search

owasp-modsecurity / ModSecurity-apache

ModSecurity v3 Apache Connector
Apache License 2.0
87 stars 51 forks source link

Segmentation fault (FreeBSD) #59

Closed Neko-Chang-Taiwan closed 3 years ago

Neko-Chang-Taiwan commented 5 years ago

Hi All:

I trying use modsecurity3 with Apache 2.4 on FreeBSD 12.0 amd64. I pulled latest commit for modsecurity-apache connector and build successful. (Output: /usr/local/libexec/apache24/mod_security3.so) And add below line into httpd.conf (Exist modsecurity2 removed). LoadModule security3_module libexec/apache24/mod_security3.so

Start Apache but got error as below. .# service apache24 restart Performing sanity check on apache24 configuration: Segmentation fault (core dumped)

FreeBSD default compiler: Clang/LLVM 6.0.1. Build by "gcc8" got same issue.

Please let me know what is going wrong/debug hint. Thanks a lot.

zimmerle commented 5 years ago

Hi @Neko-Chang-Taiwan,

We going to understand the crash a little bit further. For that, a backtrace of the crash will be very useful. Do you think you can grab such information?

Neko-Chang-Taiwan commented 5 years ago

Hi @zimmerle and @victorhora

Thanks your replied. Of course.

I reported at thread of https://forums.freebsd.org/threads/modsecurity-v3-for-freebsd-doesnt-want-to-compile-build.65230/ in FreeBSD forum also because modsecurity-apache connector into FreeBSD ports collection. And I tried to debug by gdb, and got result from forum's thread as below . (I tried to place these information into block 'Insert code', but line break work improperly)

(gdb) core httpd.core [New LWP 101164] bCore was generated by "/usr/local/sbin/httpd". Program terminated with signal SIGSEGV, Segmentation fault.

0 0x00000008031199e8 in vtable for cxxabiv1::si_class_type_info () from /lib/libcxxrt.so.1

(gdb) where

0 0x00000008031199e8 in vtable for cxxabiv1::si_class_type_info () from /lib/libcxxrt.so.1

1 0x00000008022d3016 in __dynamic_cast () from /usr/local/lib/gcc8/libstdc++.so.6

2 0x00000008023527b0 in bool std::has_facet<std::ctype >(std::locale const&) () from /usr/local/lib/gcc8/libstdc++.so.6

3 0x0000000802346004 in std::basic_ios<char, std::char_traits >::_M_cache_locale(std::locale const&) () from /usr/local/lib/gcc8/libstdc++.so.6

4 0x0000000802346480 in std::basic_ios<char, std::char_traits >::init(std::basic_streambuf<char, std::char_traits >*) ()

from /usr/local/lib/gcc8/libstdc++.so.6

5 0x00000008022e69d3 in std::ios_base::Init::Init() () from /usr/local/lib/gcc8/libstdc++.so.6

6 0x0000000801ec54f0 in ?? () from /usr/local/lib/libmodsecurity.so.3

7 0x00000008002a60db in objlist_call_init (list=, lockstate=) at /usr/src/libexec/rtld-elf/rtld.c:2678

8 0x00000008002aa6c9 in dlopen_object (name=0x800be0400 "z\270", <incomplete sequence \325>, fd=, refobj=, lo_flags=2,

mode=258, lockstate=0x800000002) at /usr/src/libexec/rtld-elf/rtld.c:3389

9 0x00000008002a7136 in rtld_dlopen (name=0x800a7c660 "/usr/local/libexec/apache24/mod_security3.so", fd=-1, mode=)

at /usr/src/libexec/rtld-elf/rtld.c:3264

10 0x00000008005a3b60 in apr_dso_load () from /usr/local/lib/libapr-1.so.0

11 0x000000000028e871 in dso_load ()

12 0x000000000028e594 in load_module ()

13 0x000000000025b0d5 in invoke_cmd ()

14 0x0000000000258233 in ap_build_config_sub ()

15 0x000000000025873b in ap_build_config ()

16 0x0000000000258e39 in ap_process_resource_config ()

17 0x000000000025908f in process_resource_config_nofnmatch ()

18 0x0000000000259419 in process_resource_config_fnmatch ()

19 0x00000000002592bd in process_resource_config_fnmatch ()

20 0x00000000002592bd in process_resource_config_fnmatch ()

21 0x00000000002592bd in process_resource_config_fnmatch ()

22 0x00000000002592bd in process_resource_config_fnmatch ()

23 0x00000000002592bd in process_resource_config_fnmatch ()

24 0x0000000000258fcd in ap_process_fnmatch_configs ()

25 0x000000000027f200 in include_config ()

26 0x000000000025b09c in invoke_cmd ()

27 0x0000000000258233 in ap_build_config_sub ()

28 0x000000000025873b in ap_build_config ()

29 0x0000000000258e39 in ap_process_resource_config ()

30 0x000000000025a2a0 in ap_read_config ()

31 0x00000000002555e8 in main ()

(gdb)

Note: Assign gcc8 to build it in ports collection. Beside a little question: Both ModSecurity-apache and libmodsecurity work fine by Clang/LLVM make?

I hope it can be help you. Please tell me next debug method/information.

zimmerle commented 5 years ago

Hi @Neko-Chang-Taiwan,

Thank you for the details.

ModSecurity can be compiled with clang as well. As a matter of fact, we also use clang in our buildbots, as you can check here - https://travis-ci.org/SpiderLabs/ModSecurity

Neko-Chang-Taiwan commented 4 years ago

Hi @zimmerle and @victorhora

Because modsecurity 3 upgrade to 3.0.4, so tried again. Got same issue, GDB result as below (gdb) core httpd.core [New LWP 101190] Core was generated by `/usr/local/sbin/httpd'. Program terminated with signal SIGSEGV, Segmentation fault.

0 0x00000008032a3a18 in ?? ()

(gdb) where

0 0x00000008032a3a18 in ?? ()

1 0x00000008024ecc56 in ?? ()

2 0x0000000802839ea0 in ?? ()

3 0x00007fffffffc9a0 in ?? ()

4 0x0000000000000000 in ?? ()

All of debug symbol disappeared I have not idea to next step, can help me?

Thanks a lot.

Neko-Chang-Taiwan commented 3 years ago

Today, I think about this issue and gdb output. I found a keyword 'GCC'

So I tried to remove knob of "USE_GCC= yes" @ security/modsecurity3/Makefile and rebuild LLVM/clang 10 @ FreeBSD 12. Apache24 start successful and worked as below message [Wed Feb 10 19:36:53.893064 2021] [:notice] [pid 15168:tid 34370637824] ModSecurity: ModSecurity-Apache v0.1.1-beta configured. [Wed Feb 10 19:36:53.992024 2021] [mpm_event:notice] [pid 65772:tid 34370637824] AH00489: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1i configured -- resuming normal operations [Wed Feb 10 19:36:53.996304 2021] [core:notice] [pid 65772:tid 34370637824] AH00094: Command line: '/usr/local/sbin/httpd'

In the time, minimize configuration.

Thanks a lot.