PHP :: Bug #12293 :: setcookie() called with only one arg causes crash

Bug #12293	setcookie() called with only one arg causes crash
Submitted:	2001-07-20 19:26 UTC	Modified:	2001-07-20 20:12 UTC
From:	michael at auctionwatch dot com	Assigned:
Status:	Closed	Package:	Reproducible crash
PHP Version:	4.0.6	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	michael at auctionwatch dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2001-07-20 19:26 UTC] michael at auctionwatch dot com

setcookie() when called with exactly one argument causes PHP to crash; I've included a stack trace below.  The offending statement is

setcookie ("feedbackSent");
 
We can work around the problem by adding a NULL second argument, e.g.

setcookie ("feedbackSent",""); 

#0  0x40282cfc in php_if_setcookie () from /usr/lib/apache/1.3/libphp4.so
#1  0x40206e57 in execute () from /usr/lib/apache/1.3/libphp4.so
#2  0x40215d6e in zend_execute_scripts () from /usr/lib/apache/1.3/libphp4.so
#3  0x402287e4 in php_execute_script () from /usr/lib/apache/1.3/libphp4.so
#4  0x40224c3f in apache_php_module_main () from /usr/lib/apache/1.3/libphp4.so
#5  0x4022566e in php_restore_umask () from /usr/lib/apache/1.3/libphp4.so
#6  0x402256aa in php_restore_umask () from /usr/lib/apache/1.3/libphp4.so
#7  0x8054204 in ap_invoke_handler ()
#8  0x806306c in ap_some_auth_required ()
#9  0x80630c8 in ap_process_request ()

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2001-07-20 19:58 UTC] mfischer@php.net

This is also valid for current CVS, even on command line mode:

Program received signal SIGSEGV, Segmentation fault.
0x0808ff5a in php_if_setcookie (ht=1, return_value=0x8263234, this_ptr=0x0,
    return_value_used=0) at head.c:135
135             if (!Z_STRVAL_PP(z_value) || !Z_STRVAL_PP(z_value)[0]) {
(gdb) bt
#0  0x0808ff5a in php_if_setcookie (ht=1, return_value=0x8263234,
    this_ptr=0x0, return_value_used=0) at head.c:135
#1  0x080aff3a in execute (op_array=0x8263324) at ./zend_execute.c:1565
#2  0x080a4104 in zend_execute_scripts (type=8, file_count=3) at zend.c:752
#3  0x080718ef in php_execute_script (primary_file=0xbffff494) at main.c:1285
#4  0x0806d00c in main (argc=3, argv=0xbffff524) at cgi_main.c:741
#5  0x4010d38b in __libc_start_main () from /lib/libc.so.6
(gdb) p z_value
$1 = (zval **) 0x0

[2001-07-20 20:12 UTC] rasmus@php.net

Fixed in CVS

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed May 07 21:01:30 2025 UTC