[ic] Died in server spawn: read: closed

Grant emailgrant at gmail.com
Wed Jan 5 22:55:21 UTC 2011


>>>> I'm getting messages like this in my global error log every few days:
>>>>
>>>> Died in server spawn: read: closed at
>>>> /usr/local/interchange/lib/Vend/Server.pm line 728.
>>>>
>>>> Today a user described what I think was a 500 Internal Server Error
>>>> apache2 error page which corresponds to one of these errors.
>>>>
>>>> Does anyone know more about what could be happening or how to track it
>>>> down?
>>>>
>>>> - Grant
>>>
>>> Have you checked your Apache error logs for entries at that same time?
>>>
>>> DB
>>
>> I've just done that and I see that the error corresponds to this
>> apache2 error message about half of the time:
>>
>> close: Broken pipe\n,
>>
>> It always seems to be a POST and it can be SSL or not.  Any idea where
>> to look from here?
>
> Are you using Interchange::Link, or the regular cgi-bin script?

I am using Interchange::Link actually.

> What about looking at line 728 of your Server.pm (and its context)? That may
> have some clues.

Now I'm really thinking SocketReadTimeout.  Line 728 is the "read:
closed" line of this sub in Server.pm:

sub _read {
    my ($in, $fh) = @_;
        $fh = \*MESSAGE if ! $fh;
    my ($r,$rin);

    vec($rin,fileno($fh),1) = 1;

    do {
        if (($r = select($rin, undef, undef,
$Global::SocketReadTimeout || 1)) > 0) {
            $r = sysread($fh, $$in, $r, length($$in));
        }
    } while ((!defined($r) || $r == -1) && ($!{eintr} || $!{eagain}));

    die "read: $!" unless defined $r;
    die "read: closed" unless $r > 0;
}

Does anyone have an understanding of how great the DoS vulnerability
is if I increase SocketReadTimeout?  Is there another way to mitigate
that threat?

- Grant

> Josh Lavin
> Perusion -- Expert Interchange Consulting    http://www.perusion.com/



More information about the interchange-users mailing list