ModSecurity: Segfault after hitting rule with SecRuleUpdateTargetById
I updated a rule by appending to the config:
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:/example/"
When I hit this rule the worker process dies with signal 11:
2017/10/12 14:46:29 [alert] 16#16: worker process 27 exited on signal 11
This is with core rule set 3.0.2, libmodsec 3.0.0rc1 and nginx compiled with:
nginx version: nginx/1.13.6 built by gcc 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.5) built with OpenSSL 1.0.2g 1 Mar 2016 TLS SNI support enabled configure arguments: --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/ngi nx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-tem p-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-htt p_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_sub_module --with-http_v2_module --with-stream -- with-stream_ssl_module --with-stream_ssl_preread_module --with-threads --with-file-aio --without-mail_pop3_module --without-mail_smtp_module --without-mail_imap_module --without-http_uwsgi_m odule --without-http_scgi_module --with-cc-opt='-g -O3 -flto -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 --param=ssp-buffer-size=4 -DTCP_F ASTOPEN=23 -Wno-error=strict-aliasing -fPIC -m64 -mtune=generic' --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -fPIC -pie -Wl,-z,relro -Wl,-z,now' --add-module=/tmp/build/ngx_devel_kit-0.3.0 --add-module=/tmp/build/set-misc-nginx-module-0.31 --add-module=/tmp/build/nginx-module-vts-0.1.15 --add-module=/tmp/build/headers-more-nginx-module-0.32 --add-module=/tmp/build/nginx-goodi es-nginx-sticky-module-ng-08a395c66e42 --add-module=/tmp/build/nginx-http-auth-digest-7955af9c77598c697ac292811914ce1e2b3b824c --add-module=/tmp/build/ngx_http_substitutions_filter_module-bc 58cb11844bc42735bbaef7085ea86ace46d05b --add-module=/tmp/build/nginx-opentracing-fcc2e822c6dfc7d1f432c16b07dee9437c24236a --add-dynamic-module=/tmp/build/ModSecurity-nginx-a2a5858d249222938c 2f5e48087a922c63d7f9d8
About this issue
- Original URL
- State: closed
- Created 7 years ago
- Comments: 17 (6 by maintainers)
Commits related to this issue
- Fix memory issue while changing rule target dynamic Issue #1590 — committed to owasp-modsecurity/ModSecurity by deleted user 7 years ago
Thanks @slabber
With this configuration file I can confirm the segfault occurring with the Nginx directive below enabled:
# enforce ssl on server side if ($pass_access_scheme = http) { return 301 https://$best_http_host$request_uri; }And a SecRuleUpdateTargetByID rule with any existing ID such as:
In this case any request triggers the segfault.
@victorhora Any update on this? It’s highly blocking for us kubernetes users. Even perhaps some update as to when you expect this to be fixed would be useful.
Thanks!