On Thu, 20 Jun 2002, Jefferson Ogata wrote: > Seems to me SIGTERM is likely as well, though it may not happen until > someone reboots the webserver. SIGCHLD is also a possibility if an > external CGI is involved, no? Well... I don't think that SIGCHLD can arrive at the same time as the problematic memcpy() is being executed. I don't think that Apache does request processing while waiting for CGI script to finish - at least on unices, with multi-process model. SIGTERM or SIGKILL - true. That's a good point. You can try over and over again, have e.g. 30 child processes spawned at the same time, it should be not that unlikely to have one of them hit exactly where you want it on next reboot / upgrade, even if you don't know the exact timing. -- _____________________________________________________ Michal Zalewski [lcamtufat_private] [security] [http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};: =-=> Did you know that clones never use mirrors? <=-= http://lcamtuf.coredump.cx/photo/
This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 02:43:42 PDT