command line

./ironbee_test.py --local-apache --file-glob="req-failure-127.0.0.1-9931-1307383267.01" --file-format="raw"

raw request file

GET /source.xls HTTP/1.1 Host: 192.168.2.6 Accept: /_ Accept-Language: en,en-US;q=0.5 User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; SF/1.29b) Accept-Encoding: gzip, deflate Connection: Keep-Alive Range: bytes=0-199999 Referer: http://192.168.2.6/ Cookie: JSESSIONID=EF5CC8B75E56DCC0F73FAC473AD8F568

GET /source.ws HTTP/1.1 Host: 192.168.2.6 Accept: /_ Accept-Language: en,en-US;q=0.5 User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; SF/1.29b) Accept-Encoding: gzip, deflate Connection: Keep-Alive Range: bytes=0-199999 Referer: http://192.168.2.6/ Cookie: JSESSIONID=EF5CC8B75E56DCC0F73FAC473AD8F568

error.log

[Mon Jun 06 13:11:44 2011] [notice] child pid 18333 exit signal Segmentation fault (11), possible coredump in /home/coz/workspace2/waf-qa/server_root/tmp [Mon Jun 06 13:11:45 2011] [debug] mod_ironbee.c(270): IronBee: Child exit pid=18416 [Mon Jun 06 13:11:45 2011] [debug] mod_ironbee.c(270): IronBee: Child exit pid=18334 [Mon Jun 06 13:11:45 2011] [debug] mod_ironbee.c(270): IronBee: Child exit pid=18332

0 modhtp_htp_response_line (connp=) at htp.c:505

    modctx = <value optimized out>
    tx = 0x7f15951d2c90
    ib = 0x7f159515a040
    itxdata = {ib = 0x7f159515a040, mp = 0x7f15951db875,
      tx = 0x7f15951d3880, dtype = IB_DTYPE_HTTP_LINE, dalloc = 13,
      dlen = 139730613797763, data = 0xd <Address 0xd out of bounds>}
    itx = <value optimized out>

1 0x00007f1591998853 in hook_run_all (hook=0x7f15951c6c20,

data=0x7f15951bd6f0) at hooks.c:144

No locals.

2 0x00007f15919a1788 in htp_connp_RES_LINE (connp=0x7f15951bd6f0)

at htp_response.c:671
    chomp_result = 2
    rc = <value optimized out>

3 0x00007f15919a0d19 in htp_connp_res_data (connp=0x7f15951bd6f0,

timestamp=0xfffffffffffffffe, data=0x0, len=1106557264)
at htp_response.c:872
    rc = 0

4 0x00007f15909ec1fb in modhtp_iface_data_out (pi=,

qcdata=0x7f158fb669f0) at htp.c:919
    ib = 0x7f159515a040
    iconn = <value optimized out>
    modctx = 0x7f1595170348
    htp = 0x7f15951bd6f0
    rc = IB_OK
    tv = {tv_sec = 1307383903, tv_usec = 13912}
    ec = <value optimized out>

5 0x00007f159178e807 in process_bucket (f=0x7f15951b7a60, b=0x7f15951bb718)

at mod_ironbee.c:225
    c = 0x7f15951b72e0
    icdata = {ib = 0x7f159515a040, mp = 0x7f15951700e8,
      conn = 0x7f15951700f0, dalloc = 217, dlen = 217,
      data = 0x7f15951d9848 "HTTP/1.1 404 Not Found\r\nDate: Mon, 06 Jun 2011 18:11:43 GMT\r\nServer: Apache/2.2.14 (Ubuntu)\r\nContent-Length: 209\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; chars"...}
    bdata = 0x0
    nbytes = 217
    rc = <value optimized out>

6 0x00007f159178e8ab in ironbee_output_filter (f=0x7f15951b7a60,

bb=0x7f15951d5d20) at mod_ironbee.c:709
    b = 0x7f15951bb718

7 0x00007f15942c8720 in ap_http_header_filter (f=0x7f15951c86e0,

ironbee / ironbee

Processing the following request with IronBee causes a segv #6