search

litespeedtech / openlitespeed

Our high-performance, lightweight, open source HTTP server
https://openlitespeed.org
GNU General Public License v3.0
1.16k stars 189 forks source link

Segmentation fault on logo fetch with minimal configuration #387

Closed kenballus closed 3 months ago

kenballus commented 5 months ago

I was trying to figure out what a minimal OLS configuration file would look like, and stumbled upon a segfault. Though this problem does result from an invalid config file, a configuration file really shouldn't be able to cause the server to segfault.

To reproduce the issue, cd into a new directory, and copy the following into ./httpd_config.conf:

serverName openlitespeed
user nobody
group nogroup
mime /dev/null

errorlog logs/error.log {}

CGIRLimit {}

Copy the following Dockerfile into that directory too:

FROM debian:bullseye-slim

WORKDIR /app

RUN apt -y update && apt -y install wget curl

ARG APP_VERSION
RUN wget "https://github.com/litespeedtech/openlitespeed/releases/download/v${APP_VERSION}/openlitespeed-${APP_VERSION}-x86_64-linux.tgz" && tar xf openlitespeed*.tgz

RUN cd /app/openlitespeed && ./install.sh

RUN rm -rf /usr/local/lsws/conf/ && mkdir /usr/local/lsws/conf
COPY httpd_config.conf /usr/local/lsws/conf/httpd_config.conf

CMD /usr/local/lsws/bin/openlitespeed -d

Then, run the following command:

docker run --rm -it -p 7080:7080 "$(docker build . -q --build-arg=APP_VERSION=1.8.1)"

Then, from another terminal, run the following command:

wget --no-check-certificate 'https://localhost:7080/res/img/product_logo.svg'

OLS will then segfault and crash.

kenballus commented 5 months ago

This is caused by the fact that the mime file is /dev/null.

Maybe an unchecked open on the mime file?