php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #35056 Apache2 child crashes if ErrorDocument is PHP script
Submitted: 2005-11-01 20:25 UTC Modified: 2005-11-01 22:07 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: margus at zone dot ee Assigned:
Status: Closed Package: Reproducible crash
PHP Version: 4.4.1RC1 OS: SuSE Linux 9.0
Private report: No CVE-ID: None
View Developer Edit
 [2005-11-01 20:25 UTC] margus at zone dot ee 
Description:
------------
I have PHP compiled as apache2handler SAPI and using ErrorDocument, which points to an PHP script. If this ErrorDocument is triggered, then apache child crashes.

It must be connected with the bug #33987
and as ironic it is, PHP 4.4.1 Changelog claims, that #33987  is fixed. Bug #33987 is actually reported against PHP5.1 and not against 4.4.0. PHP 4.4.0 works fine with ErrorDocuments.

---------

I looked into the apache2handler source (sapi/apache2handler/sapi_apache2.c) and after debugging it was clear, that crash happens on line (538):

   if (parent_req && strcmp(parent_req->handler, PHP_MAGIC_TYPE) && strcmp(parent_req->handler, PHP_SOURCE_MAGIC_TYPE) && strcmp(parent_req->handler, PHP_SCRIPT)) {

If changed to this:

   if (parent_req && parent_req->handler && strcmp(parent_req->handler, PHP_MAGIC_TYPE) && strcmp(parent_req->handler, PHP_SOURCE_MAGIC_TYPE) && strcmp(parent_req->handler, PHP_SCRIPT)) {

then everything's fine and works.

The correct extra check is present in 5.1.0 (but for some odd reason not in 4.4.1 and 5.0.5).

Reproduce code:
---------------
.htaccess
---------
ErrorDocument 404 /error.php?status=404

/error.php
---------
die( "File Not Found!" );


Expected result:
----------------
File Not Found!

Actual result:
--------------
Apache2 crashes.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-11-01 21:53 UTC] sebastian dot harnau at gmx dot de 
Same Problem here (SuSE 9.2), Solution works for me, too!
 [2005-11-01 22:07 UTC] iliaa@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.
 
PHP Copyright © 2001-2026 The PHP Group
All rights reserved. 		Last updated: Fri Jan 09 00:00:02 2026 UTC