Public bug reported: Binary package hint: apache2
The following came in an email to [EMAIL PROTECTED] I asked the sender to file a report, but it hasn't happened yet, so I am filing it on his behalf (essentially pasting the email here). --- EMAIL FROM USER --- After upgrading our servers from Ubuntu 6.06 to Ubuntu 8.04 we started seeing MASSIVE memory leaks in Apache 2.2 (mpm-worker). Before decreasing MaxRequestsPerChild we actually got kernel panic OOMs so in our view this is a serious DenialOfSerivce vulnerability. I have spent some time debugging the issue using valgrind and some custom debugging printf's and I have so far concluded that it is related to SSLv3/TLSv1 zlib compression. How to reproduce the leak: (1) Set up a SSL-enabled host in Apache2.2. Session cache and the like does not seem to matter, but make sure that the childs run long enough to notice the leak. (2) Verify that zlib compression is enabled: $ openssl s_client -tls1 -connect host:port (3) Flood the host with compression enabled requests (no SSLv2): $ ab -n x -c y -f tls1 https://XXX Valgrind indicates that the leak occurs inside crypto/comp/c_zlib.c in libssl0.9.8g: static int zlib_stateful_init(COMP_CTX *ctx) { int err; struct zlib_state *state = -> (struct zlib_state *)OPENSSL_malloc(sizeof(struct zlib_state)); My debugging printf's seem to indicate that (in the same file): static void zlib_stateful_finish(COMP_CTX *ctx) is called correctly, but static void zlib_stateful_free_ex_data(...) which is supposed to free the zlib_state allocation is never called. The zlib_stateful_free_ex_data function seems to be called when I use openssl s_server instead of Apache as the SSL server. I am therefore not completely sure whether the root of this bug is in apache or openssl. BTW, bug #186339 looks like it is the same issue. ** Affects: apache2 (Ubuntu) Importance: High Status: New ** Summary changed: - memory leaks when running mod_ssl + memory leaks in apache2 when running mod_ssl ** Changed in: apache2 (Ubuntu) Importance: Undecided => High -- memory leaks in apache2 when running mod_ssl https://bugs.launchpad.net/bugs/224945 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
