After Applying Patch 16021044 to Oracle HTTP Server 11.1.1.6 - MOD_SECURITY Causes Performance Issues and Core Dumps (Doc ID 1627786.1)

Last updated on NOVEMBER 28, 2016

Applies to:

Oracle HTTP Server - Version 11.1.1.6.0 to 11.1.1.7.0 [Release Oracle11g]
Linux x86-64

Symptoms

After applying <Patch 16021044>: OHS SECURITY PATCH UPDATE 11.1.1.6.0 (CPUAPR2013), Oracle HTTP Server has performance issues, crashes and generates a core dump.

Stack trace extracted from the core file displays the following:


  #0  0x000000355ca306f7 in kill () from /lib64/libc.so.6
 #1  0x00000000004651f2 in sig_coredump ()
 #2  <signal handler called>
 #3  0x000000355ca79b60 in strlen () from /lib64/libc.so.6
 #4  0x00002b2ce0c75dc4 in apr_vformatter () from
 /u01/R122_EBS/fs1/FMW_Home/webtier/lib/libapr-1.so.0
 #5  0x00002b2ce0c83ea5 in apr_pvsprintf () from
 /u01/R122_EBS/fs1/FMW_Home/webtier/lib/libapr-1.so.0
 #6  0x00002b2ce0c8416a in apr_psprintf () from
 /u01/R122_EBS/fs1/FMW_Home/webtier/lib/libapr-1.so.0
 #7  0x00002b2ce5306f6b in sec_audit_logger (msr=0x4dd4ff8e8d1a4) at
 msc_logging.c:964
 #8  0x00002b2ce530d6c1 in modsecurity_process_phase_logging
 (msr=0x4dd4ff8e8d1a4) at modsecurity.c:691
 #9  0x00002b2ce530d19f in modsecurity_process_phase () at modsecurity.c:797
 #10 0x00002b2ce52defd8 in hook_log_transaction (r=0x4dd4ff8e8d1a4) at
 mod_security2.c:1198
 #11 0x000000000043b75a in ap_run_log_transaction ()


When a specific page is accessed, the login screen appears and the http server process crashes.


If "include mod_security.conf" is commented out then OHS does not crash.

Changes

 Applied CPU patch which delivered mod_security and configured as per the readme.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms