Bug ID 458211: EAM core due to memory corruption when cookie length in HTTP request is more than 4095.

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
11.6.2 HF1, 11.2.1, 11.3.0, 11.4.0, 11.4.1

Fixed In:
11.6.0, 11.5.1 HF5, 11.4.1 HF6, 11.4.0 HF8, 11.2.1 HF11

Opened: Apr 22, 2014

Severity: 2-Critical

Related Article: K16644


EAM module was coring with segmentation fault on malloc failure or SIGABRT while free memory operation. There are multiple repeated core in the customer environment during memory allocation/free operations. This issue will be triggered only when the size of the cookie in the http request is more than 4095. So if the cookie is more than 4095 in length the trailing '\0' corrupts the heap memory. If '\0' overwrites a memory chunk that is already in use, then it might cause an intermittent error like this.


EAM process cored and restarted.


In EAM plugin, when the size of the cookie in OAM http request is more than 4095.


This issue has no workaround at this time.

Fix Information

The EAM module now continues to function correctly when the size of a cookie in the HTTP request is greater than 4095.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips