|
midrange.com
Hi,
A client is running an e-Commerce site using the superb CGIDEV2 toolset.
It's running on the Apache server using the current downloadable version
of CGIDEV2 and we're up to date with cumulative PTFs.
Once or twice every day one or several of the Apache server instances
crash with an application error. The other server jobs carry on working
fine servicing other jobs so to counter it in the short term I added a
reply list entry to dump the jobs automatically.
Does this error imply that somebody is trying to hack the site by
appending a piece of script to a form request or is it more likely to be a
bug in our application?
Here's an extract of one of the job logs:
C2M1212 Diagnostic 30 29/07/04 01:27:19 QC2UTIL1
QSYS *STMT QZHBCGI QHTTPSVR *STMT
From module . . . . . . . . :
QC2ALLOC
From procedure . . . . . . : free
Statement . . . . . . . . . : 1023
To module . . . . . . . . . :
CGIPARSE
To procedure . . . . . . . :
ErrorExit__FiPc
Statement . . . . . . . . . : 459
Message . . . . : The pointer
parameter passed to free or realloc is not
valid.
Cause . . . . . : The pointer
parameter passed to free or realloc was not
valid. This caused your function
call to fail. Recovery . . . : Correct
the invalid pointer parameter
being passed to free or realloc. Technical
description . . . . . . . . : The
value of the pointer passed to free or
realloc is
X'8000000000000000D033AF37640B2253'.
CPF9898 Information 40 29/07/04 01:27:19 QZHBCGI
QHTTPSVR *STMT QZHBCGI QHTTPSVR *STMT
From module . . . . . . . . :
CGIPARSE
From procedure . . . . . . :
ErrorExit__FiPc
Statement . . . . . . . . . : 470
To module . . . . . . . . . :
CGIPARSE
To procedure . . . . . . . :
ErrorExit__FiPc
Statement . . . . . . . . . : 470
Message . . . . : QzhbCgiParse:
Error: QUERY_STRING/Body contains search
keywords -- not form request. .
Cause . . . . . : This message is
used by application programs as a general
escape message.
MCH0601 Escape 40 29/07/04 01:27:19 CGISRVPGM2
XXXWEBLPG *STMT CGISRVPGM2 XXXWEBLPG *STMT
5722SS1 V5R1M0 010525 Job Log XXX270 29/07/04
01:27:20 Page 7
Job name . . . . . . . . . . : XXXLIV User . . . . . . :
QTMHHTTP Number . . . . . . . . . . . : 098190
Job description . . . . . . : QZHBHTTP Library . . . . . :
QHTTPSVR
MSGID TYPE SEV DATE TIME FROM PGM
LIBRARY INST TO PGM LIBRARY INST
From module . . . . . . . . :
XXXCGIPARS
From procedure . . . . . . :
ZHBGETINPUT
Statement . . . . . . . . . : 32900
To module . . . . . . . . . :
XXXCGIPARS
To procedure . . . . . . . :
ZHBGETINPUT
Statement . . . . . . . . . : 32900
Message . . . . : Space offset
X'00000000' or teraspace offset
X'0000000000000000' is outside
current limit for object XXXLIV QTMHHTTP
098190.
Cause . . . . . : You tried to
operate outside the specified space, tried to
operate on an unallocated page in
teraspace, or tried to set the space
pointer outside the specified
space. The object referred to is XXXLIV
QTMHHTTP 098190. The offset
specified is X'00000000' for most spaces, but
X'0000000000000000' for teraspace.
The space class is X'04'. The secondary
associated space number is
X'0000'. The activation group mark is
X'00000000'. The heap space
identifier is X'00000000'. The pointer to the
start of the implicit process space
used for the allocation is
X'8000000000000000FEE27AA95B001000'. The space class designates the type
of
space as follows: 00-primary
associated space (includes space objects)
01-secondary associated space
02-implicit process space for automatic
storage 03-implicit process space
for static storage 04-implicit process
space for activation group-based
heap storage 05-constant space 06-space for
handle-based heap storage
07-teraspace The object referenced and space class
information is returned, whenever
it is available, for all space classes.
The other information is set only
when it applies to the returned space
class value. Otherwise zero values
are returned.
RNX9001 Escape 50 29/07/04 01:27:19 QRNXIE
QSYS *STMT WEB500 XXXWEBLPG *STMT
From module . . . . . . . . : QRNXMSG
From procedure . . . . . . :
SignalException
Statement . . . . . . . . . : 19
To module . . . . . . . . . : WEB500
To procedure . . . . . . . : WEB500
Statement . . . . . . . . . :
12000500
Message . . . . : RPG status 00222
caused procedure ZHBGETINPU in program
XXXWEBLPG/CGISRVPGM2 to stop.
Cause . . . . . : A
programmer-defined error subroutine determined that
procedure ZHBGETINPU should end
abnormally. If the status 00222 is between
00100 and 09999, then the error
subroutine was invoked due to an error and
there may be more information in
the job log relating to the error. Recovery
. . . : Correct the error
indicated by the messages or contact the person
responsible for program
maintenance.
RNQ0202 Sender copy 99 29/07/04 01:27:19 QRNXIE
QSYS *STMT QRNXIE QSYS *STMT
From module . . . . . . . . : QRNXMSG
From procedure . . . . . . : InqMsg
Statement . . . . . . . . . : 2
To module . . . . . . . . . : QRNXMSG
To procedure . . . . . . . : InqMsg
Statement . . . . . . . . . : 2
Message . . . . : The call to
ZHBGETINPU ended in error (C G D F).
Cause . . . . . : RPG procedure
WEB500 in program XXXWEBLPG/WEB500 at
statement 12000500 called program
or procedure ZHBGETINPU, which ended in
error. If the name is *N, the call
was a bound call by procedure pointer.
5722SS1 V5R1M0 010525 Job Log XXX270
29/07/04 01:27:20 Page 8
Job name . . . . . . . . . . : XXXLIV User . . . . . . :
QTMHHTTP Number . . . . . . . . . . . : 098190
Job description . . . . . . : QZHBHTTP Library . . . . . :
QHTTPSVR
MSGID TYPE SEV DATE TIME FROM PGM
LIBRARY INST TO PGM LIBRARY INST
Recovery . . . : Check the job
log for more information on the cause of
the error and contact the person
responsible for program maintenance.
Possible choices for replying to
message . . . . . . . . . . . . . . . : D
-- Obtain RPG formatted dump. S --
Obtain system dump. G -- Continue
processing at *GETIN. C -- Cancel.
F -- Obtain full formatted dump.
Regards
Michael Bailey
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
