::list
exclusions_update_by_id_remove = empty std::list
variables = std::vector of length 3, capacity 4 = {0x21c0e60, 0x21c2cb0, 0x21c3010}
exclusions = empty std::list
exclusions_update_by_msg_remove = empty std::list
finalVars = std::vector of length 0, capacity 0
#1 0x00007f4b05981f12 in modsecurity::Rule::evaluate (this=0x21c4680, trans=0x186a4f0, ruleMessage=std::shared_ptr (count 1, weak 0) 0x2da23e0) at rule.cc:803
variables =
recursiveGlobalRet =
containsDisruptive = false
eparam = ""((?:[\~\!\@\#\$\%\^\&\\(\)\-\+\=\{\}\[\]\|\:\;\"\'\´\’\‘\
\\<\\>][^\\~\\!\\@\\#\\$\\%\\^\\&\\*\\(\\)\\-\\+\\=\\{\\}\\[\\]\\|\\:\\;\\\"\\'\\´\\’\\‘\\\<\>]?){6})""globalRet = false
finalVars = std::vector of length 0, capacity 0
#2 0x00007f4b059742ca in modsecurity::Rules::evaluate (this=0x1896650, phase=phase@entry=3, transaction=transaction@entry=0x186a4f0) at rules.cc:228
rule = 0x21c4680
i = 268
rules =
#3 0x00007f4b059627d2 in modsecurity::Transaction::processRequestBody (this=0x186a4f0) at transaction.cc:808
a = std::unique_ptr<std::basic_string<char, std::char_traits, std::allocator >> containing 0x2d5f590
fullRequest = "Host: sbt-opbs-0007:8085\nConnection: keep-alive\nContent-Length: 6\nAccept-Language: en,ru-RU;q=0.9,ru;q=0.8,en-US;q=0.7\nAccept: application/json, text/plain, /\nOrigin: chrome-extension://ehafadccdcde"...
l = std::vector of length 9, capacity 16 = {0x2d4a7e0, 0x2d4a770, 0x2d4a700, 0x2d4a5d0, 0x2d4a650, 0x2d4a600, 0x2d4a580, 0x2d4a4f0, 0x2d5f540}
#4 0x00000000005045f2 in ngx_http_modsecurity_pre_access_handler (r=0x1882f20) at ngx_http_modsecurity/src/ngx_http_modsecurity_pre_access.c:199
ret = 0
already_inspected = 0
chain = 0x2d5a628
ctx = 0x1869550
cf = 0x1894c88
old_pool = 0x0
#5 0x000000000046af43 in ngx_http_core_generic_phase (r=0x1882f20, ph=0x2d3f528) at src/http/ngx_http_core_module.c:882
rc = -5
#6 0x000000000046ae93 in ngx_http_core_run_phases (r=0x1882f20) at src/http/ngx_http_core_module.c:860
rc = -2
ph = 0x2d3f498
cmcf = 0x1867a78
#7 0x000000000046ae01 in ngx_http_handler (r=0x1882f20) at src/http/ngx_http_core_module.c:843
cmcf = 0x7f4af71ba0d0
#8 0x000000000047ac80 in ngx_http_process_request (r=0x1882f20) at src/http/ngx_http_request.c:1921
c = 0x7f4af74041e0
#9 0x0000000000479609 in ngx_http_process_request_headers (rev=0x7f4af71ba0d0) at src/http/ngx_http_request.c:1348
p = 0x1882ed0 "\316>\210\001"
len = 25702280
n = 421
rc = 0
rv = 140731193010704
h = 0x1883c80
c = 0x7f4af74041e0
hh = 0x0
r = 0x1882f20
cscf = 0x188a918
cmcf = 0x1867a78
#10 0x00000000004789ec in ngx_http_process_request_line (rev=0x7f4af71ba0d0) at src/http/ngx_http_request.c:1028
n = 446
rc = 0
rv = 25733552
host = {len = 47450432, data = 0x7a2420 <cached_time+96> "\033\364\264Z"}
c = 0x7f4af74041e0
r = 0x1882f20
#11 0x000000000047759e in ngx_http_wait_request_handler (rev=0x7f4af71ba0d0) at src/http/ngx_http_request.c:503
p = 0x3000000020 <Address 0x3000000020 out of bounds>
The text was updated successfully, but these errors were encountered: