From b90fa2d063400768b959e24f2e15376565bcf49c Mon Sep 17 00:00:00 2001 From: "Martin.Blapp" Date: Thu, 15 Nov 2018 12:41:57 +0100 Subject: [PATCH] Use tempfiles for apr_global_mutex_create() to fix segfaults with Apache 2.2. Call modsecurity_init() for the first invocation too. --- apache2/modsecurity.c | 9 ++++++--- apache2/modsecurity.h | 6 ++++++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/apache2/modsecurity.c b/apache2/modsecurity.c index dcdb4859..09b5caa2 100644 --- a/apache2/modsecurity.c +++ b/apache2/modsecurity.c @@ -133,7 +133,8 @@ int modsecurity_init(msc_engine *msce, apr_pool_t *mp) { curl_global_init(CURL_GLOBAL_ALL); #endif /* Serial audit log mutext */ - rc = apr_global_mutex_create(&msce->auditlog_lock, NULL, APR_LOCK_DEFAULT, mp); + tmpnam(auditlog_lock_name); + rc = apr_global_mutex_create(&msce->auditlog_lock, auditlog_lock_name, APR_LOCK_DEFAULT, mp); if (rc != APR_SUCCESS) { //ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, "mod_security: Could not create modsec_auditlog_lock"); //return HTTP_INTERNAL_SERVER_ERROR; @@ -154,7 +155,8 @@ int modsecurity_init(msc_engine *msce, apr_pool_t *mp) { } #endif /* SET_MUTEX_PERMS */ - rc = apr_global_mutex_create(&msce->geo_lock, NULL, APR_LOCK_DEFAULT, mp); + tmpnam(geo_lock_name); + rc = apr_global_mutex_create(&msce->geo_lock, geo_lock_name, APR_LOCK_DEFAULT, mp); if (rc != APR_SUCCESS) { return -1; } @@ -171,7 +173,8 @@ int modsecurity_init(msc_engine *msce, apr_pool_t *mp) { #endif /* SET_MUTEX_PERMS */ #ifdef GLOBAL_COLLECTION_LOCK - rc = apr_global_mutex_create(&msce->dbm_lock, NULL, APR_LOCK_DEFAULT, mp); + tmpnam(dbm_lock_name); + rc = apr_global_mutex_create(&msce->dbm_lock, dbm_lock_name, APR_LOCK_DEFAULT, mp); if (rc != APR_SUCCESS) { return -1; } diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h index f24bc756..11313b9b 100644 --- a/apache2/modsecurity.h +++ b/apache2/modsecurity.h @@ -133,6 +133,12 @@ typedef struct msc_parm msc_parm; #define FATAL_ERROR "ModSecurity: Fatal error (memory allocation or unexpected internal error)!" +static char auditlog_lock_name[L_tmpnam]; +static char geo_lock_name[L_tmpnam]; +#ifdef GLOBAL_COLLECTION_LOCK +static char dbm_lock_name[L_tmpnam]; +#endif + extern DSOLOCAL char *new_server_signature; extern DSOLOCAL char *real_server_signature; extern DSOLOCAL char *chroot_dir;