Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 354297

Summary: www-servers/apache-2.2.16-r1 uses memcpy incorrectly (breaks with glibc-2.13)
Product: Gentoo Linux Reporter: Stelian Ionescu <bugs>
Component: [OLD] ServerAssignee: Apache Team - Bugzilla Reports <apache-bugs>
Status: RESOLVED FIXED    
Severity: normal CC: attila.jecs, binki, bug, candrews, emeraldd.chris, jmbsvicetto, modelnine, pawelj, privat
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 342055    
Bug Blocks: 354107    

Description Stelian Ionescu 2011-02-09 22:14:28 UTC 
After installing glibc-2.13 on a Core i7 box running the amd64/10.0/no-multilib profile, I started seeing "request failed: error reading the headers" on almost all SSL requests
The bug seems to be this one: https://issues.apache.org/bugzilla/show_bug.cgi?id=45444 , although it's strange that the fix was pushed to trunk 3 years ago but not released
Comment 1 Jorge Manuel B. S. Vicetto (RETIRED) Gentoo Infrastructure gentoo-dev 2011-02-10 00:20:45 UTC 
Are you sure this isn't a duplicate of bug 353814?
Comment 2 Stelian Ionescu 2011-02-10 09:01:40 UTC 
Yes, because the mod_ssl bug consists in using memcpy() with overlapping memory areas, thus truncating HTTP headers while parsing them.
The patch referenced by the upstream bug report replaces two uses of memcpy() with memmove()
Comment 3 Jorge Manuel B. S. Vicetto (RETIRED) Gentoo Infrastructure gentoo-dev 2011-02-10 11:30:18 UTC 
In that case this is an apache bug so I'm reassigning to the apache team.
Comment 4 Paweł Jastrzębski 2011-02-11 16:21:28 UTC 
Confirming. Error is caused by bug in mod_ssl.
Comment 5 Timo A. Hummel 2011-02-11 17:13:19 UTC 
*** Bug 354303 has been marked as a duplicate of this bug. ***
Comment 6 Paweł Jastrzębski 2011-02-11 19:02:23 UTC 
This bug is fixed in Apache 2.2.17.
Comment 7 Chí-Thanh Christopher Nguyễn gentoo-dev 2011-02-13 14:46:07 UTC 
*** Bug 354737 has been marked as a duplicate of this bug. ***
Comment 8 Robert Piasek (RETIRED) gentoo-dev 2011-02-17 15:53:21 UTC 
Yeah, I can confirm that:

2.2.17 (released 2010-10-19)

works just fine.
Comment 9 Nathan Phillip Brink (binki) (RETIRED) gentoo-dev 2011-02-17 16:15:31 UTC 
This bug should depend on bug 342055.
Comment 10 Benedikt Böhm (RETIRED) gentoo-dev 2011-02-18 17:31:24 UTC 
should be fixed with 2.2.17