Drupal down due to jstools: canary mismatch on efree() - heap overflow detected
Roi Danton - April 29, 2008 - 13:31
| Project: | Javascript Tools |
| Version: | 5.x-1.x-dev |
| Component: | Activemenus |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
While using Activemenu, Collapsiblock and JS Calendar the following error ocurred every 30-50 hours.
ALERT - canary mismatch on efree() - heap overflow detected (attacker 'x.x.x.x', file '[...]/modules/jstools/jstools.module', line 92)So no visitor could access Drupal until Activemenu and Collapsiblock has been disabled.
Any idea how jstools could trigger that?
Setup:
Drupal 5.7
MySQL 5.0.51a, PHP 5.2.5
Suhosin Patch 0.9.6.2
#1
Probably triggered by some non-Drupal code you're running. See e.g. this discussion: http://forum.hardened-php.net/viewtopic.php?id=145.
#2
My setup:
The site would run just fine for a few hours, then just display a white screen of death (WSoD) on all front-end pages. I was receiving the following errors in my Apache error log:
[Tue Mar 10 16:41:11 2009] [error] [client 216.139.136.92] ALERT - canary mismatch on efree() - heap overflow detected (attacker '216.139.136.92', file '/var/www/drupal5/sites/example.com/modules/glossary/glossary.module', line 1050)Disabling eAccelerator fixed the problem. I believe that eAccelerator was the cause of the segfault, at least in my case. Hope this helps someone else with this issue.
#3
Scratch that. We disabled eAccelerator and tested for 24 hours, and the problem disappeared, so we concluded that eAccelerator was to blame. However, the problem has resurfaced, it just took longer, and therefore eAccelerator is not to blame.