PHP :: Bug #16436 :: ereg causes apache crashes

Bug #16436	ereg causes apache crashes
Submitted:	2002-04-04 15:37 UTC	Modified:	2002-04-08 02:55 UTC
From:	lb at lamuella dot de	Assigned:
Status:	Closed	Package:	Regexps related
PHP Version:	4.0CVS-2002-04-0	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	lb at lamuella dot de
New email:
PHP Version:		OS:

New Comment:

[2002-04-04 15:37 UTC] lb at lamuella dot de

this line crashes the apache process with php 4.2.0RC2 as a module

<?php 
   if (ereg('foo', 'string with foo'))  echo 'got it';
?>

Lutz

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-04-04 20:03 UTC] sniper@php.net

I can not reproduce this with latest CVS or with 4.2.0RC2.
Please add the configure line used into this bug report.
Also, configure php with --enable-debug and generate
a GDB backtrace of the crash.

[2002-04-05 16:18 UTC] lb at lamuella dot de

The crash don't happen when php is runing as a cgi or with the cli api. And I have no idea how to tell the apache to dump a core when the php-module crashes. So I'm not able to provide a backtrace.

This is the configure I've used:

'./configure' '--prefix=/usr/local' '--with-config-file-path=/etc' '--with-apxs=/usr/local/apache/bin/apxs' '--enable-shared' '--enable-sysvsem' '--enable-sysvshm' '--enable-inline-optimization' '--with-regex=system' '--with-mysql=/usr/local/mysql' '--with-interbase=/opt/interbase' '--enable-ftp' '--enable-sockets' '--with-zlib-dir=/usr/local' '--with-ttf' '--with-png-dir=/usr/local' '--with-gd=/usr/local' '--with-jpeg-dir=/usr/local' '--with-gettext' '--with-pdflib'


If I use '--with-regex=php' instead of 'system' everything works fine.

Lutz

[2002-04-05 16:34 UTC] mfischer@php.net

Your last statement could easily lead to the assumption that your local regexp implementation/library is broken.

To produce a backtrace on apache, fire up gdb with the apache binary and start with the parameter '-X'.

[2002-04-05 17:14 UTC] lb at lamuella dot de

thanks for your advice, this is the backtrace I've got:

(gdb) backtrace
#0  0x400a8ff1 in kill () from /lib/libc.so.6
#1  0x402637f5 in _emalloc () from /usr/local/apache/libexec/libphp4.so
#2  0x40263b9f in _ecalloc () from /usr/local/apache/libexec/libphp4.so
#3  0x403360c4 in php_reg_replace () from /usr/local/apache/libexec/libphp4.so
#4  0x40336b5c in php_reg_replace () from /usr/local/apache/libexec/libphp4.so
#5  0x40336cdd in zif_ereg_replace () from /usr/local/apache/libexec/libphp4.so
#6  0x40271797 in execute () from /usr/local/apache/libexec/libphp4.so
#7  0x402719bf in execute () from /usr/local/apache/libexec/libphp4.so
#8  0x402719bf in execute () from /usr/local/apache/libexec/libphp4.so
#9  0x402836f4 in zend_execute_scripts () from /usr/local/apache/libexec/libphp4.so
#10 0x40297415 in php_execute_script () from /usr/local/apache/libexec/libphp4.so
#11 0x40291990 in apache_php_module_main () from /usr/local/apache/libexec/libphp4.so
#12 0x40292910 in php_restore_umask () from /usr/local/apache/libexec/libphp4.so
#13 0x40292993 in php_restore_umask () from /usr/local/apache/libexec/libphp4.so
#14 0x8054e89 in ap_invoke_handler ()
#15 0x806a40f in process_request_internal ()
#16 0x806a482 in ap_process_request ()
#17 0x8061066 in child_main ()
#18 0x8061225 in make_child ()
#19 0x80613a6 in startup_children ()
#20 0x8061a2c in standalone_main ()
#21 0x806225c in main ()
#22 0x40098c5f in __libc_start_main () from /lib/libc.so.6

My installation is a more or less standard Suse Linux 7.2, kernel 2.4.4, etc.

