PHP :: Bug #4684 :: Apache crash with Arithmetic exception

Bug #4684	Apache crash with Arithmetic exception
Submitted:	2000-05-30 02:25 UTC	Modified:	2000-06-28 14:39 UTC
From:	Stephane dot Legrand at bigfoot dot com	Assigned:
Status:	Closed	Package:	Reproducible Crash
PHP Version:	4.0.0 Release	OS:	FreeBSD 4.0-stable
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	Stephane dot Legrand at bigfoot dot com
New email:
PHP Version:		OS:

New Comment:

[2000-05-30 02:25 UTC] Stephane dot Legrand at bigfoot dot com

With the following code :

<?
class test {
	function test () {
	}
	function manageCookie () {
		$cookieName = "TESTCRASH";
		$cookieValue = $GLOBALS[$cookieName];
		$expire = time() + (2*365*24*60*60);
		$TESTCOOKIEENABLED = $HTTP_GET_VARS["TESTCOOKIEENABLED"];
		if (empty($cookieValue)) {
			$userID = uniqid("");
			$cookieValue = $userID;
			SetCookie($cookieName, $cookieValue, $expire, "/", "", 0);
			if (empty($TESTCOOKIEENABLED)) {
				header("Location: http://localhost".$GLOBALS["PHP_SELF"]."?TESTCOOKIEENABLED=TEST");
				exit();
			}
			else {
				header("Location: http://localhost"."/nonexistentfile");
				exit();
			}
		}
		else {
			if (! empty($TESTCOOKIEENABLED)) {
				header("Location: http://localhost".$GLOBALS["PHP_SELF"]);
				exit();
			}
			$userID = $this->getValueCookie("userID");
		}
	}
}
$objTest = new test();
$objTest->manageCookie();
?>

If i always reject the cookie, Apache crash with this backtrace :

(gdb) run -X
Starting program: /usr/local/sbin/apache -X

Program received signal SIGFPE, Arithmetic exception.
add_function (result=0xbfbfefdc, op1=0x8183864, op2=0xbfbfefc0) at zend_operators.c:486
486                     if (dval > (double) LONG_MAX) {
(gdb) bt
#0  add_function (result=0xbfbfefdc, op1=0x8183864, op2=0xbfbfefc0) at zend_operators.c:486
#1  0x80cfd8b in execute (op_array=0x81d76a4) at ./zend_execute.c:1072
#2  0x80d2e3e in execute (op_array=0x819ee24) at ./zend_execute.c:1614
#3  0x8065d74 in php_execute_script (primary_file=0xbfbff724) at main.c:1200
#4  0x808267c in apache_php_module_main (r=0x820b038, fd=18, display_source_mode=0) at sapi_apache.c:93
#5  0x8061cfb in send_php ()
#6  0x8061d39 in send_parsed_php ()
#7  0x80e9090 in ap_invoke_handler ()
#8  0x80f7b99 in process_request_internal ()
#9  0x80f7bf8 in ap_process_request ()
#10 0x80f1692 in child_main ()
#11 0x80f1824 in make_child ()
#12 0x80f1941 in startup_children ()
#13 0x80f1e10 in standalone_main ()
#14 0x80f24cb in main ()
#15 0x8061191 in _start ()

I also noticed that if Apache is not run with gdb, you must get the script with the browser at least 3 times to see the floating point exception in the apache log file.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-06-28 14:39 UTC] andi at cvs dot php dot net

This should be fixed in 4.0.1 due to be released tomorrow. If the problem persists please open a new bug report.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Jul 16 04:01:33 2025 UTC