[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

Potential DoS in cgi.rb with apache & mod_fastcgi

Xavier

1/25/2005 10:28:00 PM

Hi Group,

I am getting many errors like the following in my apache logs:

/usr/lib/ruby/1.8/cgi.rb:725: [BUG] rb_sys_fail() - errno == 0
ruby 1.8.2 (2004-12-25) [i686-linux]

This error occurs whenever the client breaks the connection.
The fastcgi process logs the error and exits with an untrapped signal 6
error message.

This can lead to a DoS because mod_fastcgi will stop spawning fcgi's
whenever processes have failed to keep running for at least 30 seconds.

How could I either prevent cgi.rb from breaking or trap and recover from
the signal 6?
A simple Signal.trap(6) does not work, e.g.

FCGI.each_cgi do |cgi|
Signal.trap(6){exit(2)}
do_CGI(cgi)
end

does not catch the signal.


Any help greatly appreciated,
Xavier
4 Answers

Eric Hodel

1/25/2005 11:20:00 PM

0

On 25 Jan 2005, at 14:30, Xavier wrote:

> Hi Group,
>
> I am getting many errors like the following in my apache logs:
>
> /usr/lib/ruby/1.8/cgi.rb:725: [BUG] rb_sys_fail() - errno == 0
> ruby 1.8.2 (2004-12-25) [i686-linux]
>
> This error occurs whenever the client breaks the connection.
> The fastcgi process logs the error and exits with an untrapped signal 6
> error message.

Attach a debugger, and you will see what fcgi.so is doing wrong (errno
is not set properly).

> This can lead to a DoS because mod_fastcgi will stop spawning fcgi's
> whenever processes have failed to keep running for at least 30 seconds.
>
> How could I either prevent cgi.rb from breaking or trap and recover
> from
> the signal 6?

You don't. This is Ruby saying "I don't know what's wrong, so I'm
freaking out and dying here and now."

I sent a patch to moonwolf some time ago, but he has not responded...

It turned out that patch is wrong, but I haven't had time to write the
correct patch. On line 158 of fcgi.c (0.8.5) err needs to be copied to
errno so rb_sys_fail works correctly.

--
Eric Hodel - drbrain@segment7.net - http://se...
FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04

Kent Sibilev

1/25/2005 11:35:00 PM

0

I also noticed that this happens only on FreeBSD. I've never seen this
problem since we moved to Linux.

Cheers,
Kent.

On Jan 25, 2005, at 6:20 PM, Eric Hodel wrote:

> On 25 Jan 2005, at 14:30, Xavier wrote:
>
>> Hi Group,
>>
>> I am getting many errors like the following in my apache logs:
>>
>> /usr/lib/ruby/1.8/cgi.rb:725: [BUG] rb_sys_fail() - errno == 0
>> ruby 1.8.2 (2004-12-25) [i686-linux]
>>
>> This error occurs whenever the client breaks the connection.
>> The fastcgi process logs the error and exits with an untrapped signal
>> 6
>> error message.
>
> Attach a debugger, and you will see what fcgi.so is doing wrong (errno
> is not set properly).
>
>> This can lead to a DoS because mod_fastcgi will stop spawning fcgi's
>> whenever processes have failed to keep running for at least 30
>> seconds.
>>
>> How could I either prevent cgi.rb from breaking or trap and recover
>> from
>> the signal 6?
>
> You don't. This is Ruby saying "I don't know what's wrong, so I'm
> freaking out and dying here and now."
>
> I sent a patch to moonwolf some time ago, but he has not responded...
>
> It turned out that patch is wrong, but I haven't had time to write the
> correct patch. On line 158 of fcgi.c (0.8.5) err needs to be copied
> to errno so rb_sys_fail works correctly.
>
> --
> Eric Hodel - drbrain@segment7.net - http://se...
> FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04

Xavier

1/26/2005 12:18:00 AM

0

On Wed, 26 Jan 2005 08:20:29 +0900, Eric Hodel wrote:

> On 25 Jan 2005, at 14:30, Xavier wrote:
>
>> Hi Group,
>>
>> I am getting many errors like the following in my apache logs:
>>
>> /usr/lib/ruby/1.8/cgi.rb:725: [BUG] rb_sys_fail() - errno == 0
>> ruby 1.8.2 (2004-12-25) [i686-linux]
>>
>> This error occurs whenever the client breaks the connection.
>> The fastcgi process logs the error and exits with an untrapped signal 6
>> error message.
>
> Attach a debugger, and you will see what fcgi.so is doing wrong (errno
> is not set properly).
>
>> This can lead to a DoS because mod_fastcgi will stop spawning fcgi's
>> whenever processes have failed to keep running for at least 30 seconds.

> I sent a patch to moonwolf some time ago, but he has not responded...
>
> It turned out that patch is wrong, but I haven't had time to write the
> correct patch. On line 158 of fcgi.c (0.8.5) err needs to be copied to
> errno so rb_sys_fail works correctly.


Thanks Eric.
Your hint helped me solve the problem.
More tests after a good night of sleep :)

Thanks 100x,
Xavier

Thursday

1/26/2005 12:57:00 AM

0

Kent Sibilev wrote:
> I also noticed that this happens only on FreeBSD. I've never seen this
> problem since we moved to Linux.
>
> Cheers,
> Kent.
>

This problem is also in Linux (i686-Linux) according to Xavier's log:

/usr/lib/ruby/1.8/cgi.rb:725: [BUG] rb_sys_fail() - errno == 0
ruby 1.8.2 (2004-12-25) [i686-linux]

I hope this gets fixed before some idiot goes around crashing all the
rubyonrails sites that depend on mod_fastcgi.

ALL: Please post a 'diff -ruN' patch for the fix just in case an
updated version isn't released for a while.