AG Segmentation fault when processing formfill enabled login page

  • 7014651
  • 27-Feb-2014
  • 27-Feb-2014

Environment

NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 ACcess Gateway
Formfill enabled to SSO to application login page

Situation

In the process of upgrading from AM 3.1 SP4 (3.1.4-57) to AM 4.0.0-110.  Admin
consoles and Identity Servers have been upgraded successfully.  One of 2 gateways in the gateway cluster
has been migrated to the Apache based Access Gateway (AG).  

During testing against the new AG, it was discovered that for one particular
protected resource which has a form fill policy enabled, every user access for that resource
would cause the AG to generate a Segmentation faults and core file in /var/cache/novell-apache2.

The corresponding stack trace from /tmp/debug000.log showed the following: Dump Created: Thu Feb 27 09:07:18 2014 stack trace /opt/novell/ag/lib/mod_novell_ag.so(+0x2864f) [0x7f080147664f] /opt/novell/ag/lib/mod_novell_ag.so(_addEventPrint+0x57) [0x7f0801476737] /opt/novell/ag/lib/mod_novell_ag.so(+0x255fb) [0x7f08014735fb] /opt/novell/apache2/sbin/httpd(ap_run_fatal_exception+0x4a) [0x7f08093881ea] /opt/novell/apache2/sbin/httpd(+0x4a577) [0x7f0809388577] /lib64/libpthread.so.0(+0xf6b0) [0x7f0807c936b0] /lib64/libc.so.6(gsignal+0x35) [0x7f0807754945] /lib64/libc.so.6(abort+0x181) [0x7f0807755f21] /usr/lib64/libstdc++.so.6(_ZN9__gnu_cxx27__verbose_terminate_handlerEv+0x114) [0x7f0803c16504] /usr/lib64/libstdc++.so.6(+0xc5946) [0x7f0803c14946] /usr/lib64/libstdc++.so.6(+0xc5973) [0x7f0803c14973] /usr/lib64/libstdc++.so.6(+0xc5a5a) [0x7f0803c14a5a] /usr/lib64/libstdc++.so.6(_Znwm+0x7e) [0x7f0803c14eae] /usr/lib64/libstdc++.so.6(_ZNSs4_Rep9_S_createEmmRKSaIcE+0x21) [0x7f0803bf2dc1] /usr/lib64/libstdc++.so.6(_ZNSs9_M_mutateEmmm+0x6e) [0x7f0803bf4a8e] /usr/lib64/libstdc++.so.6(_ZNSs5eraseEN9__gnu_cxx17__normal_iteratorIPcSsEES2_+0x24) [0x7f0803bf5044] /opt/novell/ag/lib/mod_novell_ag.so(_Z10fillSilentP9FFContextPKcPc+0x5b7) [0x7f0801483a95] /opt/novell/ag/lib/mod_novell_ag.so(_Z8fillHtmlP9FFContextPKcPci+0x14a) [0x7f0801484d39] /opt/novell/ag/lib/mod_novell_ag.so(_Z14performActionsP9FFContextP11ap_filter_t+0x53f) [0x7f0801487cda] /opt/novell/ag/lib/mod_novell_ag.so(formfill4_filter+0x54c) [0x7f0801488330] /opt/novell/apache2/libexec/mod_cache.so(+0x415b) [0x7f0806d1115b] /opt/novell/ag/lib/mod_novell_ag.so(rewriter_char_filter+0x339) [0x7f08014a6b68] /opt/novell/ag/lib/mod_novell_ag.so(rewrite+0x135) [0x7f080149b3a7] /opt/novell/ag/lib/mod_novell_ag.so(rewriter_word_filter+0xe2) [0x7f08014a6826] /opt/novell/apache2/libexec/mod_proxy_http.so(+0x3b78) [0x7f08058b4b78] /opt/novell/apache2/libexec/mod_proxy_http.so(+0x52f6) [0x7f08058b62f6] /opt/novell/apache2/libexec/mod_proxy.so(proxy_run_scheme_handler+0xc1) [0x7f0805ac0851] /opt/novell/apache2/libexec/mod_proxy.so(+0x9fac) [0x7f0805ac4fac] /opt/novell/apache2/sbin/httpd(ap_run_handler+0x83) [0x7f080937f303] /opt/novell/apache2/sbin/httpd(ap_invoke_handler+0xce) [0x7f08093829fe] /opt/novell/apache2/sbin/httpd(ap_process_request+0x1ce) [0x7f080938e63e]

Resolution

Make sure that the comment tags in the login form are setup and terminated correctly. In the problem form, the following snippet showed an issue with the comment tag

<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" LANGUAGE="JScript">
document.loginform.reset();
// End script hiding -->
</SCRIPT>

The comment had no matching <!— tag (beginning comment).

Adding the valid begin comment tag fixed the issue. If it is not possible to change the login page directly, inject the valid begin comment tag with a rewriter search and replace change,The proxy cannot handle malformed html or at least a malformed comment tag, and the issue has been reported to dev.