|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2008-07-09 12:37 UTC] slim at inbox dot lv
Description:
------------
"imap_open" function does not check arguments for non-empty values.
Empty arguments crash c-client (as c-client-2006k) with
"php-cgi: IMAP toolkit crash: Unable to look up user name" followed by php-cgi crash as well.
Reproduce code:
---------------
<?php
echo 'start ';
if ( ($link = imap_open($dsn, $username, $password, $flags)) === false ) {
echo 'cannt open';
}
echo ' finish';
?>
Expected result:
----------------
"imap_open" function should return FALSE in case of missing or empty any of REQUIRED arg.
Actual result:
--------------
#0 0xb23b5402 in __kernel_vsyscall ()
#1 0xb195c601 in raise () from /lib/libc.so.6
#2 0xb195de5c in abort () from /lib/libc.so.6
#3 0x08395881 in fatal ()
#4 0x0839ccce in myusername_full ()
#5 0x0839ce7c in myhomedir ()
#6 0x083fb667 in mh_path ()
#7 0x083fbf8a in mh_isvalid ()
#8 0x083fca02 in mh_valid ()
#9 0x083a2b98 in mail_valid ()
#10 0x083b0d1b in mail_open ()
#11 0x08157783 in php_imap_do_open (ht=4, return_value=0x8ba2a48, return_value_ptr=0x0, this_ptr=0x0,
return_value_used=1, persistent=0)
at /var/tmp/portage/dev-lang/php-5.2.6-r2/work/php-5.2.6/ext/imap/php_imap.c:804
#12 0x08157923 in zif_imap_open (ht=4, return_value=0x8ba2a48, return_value_ptr=0x0, this_ptr=0x0,
return_value_used=1) at /var/tmp/portage/dev-lang/php-5.2.6-r2/work/php-5.2.6/ext/imap/php_imap.c:825
#13 0x0833b134 in zend_do_fcall_common_helper_SPEC (execute_data=0xbc55be40)
at /var/tmp/portage/dev-lang/php-5.2.6-r2/work/php-5.2.6/Zend/zend_vm_execute.h:200
#14 0x08340d95 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbc55be40)
at /var/tmp/portage/dev-lang/php-5.2.6-r2/work/php-5.2.6/Zend/zend_vm_execute.h:1679
#15 0x0833ac79 in execute (op_array=0x8b9a568)
at /var/tmp/portage/dev-lang/php-5.2.6-r2/work/php-5.2.6/Zend/zend_vm_execute.h:92
#16 0x08313b59 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /var/tmp/portage/dev-lang/php-5.2.6-r2/work/php-5.2.6/Zend/zend.c:1134
#17 0x082bbfe9 in php_execute_script (primary_file=0xbc560270)
at /var/tmp/portage/dev-lang/php-5.2.6-r2/work/php-5.2.6/main/main.c:2007
#18 0x08394dec in main (argc=1, argv=0xbc560364)
at /var/tmp/portage/dev-lang/php-5.2.6-r2/work/php-5.2.6/sapi/cgi/cgi_main.c:1919
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sun Dec 22 11:01:30 2024 UTC |
same result: #0 0xacb89402 in __kernel_vsyscall () (gdb) bt #0 0xacb89402 in __kernel_vsyscall () #1 0xac130601 in raise () from /lib/libc.so.6 #2 0xac131e5c in abort () from /lib/libc.so.6 #3 0x083956b1 in fatal () #4 0x0839cafe in myusername_full () #5 0x0839ccac in myhomedir () #6 0x083fb497 in mh_path () #7 0x083fbdba in mh_isvalid () #8 0x083fc832 in mh_valid () #9 0x083a29c8 in mail_valid () #10 0x083b0b4b in mail_open () #11 0x0815768b in php_imap_do_open (ht=4, return_value=0x87c2ea0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, persistent=0) at /var/tmp/portage/dev-lang/php-5.2.6-r20/work/php5.2-200807101230/ext/imap/php_imap.c:803 #12 0x0815782b in zif_imap_open (ht=4, return_value=0x87c2ea0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /var/tmp/portage/dev-lang/php-5.2.6-r20/work/php5.2-200807101230/ext/imap/php_imap.c:824 #13 0x0833af60 in zend_do_fcall_common_helper_SPEC (execute_data=0xba7817c0) at /var/tmp/portage/dev-lang/php-5.2.6-r20/work/php5.2-200807101230/Zend/zend_vm_execute.h:200 #14 0x08340bc1 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xba7817c0) at /var/tmp/portage/dev-lang/php-5.2.6-r20/work/php5.2-200807101230/Zend/zend_vm_execute.h:1679 #15 0x0833aaa5 in execute (op_array=0x87ba9d8) at /var/tmp/portage/dev-lang/php-5.2.6-r20/work/php5.2-200807101230/Zend/zend_vm_execute.h:92 #16 0x08313985 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /var/tmp/portage/dev-lang/php-5.2.6-r20/work/php5.2-200807101230/Zend/zend.c:1134 #17 0x082bbda9 in php_execute_script (primary_file=0xba785bf0) at /var/tmp/portage/dev-lang/php-5.2.6-r20/work/php5.2-200807101230/main/main.c:2007 #18 0x08394c18 in main (argc=1, argv=0xba785ce4) at /var/tmp/portage/dev-lang/php-5.2.6-r20/work/php5.2-200807101230/sapi/cgi/cgi_main.c:1919