Lutz

[2002-04-05 17:25 UTC] sniper@php.net

Please reconfigure/compile PHP with --enable-debug added to the configure line. And generate a new gdb backtrace.

--Jani

[2002-04-05 18:11 UTC] lb at lamuella dot de

sure, sorry  X-)

#0  0x400a8ff1 in kill () from /lib/libc.so.6
#1  0x402637f5 in _emalloc (size=1087286440, __zend_filename=0x403bec15 "reg.c", __zend_lineno=301,
    __zend_orig_filename=0x0, __zend_orig_lineno=0) at zend_alloc.c:173
#2  0x40263b9f in _ecalloc (nmemb=8, size=135910805, __zend_filename=0x403bec15 "reg.c",
    __zend_lineno=301, __zend_orig_filename=0x0, __zend_orig_lineno=0) at zend_alloc.c:257
#3  0x403360c4 in php_reg_replace (pattern=0x817430c "tbl_properties.php$",
    replace=0x81631bc "db_details.php",
    string=0x8178d24 "lang=en&amp;server=1&amp;db=test&amp;table=dates&amp;goto=tbl_properties.php",
icase=0, extended=1) at reg.c:301
#4  0x40336b5c in php_ereg_replace (ht=3, return_value=0x816327c, this_ptr=0x0,
    return_value_used=1, icase=0) at reg.c:475
#5  0x40336cdd in zif_ereg_replace (ht=3, return_value=0x816327c, this_ptr=0x0, return_value_used=1)
    at reg.c:493
#6  0x40271797 in execute (op_array=0x817b9cc) at ./zend_execute.c:1598
#7  0x402836f4 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at zend.c:810
#8  0x40297415 in php_execute_script (primary_file=0xbffff1b8) at main.c:1381
#9  0x40291990 in apache_php_module_main (r=0x810e044, display_source_mode=0) at sapi_apache.c:90
#10 0x40292910 in send_php (r=0x810e044, display_source_mode=0,
    filename=0x810ed04 "/var/www/htdocs/apps/phpMyAdmin/tbl_properties.php") at mod_php4.c:575
#11 0x40292993 in send_parsed_php (r=0x810e044) at mod_php4.c:590
#12 0x8054e89 in ap_invoke_handler ()
#13 0x806a40f in process_request_internal ()
#14 0x806a482 in ap_process_request ()
#15 0x8061066 in child_main ()
#16 0x8061225 in make_child ()
#17 0x80613a6 in startup_children ()
#18 0x8061a2c in standalone_main ()
#19 0x806225c in main ()
#20 0x40098c5f in __libc_start_main () from /lib/libc.so.6

because I can not reproduce the crash in this moment with the script I have posted yesterday, this one is from executing phpmyadmin, where I got the error first.

Lutz

[2002-04-08 02:54 UTC] derick@php.net

This is fixed in CVS by disabling this.

Derick

[2002-04-08 02:55 UTC] sniper@php.net

Not disabled but fall back using bundled regex library
if compiling with Apache.

--Jani

[2002-07-15 02:22 UTC] estelle at megaphone dot ch

PHP 4.1.2, Apache 1.3.26.
Problem occurs (ereg function causes a time exceeded error, eating maximum CPU on our Solaris 8 box).
Not each time ! When I tested first time, it was ok, but several hours later, nothing to do to avoid the problem.

PHP was configured with :

'./configure' \
'--with-apxs=/opt/apache/bin/apxs' \
'--enable-versioning' \
'--with-mysql' \
'--enable-track-vars' \
'--with-config-file-path=/opt/apache/conf' \
'--enable-safe-mode' \
'--with-gd=/usr/local' \
'--enable-ctype' \
'--enable-gettext' \
'--with-png-dir=/usr/local/lib' \
'--with-zlib-dir=/usr/local/lib' \
'--with-regex=php' \

Regards,  

        Estelle

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 12:01:31 2024 UTC