php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #30568 imap_mail_compose segment faults with malformed body
Submitted: 2004-10-26 21:08 UTC Modified: 2004-10-27 18:48 UTC
From: mike at mikekrejci dot com Assigned:
Status: Not a bug Package: Reproducible crash
PHP Version: 5.0.2 OS: SUSE 9.0 LINUX
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2004-10-26 21:08 UTC] mike at mikekrejci dot com 
Description:
------------
If you make an error in your $body array for the imap_mail_compose rather then giving an error it creates a segmentation fault.  The error in the code I have sent is that I have nested MULTIPARTs without the corresponding sections.



Reproduce code:
---------------
<?php
  $envelope["to"] = "tirk@tirkzilla.com";
  $envelope["from"]="mike@mikekrejci.com";
  $envelope["reply_to"] = "mike@mikekrejci.com";
  $envelope["subject"] = "Reproducible error";
  $envelope["date"]= date('r');
  $part["type"] = TYPEMULTIPART;
  $part["subtype"] = "mixed";
  $body[1] = $part;
  $part["type"] = TYPEMULTIPART;
  $part["subtype"] = "mixed";
  $body[2] = $part;
  $part["type"] = TYPETEXT;
  $part["subtype"] = "plain";
  $part["contents.data"] = "Message Text.\n";
  $body[3] = $part;
  $MIME = imap_mail_compose ($envelope, $body);
?>


Expected result:
----------------
the following will be entered in your log file:
[Tue Oct 26 12:01:38 2004] [notice] child pid 3282 exit signal Segmentation fault (11)


Actual result:
--------------
I do not have a backtrace available.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-10-26 21:10 UTC] derick@php.net 
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.
 [2004-10-26 21:50 UTC] mike at mikekrejci dot com 
backtrace:

#0  0x082c6f9c in rfc822_encode_body_7bit (env=0x84ec8a0, body=0x84ec940)
    at rfc822.c:1572
#1  0x082c6f9c in rfc822_encode_body_7bit (env=0x84ec8a0, body=0x84ec8e8)
    at rfc822.c:1572
#2  0x08149622 in zif_imap_mail_compose (ht=2, return_value=0x84ec884, this_ptr=0x0,
    return_value_used=1) at /home/tirk/Desktop/php-5.0.2/ext/imap/php_imap.c:3102
#3  0x080ec0de in zend_do_fcall_common_helper (execute_data=0xbfffce30,
    opline=0x84ebaa0, op_array=0x84e64f4)
    at /home/tirk/Desktop/php-5.0.2/Zend/zend_execute.c:2711
#4  0x080ec734 in zend_do_fcall_handler (execute_data=0xbfffce30, opline=0x84ebaa0,
    op_array=0x84e64f4) at /home/tirk/Desktop/php-5.0.2/Zend/zend_execute.c:2843
#5  0x080e902c in execute (op_array=0x84e64f4)
    at /home/tirk/Desktop/php-5.0.2/Zend/zend_execute.c:1400
#6  0x080cb2f5 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /home/tirk/Desktop/php-5.0.2/Zend/zend.c:1060
#7  0x0809655b in php_execute_script (primary_file=0xbffff1a0)
    at /home/tirk/Desktop/php-5.0.2/main/main.c:1629
#8  0x080f35d1 in apache_php_module_main (r=0x84d2e44, display_source_mode=0)
    at /home/tirk/Desktop/php-5.0.2/sapi/apache/sapi_apache.c:54
#9  0x0808cf85 in send_php ()
#10 0x0808cfef in send_parsed_php ()
#11 0x0827e0dd in ap_invoke_handler ()
#12 0x08292daf in process_request_internal ()
#13 0x08292e0e in ap_process_request ()
#14 0x08289e7f in child_main ()
#15 0x0828a027 in make_child ()
#16 0x0828a18d in startup_children ()
#17 0x0828a833 in standalone_main ()
#18 0x0828b051 in main ()
 [2004-10-27 18:48 UTC] iliaa@php.net 
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions. 

Thank you for your interest in PHP.

I was able to verify the crash, however the crashing code is deep inside the c-client librrary and not in PHP. This is not a PHP bug, please report it to the c-client developers.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun May 05 03:01:29 2024 UTC