View Issue Details

IDProjectCategoryView StatusLast Update
0006572CentOS-6squidpublic2013-10-03 10:03
Reporteranderson_thomas 
PrioritynormalSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
PlatformAMD x86_64OSCentOSOS Version6
Product Version6.4 
Target VersionFixed in Version6.4 
Summary0006572: squid - cachemgr.cgi crash after login with
DescriptionHello,

when entering the cachemgr.cgi - AND AFTER TYPE IN THE LOGIN CREDENTIALS -
following error occurs:

ERROR 500 - Premature end of script headers: cachemgr.cgi

Linux CentOS 6.4 - standard repository, see -->
Name : squid Relocations: (not relocatable)
Version : 3.1.10 Vendor: CentOS
Release : 18.el6_4 Build Date: Wed 26 Jun 2013
01:27:39 PM CEST
Install Date: Mon 01 Jul 2013 02:38:28 PM CEST Build Host:
c6b9.bsys.dev.centos.org
Group : System Environment/Daemons Source RPM:
squid-3.1.10-18.el6_4.src.rpm
Size : 6048404 License: GPLv2 and (LGPLv2+ and
Public Domain)
Signature : RSA/SHA1, Wed 26 Jun 2013 04:28:34 PM CEST, Key ID
0946fca2c105b9de
Packager : CentOS BuildSystem <http://bugs.centos.org>
URL : http://www.squid-cache.org
Summary : The Squid proxy caching server

The apache error:log shows following informations:

----- error_log start -----

[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] *** glibc detected ***
/usr/lib64/squid/cachemgr.cgi: free(): invalid pointer: 0x00007fa08fea5060 ***,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] ======= Backtrace:
=========, referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90]
/lib64/libc.so.6(+0x760e6)[0x7fa08e9910e6], referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90]
/usr/lib64/squid/cachemgr.cgi(main+0x6a1)[0x7fa08fc968a1], referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90]
/lib64/libc.so.6(__libc_start_main+0xfd)[0x7fa08e939cdd], referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90]
/usr/lib64/squid/cachemgr.cgi(+0x2bd9)[0x7fa08fc94bd9], referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] ======= Memory map:
========, referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08e508000-7fa08e514000
r-xp 00000000 fd:01 148181 /lib64/libnss_files-2.12.so,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08e514000-7fa08e714000
---p 0000c000 fd:01 148181 /lib64/libnss_files-2.12.so,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08e714000-7fa08e715000
r--p 0000c000 fd:01 148181 /lib64/libnss_files-2.12.so,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08e715000-7fa08e716000
rw-p 0000d000 fd:01 148181 /lib64/libnss_files-2.12.so,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08e716000-7fa08e71a000
r-xp 00000000 fd:01 135025 /lib64/libattr.so.1.1.0,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08e71a000-7fa08e919000
---p 00004000 fd:01 135025 /lib64/libattr.so.1.1.0,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08e919000-7fa08e91a000
r--p 00003000 fd:01 135025 /lib64/libattr.so.1.1.0,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08e91a000-7fa08e91b000
rw-p 00004000 fd:01 135025 /lib64/libattr.so.1.1.0,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08e91b000-7fa08eaa5000
r-xp 00000000 fd:01 137227 /lib64/libc-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08eaa5000-7fa08eca4000
---p 0018a000 fd:01 137227 /lib64/libc-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08eca4000-7fa08eca8000
r--p 00189000 fd:01 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 137227
 /lib64/libc-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08eca8000-7fa08eca9000
rw-p 0018d000 fd:01 137227 /lib64/libc-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08eca9000-7fa08ecae000
rw-p 00000000 00:00 0 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08ecae000-7fa08ecc4000
r-xp 00000000 fd:01 137229
/lib64/libgcc_s-4.4.7-20120601.so.1, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08ecc4000-7fa08eec3000
---p 00016000 fd:01 137229
/lib64/libgcc_s-4.4.7-20120601.so.1, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08eec3000-7fa08eec4000
rw-p 00015000 fd:01 137229
/lib64/libgcc_s-4.4.7-20120601.so.1, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08eec4000-7fa08ef47000
r-xp 00000000 fd:01 147580 /lib64/libm-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08ef47000-7fa08f146000
---p 00083000 fd:01 147580 /lib64/libm-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f146000-7fa08f147000
r--p 00082000 fd:01 147580 /lib64/libm-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f147000-7fa08f148000
rw-p 00083000 fd:01 147580 /lib64/libm-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f148000-7fa08f230000
r-xp 00000000 fd:01 135036 /usr/lib64/libstdc++.so.6.0.13,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f230000-7fa08f430000
---p 0, referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 00e8000 fd:01 135036
               /usr/lib64/libstdc++.so.6.0.13, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f430000-7fa08f437000
r--p 000e8000 fd:01 135036 /usr/lib64/libstdc++.so.6.0.13,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f437000-7fa08f439000
rw-p 000ef000 fd:01 135036 /usr/lib64/libstdc++.so.6.0.13,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f439000-7fa08f44e000
rw-p 00000000 00:00 0 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f44e000-7fa08f450000
r-xp 00000000 fd:01 147509 /lib64/libdl-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f450000-7fa08f650000
---p 00002000 fd:01 147509 /lib64/libdl-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f650000-7fa08f651000
r--p 00002000 fd:01 147509 /lib64/libdl-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f651000-7fa08f652000
rw-p 00003000 fd:01 147509 /lib64/libdl-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f652000-7fa08f653000
rw-p 00000000 00:00 0 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f653000-7fa08f657000
r-xp 00000000 fd:01 135042 /lib64/libcap.so.2.16, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f657000-7fa08f856000
---p 00004000 fd:01 135042 /lib64/libcap.so.2.16, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f856000-7fa08f857000
rw-p 00003000 fd:01 135042 /lib64/, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] libcap.so.2.16, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f857000-7fa08f86d000
r-xp 00000000 fd:01 147582 /lib64/libnsl-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08f86d000-7fa08fa6c000
---p 00016000 fd:01 147582 /lib64/libnsl-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fa6c000-7fa08fa6d000
r--p 00015000 fd:01 147582 /lib64/libnsl-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fa6d000-7fa08fa6e000
rw-p 00016000 fd:01 147582 /lib64/libnsl-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fa6e000-7fa08fa70000
rw-p 00000000 00:00 0 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fa70000-7fa08fa90000
r-xp 00000000 fd:01 138402 /lib64/ld-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fc85000-7fa08fc89000
rw-p 00000000 00:00 0 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fc8c000-7fa08fc8f000
rw-p 00000000 00:00 0 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fc8f000-7fa08fc90000
r--p 0001f000 fd:01 138402 /lib64/ld-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fc90000-7fa08fc91000
rw-p 00020000 fd:01 138402 /lib64/ld-2.12.so, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fc91000-7fa08fc92000
rw-p 00000000 00:00 0 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fc92000-7fa08fc9e000
r-xp 00000000 fd:01 144361 /usr/lib64/squid/cachemgr.cgi,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fc9e000-7fa08fc9f000
rw-p 00000000 00:00 0 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fe9, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] d000-7fa08fe9e000 rw-p
0000b000 fd:01 144361 /usr/lib64/squid/cachemgr.cgi,
referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa08fe9e000-7fa08feac000
rw-p 00000000 00:00 0 , referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fa090c1a000-7fa090c3b000
rw-p 00000000 00:00 0 [heap], referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fffd38ed000-7fffd3902000
rw-p 00000000 00:00 0 [stack], referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] 7fffd39ff000-7fffd3a00000
r-xp 00000000 00:00 0 [vdso], referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
[vsyscall], referer: http://localhost/Squid/cgi-bin/cachemgr.cgi
[Fri Jul 19 15:08:22 2013] [error] [client 10.0.0.90] Premature end of script
headers: cachemgr.cgi, referer:
http://localhost/Squid/cgi-bin/cachemgr.cgi

