| Ticket UUID: | 1888596 | |||
| Title: | Segfault with tclhttpd and TLS | |||
| Type: | Bug | Version: | obsolete: 8.4.17 | |
| Submitter: | eriklns | Created on: | 2008-02-07 08:57:04 | |
| Subsystem: | 25. Channel System | Assigned To: | andreas_kupries | |
| Priority: | 7 High | Severity: | ||
| Status: | Open | Last Modified: | 2012-05-30 17:58:28 | |
| Resolution: | None | Closed By: | ||
| Closed on: | ||||
| Description: |
I experienced a segfault with Tcl8.4.17, when running tclhttpd (under Linux; I'm unsure whether the OS matters).
Reproducing the segfault involves tclhttpd (3.5.1) and probably tls1.5 as follows:
- Launch tclhttpd and make it listen at a https port, using TLS. I'm using libtls1.5.so, and configured tclhttpd to use TLSv1 only, using the standard configuration file settings. Although libtls1.5.so doesn't show up in the backtrace below, I can't get the segfault to occur when using regular (non-TLS) channels.
- From a http client, send a request with a malformed header. Receiving the malformed header is what triggers the server. I'm using the Tcl http client package, like this:
http::register https $httpsPort [list ::tls::socket \
-request 1 -require 1 -ssl2 0 -ssl3 0 -tls1 1 \
-cafile [file join $Dir(cert) cacert.pem]]
http::geturl https://$host:$port -headers [list {garbage 1}]
(You may need to retry submitting several times before the server crashes)
A full backtrace from the core dump has been attached.
| |||
| User Comments: |
dkf added on 2012-05-30 17:58:28:
Hmm, tls package not in stack trace... eriklns added on 2008-02-07 15:57:05: File Added - 265401: backtrace.txt | |||
Attachments:
- backtrace.txt [download] added by eriklns on 2008-02-07 15:57:05. [details]