PHP :: Bug #27165 :: Segfault when calling phpinfo() after ob

Bug #27165	Segfault when calling phpinfo() after ob_start()
Submitted:	2004-02-05 18:51 UTC	Modified:	2004-02-06 06:06 UTC
From:	rickard at punbb dot org	Assigned:
Status:	Closed	Package:	Reproducible crash
PHP Version:	5CVS-2004-02-05 (dev)	OS:	Linux 2.4
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	rickard at punbb dot org
New email:
PHP Version:		OS:

New Comment:

[2004-02-05 18:51 UTC] rickard at punbb dot org

Description:
------------
PHP segfaults when calling phpinfo() with output buffering started. If the call to ob_start() is left out, the code works fine.

I really don't know how to interpret the backtrace, but if I'm correct, the problem is in the Standard PHP Library (SPL). On line 109 of spl_functions.c, there is a call to strlen() with the parameter pce->name. However, according to the backtrace, pce equals 0x0. Could this be what is causing the problem?

To test my assumption, I recompiled PHP with --disable-spl and the segfault no longer occurs. How output buffering comes into the picture is beyond me.

Reproduce code:
---------------
<?php

ob_start();
phpinfo();

?>

Expected result:
----------------
phpinfo() should be displayed.

Actual result:
--------------
(gdb) bt
#0  spl_add_class_name (list=0xbfffd5cc, pce=0x0, allow=1, ce_flags=8)
    at /root/src/php5-200402051830/ext/spl/spl_functions.c:109
#1  0x08098b5a in spl_add_classes (ppce=0x81f6028, list=0xbfffd5cc, sub=0,
    allow=1, ce_flags=8)
    at /root/src/php5-200402051830/ext/spl/spl_functions.c:141
#2  0x0809832d in zm_info_spl (zend_module=0x825f888)
    at /root/src/php5-200402051830/ext/spl/php_spl.c:205
#3  0x08103f44 in _display_module_info (module=0x825f888, arg=0xbfffd6d0)
    at /root/src/php5-200402051830/ext/standard/info.c:76
#4  0x08182bbe in zend_hash_apply_with_argument (ht=0xbfffd728,
    apply_func=0x8103ed4 <_display_module_info>, argument=0xbfffd6d0)
    at /root/src/php5-200402051830/Zend/zend_hash.c:677
#5  0x0810582e in php_print_info (flag=-1)
    at /root/src/php5-200402051830/ext/standard/info.c:562
#6  0x08106ebe in zif_phpinfo (ht=0, return_value=0x4022177c, this_ptr=0x0,
    return_value_used=0) at /root/src/php5-200402051830/ext/standard/info.c:882
#7  0x081b58ff in zend_do_fcall_common_helper (execute_data=0xbfffd8b0,
    opline=0x40221d58, op_array=0x40221b94)
    at /root/src/php5-200402051830/Zend/zend_execute.c:2560
#8  0x081b607d in zend_do_fcall_handler (execute_data=0xbfffd8b0,
    opline=0x40221d58, op_array=0x40221b94)
    at /root/src/php5-200402051830/Zend/zend_execute.c:2700
#9  0x0819b13f in execute (op_array=0x40221b94)
    at /root/src/php5-200402051830/Zend/zend_execute.c:1272
#10 0x0817c13c in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /root/src/php5-200402051830/Zend/zend.c:1051
#11 0x08146585 in php_execute_script (primary_file=0xbffffc3c)
    at /root/src/php5-200402051830/main/main.c:1641
#12 0x081bfba4 in main (argc=2, argv=0xbffffcc4)
    at /root/src/php5-200402051830/sapi/cli/php_cli.c:941
#13 0x401083c1 in __libc_start_main () from /lib/libc.so.6

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-02-05 22:07 UTC] iliaa@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip

[2004-02-06 06:06 UTC] rickard at punbb dot org

Whatever you did, it's working now. I guess we'll close this one up.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Dec 04 07:00:01 2025 UTC