PHP :: Bug #6647 :: crypt() function causes Arithmetic exception

Bug #6647	crypt() function causes Arithmetic exception
Submitted:	2000-09-10 00:05 UTC	Modified:	2000-12-28 05:43 UTC
From:	gallen at valere dot net	Assigned:
Status:	Closed	Package:	Reproducible Crash
PHP Version:	4.0.2/4.0.3/4.0.4	OS:	FreeBSD 3.4
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	gallen at valere dot net
New email:
PHP Version:		OS:

New/Additional Comment:

[2000-09-10 00:05 UTC] gallen at valere dot net

BTW, The crypt function works fine in FreeBSD 4.0 with/4.0.2

GDB Output
-----------
Program received signal SIGFPE, Arithmetic exception.
0x282d1139 in php_if_crypt (ht=1, return_value=0x81038cc, this_ptr=0x0,
    return_value_used=1) at crypt.c:153
153                     srand48((unsigned int) time(0) * getpid() * (php_combine---Type <return> to continue, or
 q <return> to quit---
d_lcg() * 10000.0));
(gdb) bt
#0  0x282d1139 in php_if_crypt (ht=1, return_value=0x81038cc, this_ptr=0x0,
    return_value_used=1) at crypt.c:153
#1  0x2826c22a in execute (op_array=0x812568c) at ./zend_execute.c:1519
#2  0x282785db in zend_execute_scripts (type=8, file_count=3) at zend.c:712
#3  0x28287324 in php_execute_script (primary_file=0xbfbfda40) at main.c:1173
#4  0x282841b9 in apache_php_module_main (r=0x8132034, display_source_mode=0)
    at sapi_apache.c:89
#5  0x28284a71 in send_php (r=0x8132034, display_source_mode=0, filename=0x0)
    at mod_php4.c:503
#6  0x28284aa4 in send_parsed_php (r=0x8132034) at mod_php4.c:514
#7  0x805371f in ap_invoke_handler ()
#8  0x8066401 in process_request_internal ()
#9  0x8066460 in ap_process_request ()
#10 0x805dda9 in child_main ()
#11 0x805df34 in make_child ()
#12 0x805e08f in startup_children ()
#13 0x805e640 in standalone_main ()
#14 0x805ee9f in main ()
#15 0x804e881 in _start ()

Configure
----------
CPPFLAGS="-I/usr/local/include/gd/ -I/usr/local/BerkeleyDB.3.1/include/" \
        LDFLAGS=-L/usr/local/BerkeleyDB.3.1/lib/ \
         ./configure --with-apxs=/usr/local/www/bin/apxs \
        --disable-debug \
        --with-pgsql=/usr/home/pgsql \
        --with-xml \
        --enable-track-vars \
        --enable-trans-sid \
        --with-db3=/usr/local/BerkeleyDB.3.1 \
        --with-mcrypt \
        --enable-ftp

HTML
----
<html>
<head>
   <title>test crypt</title>
</head>
<body>
<?php
echo "Current PHP version: ".phpversion()."<br>";
        $rc = crypt("password");
        echo "rc=$rc<br>\n";
echo phpinfo();
?>
</body>
</html>

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-10-12 12:37 UTC] gallen at valere dot net

Still broken in version 4.0.3

Crypt() works in 4.0.1pl2 under FreeBSD 3.4 but causes
Arithmetic exception in Version 4.0.2 and 4.0.3.

[2000-11-21 04:23 UTC] sniper@php.net

Could you try latest snapshot from http://snaps.php.net/
as I think this is fixed..

--Jani

[2000-12-20 23:00 UTC] gallen at valere dot net

No Good - PHP 4.0.4 causes Apache to core dump!
(see below)


(543 / 43) [/usr/local/src/apache/php-4.0.4]$: gdb /usr/local/www/bin/httpd httpd.core
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
(no debugging symbols found)...
Core was generated by `httpd'.
Program terminated with signal 8, Floating point exception.
Reading symbols from /usr/lib/libcrypt.so.2...(no debugging symbols found)...
done.
Reading symbols from /usr/local/BerkeleyDB.3.1/lib/libdb-3.1.so...
(no debugging symbols found)...done.
Reading symbols from /usr/lib/libc.so.3...(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_vhost_alias.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_env.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_log_config.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_mime_magic.so...
(no debugging symbols found)...done.
---Type <return> to continue, or q <return> to quit---bt
Reading symbols from /usr/local/www/libexec/mod_mime.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_negotiation.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_status.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_info.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_include.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_autoindex.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_dir.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_cgi.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_asis.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_imap.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_actions.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_speling.so...
---Type <return> to continue, or q <return> to quit---
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_userdir.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_alias.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_rewrite.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_access.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_auth.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_auth_anon.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_auth_dbm.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_auth_db.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_digest.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/libproxy.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_cern_meta.so...
(no debugging symbols found)...done.
---Type <return> to continue, or q <return> to quit---
Reading symbols from /usr/local/www/libexec/mod_expires.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_headers.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_usertrack.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_unique_id.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/mod_setenvif.so...
(no debugging symbols found)...done.
Reading symbols from /usr/local/www/libexec/libphp4.so...
done.
Reading symbols from /usr/lib/libpam.so.1...done.
Reading symbols from /usr/home/pgsql/lib/libpq.so.2...done.
Reading symbols from /usr/lib/libm.so.2...done.
Reading symbols from /usr/libexec/ld-elf.so.1...done.
#0  0x282c3342 in php_minit_crypt (type=1, module_number=2) at crypt.c:109
109             srand48((unsigned int) time(0) * getpid() * (php_combined_lcg() * 10000.0));
(gdb)
(gdb)

[2000-12-23 22:15 UTC] gallen at valere dot net

This patch (listed under #7617) fixes the FPE problem in FreeBSD 3.4:

Change line 109 in crypt.c to:

        srand48((long)time(0) * (long)getpid() * (long)(php_combined_lcg()*(double)10000.0));

[2000-12-28 05:43 UTC] sniper@php.net

Fixed in CVS.

--Jani

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat May 18 00:01:33 2024 UTC