nginx worker process getting killed when request has query string parameters

Question

nginx worker process getting killed when request has query string parameters

raja1128 opened this issue 5 years ago · 1 comments

Nginx worker process is getting killed, on every request with query string parameters

request: "GET /s3proxy/test.html?dc=apples HTTP/1.1"
[error] 332#332: *15 canonical qs constructed is dc=apples

*15 canonical req is GET
/s3proxy/test.html
dc=apples

Error backtrace:
[alert] 326#326: worker process 331 exited on signal 11 (core dumped)

*** glibc detected *** nginx: worker process: corrupted double-linked list: 0x0000560500c0e790 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x75e5e)[0x7fcadad5ce5e]
/lib64/libc.so.6(+0x7a614)[0x7fcadad61614]
/lib64/libc.so.6(__libc_malloc+0x5c)[0x7fcadad61b1c]
/usr/lib64/libcrypto.so.10(CRYPTO_malloc+0x5e)[0x7fcadb2fbcee]
/usr/lib64/libcrypto.so.10(sk_new+0x3d)[0x7fcadb37704d]
/usr/lib64/libcrypto.so.10(+0x103b00)[0x7fcadb394b00]
/usr/lib64/libcrypto.so.10(+0x1084ce)[0x7fcadb3994ce]
/usr/lib64/libcrypto.so.10(+0x1083fa)[0x7fcadb3993fa]
/usr/lib64/libcrypto.so.10(+0x1083fa)[0x7fcadb3993fa]
/usr/lib64/libcrypto.so.10(ASN1_item_ex_d2i+0xc37)[0x7fcadb39c5a7]
/usr/lib64/libcrypto.so.10(ASN1_item_d2i+0x44)[0x7fcadb39cc64]
/usr/lib64/libssl.so.10(ssl3_get_server_certificate+0x251)[0x7fcadb69b621]
/usr/lib64/libssl.so.10(ssl3_connect+0x892)[0x7fcadb69dd62]
nginx: worker process(ngx_ssl_handshake+0x1f)[0x5604ff06f95f]
nginx: worker process(+0x59b32)[0x5604ff06fb32]
nginx: worker process(+0x548d3)[0x5604ff06a8d3]
nginx: worker process(ngx_process_events_and_timers+0x7f)[0x5604ff06033f]
nginx: worker process(+0x525d0)[0x5604ff0685d0]
nginx: worker process(ngx_spawn_process+0x195)[0x5604ff0667e5]
nginx: worker process(ngx_master_process_cycle+0x804)[0x5604ff0692b4]
nginx: worker process(main+0xb4a)[0x5604ff04172a]
/lib64/libc.so.6(__libc_start_main+0x100)[0x7fcadad05d20]
nginx: worker process(+0x29769)[0x5604ff03f769]

nginx version: nginx/1.15.7
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-23) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled

OS: centos6

Answer 1 · 2020-08-16T09:07:55.000Z

I've solved this problem using

set $args '';

Above the proxypass. This nukes the query paras before the module reads the url hence signs the request correctly. This worked for my use case.