----- error_log end -----

Please, can you help to start running the cachemgr.cgi again?

Thank you!
Steps To ReproduceHello,

open url to cachemgr.cgi and type in your username and password. After that, the problem occurs.
Additional Informationhttp://bugs.squid-cache.org/show_bug.cgi?id=3881

Amos Jeffries <squid3@treenet.co.nz> changed:

           What |Removed |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED |RESOLVED
         Resolution| |FIXED
   Target Milestone|--- |3.1

--- Comment #1 from Amos Jeffries <squid3@treenet.co.nz> 2013-07-20 07:26:20 UTC ---
This is a security vulnerability fixed more than a year ago.
   Please upgrade, URGENTLY.
http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
TagsNo tags attached.

Activities

eliezer

eliezer

2013-07-27 18:34

reporter   ~0017727

A new repo for CentOS at:
http://wiki.squid-cache.org/KnowledgeBase/CentOS
toracat

toracat

2013-07-28 00:31

manager   ~0017728

@anderson_thomas

The link you provided ( http://www.squid-cache.org/Advisories/SQUID-2012_1.txt ) refers to two CVE's:

They both have been addressed upstream:

CVE-2012-5643 -> https://rhn.redhat.com/errata/RHSA-2013-0505.html
(Fixed in squid-3.1.10-16.el6)

CVE-2013-0189 -> https://bugzilla.redhat.com/show_bug.cgi?id=895972
(RHEL 5 and 6: Not Vulnerable)
anderson_thomas

anderson_thomas

2013-07-28 06:05

reporter   ~0017729

@eliezer

Thank you for your REPO-Link for CentOS and the work that you did for building RPM's for CentOS. BUT when I look at the squid installation on CentOS 6.4, the RPM comes from -->
squid.x86_64 7:3.1.10-18.el6_4 @updates

So, I would hope, that a fix was found in the normal update handling from RHEL and maybe, people who as more skill that I am, can help to fix the problem with cachemgr.cgi in the vendor upstream of squid?


@toracat

Thank you for your statement to the fixed secuity issus. Good to know, that the known issus where fixed. BUT, at the other hand, there is still a problem with cachemgr.cgi, which is a functional problem, what I described. Is there a possibility to fix the functional problem too?

Thank you all
anderson_thomas.
toracat

toracat

2013-07-28 13:34

manager   ~0017731

@anderson_thomas

Can you go back to the bug report:

http://bugs.squid-cache.org/show_bug.cgi?id=3881

and post the content of my note 17728 to point out that the squid package you are using should not have the vuln quoted in Amos Jeffries's comment?

But if Amos is correct and the CentOS/RHEL version of squid does indeed have the said vuln, then this must be reported upstream (RH, http://bugzilla.redhat.com ).
eliezer

eliezer

2013-07-28 14:22

reporter   ~0017732

If RH or whoever doesn't provide the UPDATED RPM I cannot force them to but who ever wants an updated version Can find it HERE.

Since CentOS is an enterprise class OS I wouldn't expect it to just update their vesrion without testing and this is what for my repo is there..

To do basic tests that Some upstream RH guys doesn't want to test and make sure that the product works fine after a very good update..

Eliezer
anderson_thomas

anderson_thomas

2013-07-29 09:44

reporter   ~0017737

Hi toracat,

i posted, as you applied to me, to copy your post 17728 to the squid bug tracker.

I hope, that there will come an answer from the squid bug tracker, and maybe RH bug tracker get a new entry for tjis problem?

Thank you!
anderson_thomas.
toracat

toracat

2013-07-29 20:40

manager   ~0017738

Amos Jeffries says squid in RHEL/CentOS-6 is vulnerable. I've added a note to https://bugzilla.redhat.com/show_bug.cgi?id=895972 .
toracat

toracat

2013-07-30 15:02

manager   ~0017740

A detailed note was added to BZ 895972 by RH :

https://bugzilla.redhat.com/show_bug.cgi?id=895972#c7

and a new one has been opened as a result:

https://bugzilla.redhat.com/show_bug.cgi?id=990186
 ( squid: cachemgr regression introduced in RHSA-2013:0505 )
tigalch

tigalch

2013-10-01 16:13

manager   ~0018120

Last edited: 2013-10-01 18:58

View 2 revisions

If I read upstream right, the squid update released today upstream should probaly fix the cachemgr.cgi issues. The announcement eMail went out recently. Please report back once released/updated and retried. Thanks.

anderson_thomas

anderson_thomas

2013-10-03 10:01

reporter   ~0018133

Hi,

after the last CentOS 6.4 - squid update, the cachemgr.cgi are still working for me, as expected.

Name : squid
Arch : x86_64
Epoch : 7
Version : 3.1.10
Release : 19.el6_4
Size : 5.8 M
Repo : installed
From repo : updates
Summary : The Squid proxy caching server
URL : http://www.squid-cache.org
License : GPLv2 and (LGPLv2+ and Public Domain)
Description : ...

Thank you to all and especially to toracat!
tigalch

tigalch

2013-10-03 10:03

manager   ~0018134

Marking as SOLVED per reporters feedback

Issue History

Date Modified Username Field Change
2013-07-23 08:05 anderson_thomas New Issue
2013-07-27 18:34 eliezer Note Added: 0017727
2013-07-28 00:31 toracat Note Added: 0017728
2013-07-28 06:05 anderson_thomas Note Added: 0017729
2013-07-28 13:34 toracat Note Added: 0017731
2013-07-28 14:22 eliezer Note Added: 0017732
2013-07-29 09:44 anderson_thomas Note Added: 0017737
2013-07-29 20:40 toracat Note Added: 0017738
2013-07-30 15:02 toracat Note Added: 0017740
2013-07-30 15:02 toracat Status new => confirmed
2013-10-01 16:13 tigalch Note Added: 0018120
2013-10-01 18:58 tigalch Note Edited: 0018120 View Revisions
2013-10-03 10:01 anderson_thomas Note Added: 0018133
2013-10-03 10:03 tigalch Note Added: 0018134
2013-10-03 10:03 tigalch Status confirmed => resolved
2013-10-03 10:03 tigalch Fixed in Version => 6.4
2013-10-03 10:03 tigalch Resolution open => fixed