Nginx Segmentation fault

jason_sam · June 4, 2014, 3:18pm

I needed to use modsecurity so I compiled nginx and modsecurity.

Modsecurity was compiled with options: ./configure
–enable-standalone-module

nginx with: ./configure
–add-module=…/modsecurity-2.8.0/nginx/modsecurity/

When I try to test my configuration I have this:

[root@nginx1 nginx]# /usr/local/nginx/sbin/nginx -t
Segmentation fault

from message logs:
Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip
00007f9088569a32 sp 00007fffc90ccf58 error 4 in
libc-2.12.so[7f90884e0000+18b000]
Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip
00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in
libc-2.12.so[7f6626c0a000+18b000]

Update: it seams it a modsecurity problem, copiled without it
(./configure
–with-http_ssl_module) work just fine…

Posted at Nginx Forum:

Godinho · June 4, 2014, 5:13pm

Hi,

there is a lot of open issues with ModSecurity and nginx:

Some of them have been already fixed in nginx_refactoring branch:

I spent some time experimenting with this branch locally,
and added a number of improvements to the code:

A number of patches were already imported into
SpiderLabs/nginx_refactoring
repository, others are under review and testing.

Please feel free to try - any feedback will be greatly appreciated!

Cheers,

Andrei B.

Godinho · June 4, 2014, 5:58pm

Andrei, have you checked issue 630?

Godinho · June 5, 2014, 8:31am

Hello, this is unrelated to nginx and has to do with mod_security. There
is
an alternative if it suits your needs called naxsi.

Regards,
Kurt C.
http://www.getwnmp.org
On Jun 4, 2014 9:18 AM, “Godinho” [email protected] wrote:

I needed to use modsecurity so I compiled nginx and modsecurity.

Modsecurity was compiled with options: ./configure
–enable-standalone-module

nginx with: ./configure
–add-module=…/modsecurity-2.8.0/nginx/modsecurity/

When I try to test my configuration I have this:

[root@nginx1 nginx]# /usr/local/nginx/sbin/nginx -t
Segmentation fault

from message logs:
Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip
00007f9088569a32 sp 00007fffc90ccf58 error 4 in
libc-2.12.so[7f90884e0000+18b000]
Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip
00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in
libc-2.12.so[7f6626c0a000+18b000]

Update: it seams it a modsecurity problem, copiled without it
(./configure
–with-http_ssl_module) work just fine…

Posted at Nginx Forum:

Godinho · June 5, 2014, 10:03am

Can you post a full core dump? Did you verify the mod_security tarball
you downloaded? Can detail the steps taken to build that module? What
version of nginx are you trying to build?

Godinho · June 4, 2014, 6:14pm

Not yet.

Quick look makes me think that “client_body_in_file_only on;” might
help.

– defan

Godinho · June 5, 2014, 11:05pm

No, it does not help. The problem somewhere in body reading/processing.

Godinho · June 5, 2014, 10:08am

I think this bug was fixed in nginx_refactoring tree.

On Wed, Jun 4, 2014 at 7:00 PM, Robert P. <