Bug 27106

Summary: Possible memory leak when accessing SSL port with plain HTTP
Product: Apache httpd-2 Reporter: Mick Wall <mick>
Component: mod_sslAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: CLOSED FIXED    
Severity: normal CC: k19
Priority: P3    
Version: 2.0.48   
Target Milestone: ---   
Hardware: PC   
OS: Linux   
URL: https://webmail.zedis.lv

Description Mick Wall 2004-02-20 11:22:36 UTC
I was running some tests with apachebench to get some performance timings, I 
inadvertantly gave a URL that was SSL enabled but with a http:// prefix.  If I 
do this from a browser I get the message 

Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.


I was watching the memory footprint of httpd while doing this, and it grows 
RAPIDLY!,  here is a trace, dumped every 5 seconds

   40001 A   nsuser  48354  17728 104  60 20 3d144  6556        * 
11:10:29      -  0:01 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  79  60 20 3d144 171528        * 
11:10:29      -  0:06 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  76  60 20 3d144 418664        * 
11:10:29      -  0:10 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728   2  60 20 3d144 630156        * 
11:10:29      -  0:14 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728   0  60 20 3d144 630156        * 
11:10:29      -  0:14 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728   0  60 20 3d144 630156        * 
11:10:29      -  0:14 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728   0  60 20 3d144 630156        * 
11:10:29      -  0:14 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  23  60 20 3d144 631532        * 
11:10:29      -  0:14 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728 118  60 20 3d144 643608        * 
11:10:29      -  0:21 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  13  60 20 3d144 649964        * 
11:10:29      -  0:28 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  32  60 20 3d144 656148        * 
11:10:29      -  0:34 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  52  60 20 3d144 662140        * 
11:10:29      -  0:41 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  75  60 20 3d144 668276        * 
11:10:29      -  0:48 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728 109  60 20 3d144 674340        * 
11:10:29      -  0:54 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728 131  60 20 3d144 680632        * 
11:10:29      -  1:01 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  18  60 20 3d144 686904        * 
11:10:29      -  1:08 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  43  60 20 3d144 693064        * 
11:10:29      -  1:14 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  73  60 20 3d144 699364        * 
11:10:29      -  1:21 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  92  60 20 3d144 705672        * 
11:10:29      -  1:28 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728 110  60 20 3d144 711836        * 
11:10:29      -  1:34 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  12  60 20 3d144 718044        * 
11:10:29      -  1:41 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  36  60 20 3d144 724340        * 
11:10:29      -  1:48 lt-httpd -k start -DSSL
   40001 A   nsuser  48354  17728  57  60 20 3d144 730148        * 


Shortly after this the process crashed.

Regards

Mick
Comment 1 Joe Orton 2004-02-25 10:55:41 UTC
Ouch! Thanks for the report, the fix is here:

http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.117&r2=1.118

this change will be proposed for inclusion in the next 2.0 release.
Comment 2 Mark Cox 2004-03-03 10:08:21 UTC
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0113 to this issue.
Comment 3 Joe Orton 2004-03-09 14:11:39 UTC
There was a minor bug in the patch posted previously; the better fix is below:

http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.100.2.11&r2=1.100.2.12
Comment 4 zedis 2004-03-10 07:12:52 UTC
adfgsdfg