PHP :: Bug #48592 :: Missing environment variables in CGI SAPI crashes on startup

Bug #48592	Missing environment variables in CGI SAPI crashes on startup
Submitted:	2009-06-18 05:29 UTC	Modified:	2009-06-18 06:32 UTC
From:	gwynne@php.net	Assigned:
Status:	Closed	Package:	Reproducible crash
PHP Version:	5.3CVS-2009-06-18 (CVS)	OS:	Darwin9 (MacOS X 10.5)
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	gwynne@php.net
New email:
PHP Version:		OS:

New Comment:

[2009-06-18 05:29 UTC] gwynne@php.net

Description:
------------
If certain environment variables are missing, with others present, when the CGI SAPI is called, it will crash early on with a NULL pointer dereference.

Reproduce code:
---------------
bash$ SERVER_NAME=anything SERVER_PORT=80 REDIRECT_STATUS=200 php-cgi

Expected result:
----------------
<a message about no input file, or waiting for input on STDIN>

Actual result:
--------------
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_PROTECTION_FAILURE at address: 0x00000000
0x90be0f30 in strlen ()
(gdb) bt
#0  0x90be0f30 in strlen ()
#1  0x00323dd3 in php_fopen_primary_script (file_handle=0xbfffea6c, tsrm_ls=0xf01a80) at cvs/php-5.3/main/fopen_wrappers.c:454
#2  0x0049bcb2 in main (argc=1, argv=0xbfffeb58) at cvs/php-5.3/sapi/cgi/cgi_main.c:1999

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-06-18 05:35 UTC] gwynne@php.net

PHP config:

phpinfo()
PHP Version => 5.3.0RC4-dev

System => Darwin hostname 9.7.0 Darwin Kernel Version 9.7.0: Tue Mar 31 22:52:17 PDT 2009; root:xnu-1228.12.14~1/RELEASE_I386 i386
Build Date => Jun 14 2009 17:53:14
Configure Command =>  'cvs/php-5.3/configure'  '--prefix=/opt/php-5.3.0RC4-dev' '--disable-all' '--enable-cli' '--enable-cgi' '--enable-debug' '--enable-maintainer-zts' '--disable-short-tags' '--enable-posix' '--enable-session' '--with-zlib' '--with-pcre-regex=/sw/pcre' '--with-openssl=/sw/openssl' '--enable-xml' '--enable-libxml' '--with-libxml-dir=/sw/libxml2' '--with-iconv=/sw/libiconv' '--enable-filter' '--enable-ctype' '--enable-pdo' '--enable-sqlite-utf8' '--enable-dom' '--enable-hash' '--enable-tokenizer' '--disable-safe-mode' '--without-pear' '--with-bz2' '--enable-calendar' '--enable-pcntl' '--with-pdo-sqlite=/sw/sqlite' '--with-icu-dir=/sw/icu' '--with-ldap=/usr' '--with-ldap-sasl=/usr' '--enable-xmlreader' '--enable-xmlwriter' '--enable-zip' '--enable-ftp' '--with-gd' '--with-jpeg-dir=/usr' '--with-png-dir=/sw/libpng' '--enable-gd-native-ttf' '--with-imap=/sw/imap' '--with-imap-ssl=/sw/openssl' '--with-kerberos=/usr' '--with-mysql=/sw/mysql' '--with-pdo-mysql=/sw/mysql' '--with-mysqli=/sw/mysql/bin/mysql_config' '--with-xsl=/sw/libxslt' '--enable-simplexml' '--enable-json' '--enable-bcmath' '--enable-phar' '--enable-shmop' '--enable-sockets' '--with-sqlite' '--with-sqlite3=/sw/sqlite' '--with-pdo-sqlite=/sw/sqlite'
Server API => Command Line Interface
Virtual Directory Support => enabled
Configuration File (php.ini) Path => /opt/php-5.3.0RC4-dev/lib
Loaded Configuration File => /opt/php-5.3.0RC4-dev/lib/php.ini
Scan this dir for additional .ini files => (none)
Additional .ini files parsed => (none)
PHP API => 20041225
PHP Extension => 20090115
Zend Extension => 220090115
Zend Extension Build => API220090115,TS,debug
PHP Extension Build => API20090115,TS,debug
Debug Build => yes
Thread Safety => enabled
Zend Memory Manager => enabled
Zend Multibyte Support => disabled
IPv6 Support => enabled
Registered PHP Streams => https, ftps, compress.zlib, compress.bzip2, php, file, glob, data, http, ftp, phar, zip  
Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
Registered Stream Filters => zlib.*, bzip2.*, convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, dechunk


This program makes use of the Zend Scripting Language Engine:
Zend Engine v2.3.0, Copyright (c) 1998-2009 Zend Technologies

[2009-06-18 06:01 UTC] gwynne@php.net

Bit of further research: The bug appears to express itself when SERVER_NAME and REDIRECT_STATUS are set but SCRIPT_FILENAME isn't. The presence of absence of any other variables seems to be irrelevant.

[2009-06-18 06:32 UTC] rasmus@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Jul 15 01:01:35 2025 UTC