oss-sec mailing list archives
Re: Apache web server use after free bugs (unfixed)
From: Florian Weimer <fweimer () redhat com>
Date: Mon, 21 Jan 2019 09:23:22 +0100
* Hanno Böck:
threading related error ======================= In addition to the ASAN use after free reports, httpd logs threading related errors: AH00052: child pid [pid] exit signal Aborted (6) apache2: tpp.c:84: __pthread_tpp_change_priority: Assertion `new_prio == -1 || (new_prio >= fifo_min_prio && new_prio <= fifo_max_prio)' failed.
This can happen if the mutex data is corrupted, so it's possible this also caused by a use-after-free issue (if the memory is reallocated and overwritten before the mutex operation that causes the assertion failure). Did you observe this with the pool debugger only? Thanks, Florian
Current thread:
- Apache web server use after free bugs (unfixed) Hanno Böck (Jan 21)
- Re: Apache web server use after free bugs (unfixed) Florian Weimer (Jan 21)
- Re: Apache web server use after free bugs (unfixed) Craig Young (Jan 21)
- Re: Apache web server use after free bugs (unfixed) Florian Weimer (Jan 21)