I was trying to figure out what a minimal OLS configuration file would look like, and stumbled upon a segfault. Though this problem does result from an invalid config file, a configuration file really shouldn't be able to cause the server to segfault.
To reproduce the issue, cd into a new directory, and copy the following into ./httpd_config.conf:
serverName openlitespeed
user nobody
group nogroup
mime /dev/null
errorlog logs/error.log {}
CGIRLimit {}
Copy the following Dockerfile into that directory too:
FROM debian:bullseye-slim
WORKDIR /app
RUN apt -y update && apt -y install wget curl
ARG APP_VERSION
RUN wget "https://github.com/litespeedtech/openlitespeed/releases/download/v${APP_VERSION}/openlitespeed-${APP_VERSION}-x86_64-linux.tgz" && tar xf openlitespeed*.tgz
RUN cd /app/openlitespeed && ./install.sh
RUN rm -rf /usr/local/lsws/conf/ && mkdir /usr/local/lsws/conf
COPY httpd_config.conf /usr/local/lsws/conf/httpd_config.conf
CMD /usr/local/lsws/bin/openlitespeed -d
I was trying to figure out what a minimal OLS configuration file would look like, and stumbled upon a segfault. Though this problem does result from an invalid config file, a configuration file really shouldn't be able to cause the server to segfault.
To reproduce the issue,
cd
into a new directory, and copy the following into./httpd_config.conf
:Copy the following Dockerfile into that directory too:
Then, run the following command:
Then, from another terminal, run the following command:
OLS will then segfault and crash.