php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #52317 Segmentation fault when using mail() on a rhel 4.x (only 64 bit)
Submitted: 2010-07-12 16:52 UTC Modified: 2010-07-19 15:39 UTC
From: om at wysiwyg dot de Assigned: aharvey (profile)
Status: Closed Package: Reproducible crash
PHP Version: 5.2SVN-2010-07-12 (snap) OS: rhel4.8_x86_64
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: om at wysiwyg dot de
New email:
PHP Version: OS:

 

 [2010-07-12 16:52 UTC] om at wysiwyg dot de 
Description:
------------
Since the patch for "headers_trimmed" was added in the mail.c I always get a segmentation fault when using mail(). This only affects rhel4.x 64 bit os. rhel 5.x 64 bit or rhel4.x 32 bit works fine.

Using mail.c from a snapshot before 2010-04-22 in the actual snapshot source everything works fine.

--- php/php-src/branches/PHP_5_2/ext/standard/mail.c	2010-04-22 01:07:48 UTC (rev 298290) -> works fine
+++ php/php-src/branches/PHP_5_2/ext/standard/mail.c	2010-04-22 02:22:49 UTC (rev 298291) -> segmentation fault when using mail() in a php script on a rhel4.x 64 bit host





Test script:
---------------
running "make test" after building php from source.

the provided test script also reports the problem.

Patches

Radio-Powerfreunde (last revision 2010-11-25 00:08 UTC by sendeleitung-radiofreunde at freenet dot de)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-07-13 18:26 UTC] aharvey@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: aharvey
 [2010-07-13 18:26 UTC] aharvey@php.net 
Since I committed the offending patch, I'll look into it.

If you could provide both the test script (which doesn't seem to have made it) and, if possible, a backtrace per the instructions [1], that would be most helpful.

[1] http://bugs.php.net/bugs-generating-backtrace.php
 [2010-07-15 10:15 UTC] om at wysiwyg dot de 
sorry I forgot the testscript:

<?php

        $to      = 'om@wysiwyg.de';
        $subject = 'test';
        $message = 'test';

        $headers = 'From: OM' . "\r\n" .
                   'Reply-To: om@wysiwyg.de' . "\r\n" .
                   'X-Mailer: PHP/' . phpversion();


        //mail without $headers is working
        //mail($to, $subject, $message);
        
        //with $headers -> seg. fault
        mail($to, $subject, $message, $headers);

?>
 [2010-07-15 10:32 UTC] om at wysiwyg dot de 
(gdb) bt
#0  0x0000003fc0571360 in strlen () from /lib64/tls/libc.so.6
#1  0x0000003fc0542e79 in vfprintf () from /lib64/tls/libc.so.6
#2  0x0000003fc0548626 in fprintf () from /lib64/tls/libc.so.6
#3  0x000000000060b902 in php_mail (to=0x2a9557f208 "om@wysiwyg.de", subject=0x2a9557efc0 "the subject", 
    message=0x2a95580b28 "hello", headers=0xffffffff9557f388 <Address 0xffffffff9557f388 out of bounds>, 
    extra_cmd=0x0) at /usr/local/src/php5.2-201007131430/ext/standard/mail.c:281
#4  0x000000000060b6dc in zif_mail (ht=4, return_value=0x2a9557f318, return_value_ptr=0x0, this_ptr=0x0, 
    return_value_used=0) at /usr/local/src/php5.2-201007131430/ext/standard/mail.c:180
#5  0x00000000006ee2cb in zend_do_fcall_common_helper_SPEC (execute_data=0x7fbfffd1c0)
    at /usr/local/src/php5.2-201007131430/Zend/zend_vm_execute.h:200
#6  0x00000000006f3bdb in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x7fbfffd1c0)
    at /usr/local/src/php5.2-201007131430/Zend/zend_vm_execute.h:1740
#7  0x00000000006eddc1 in execute (op_array=0x2a9557e130)
    at /usr/local/src/php5.2-201007131430/Zend/zend_vm_execute.h:92
#8  0x00000000006c747f in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/local/src/php5.2-201007131430/Zend/zend.c:1134
#9  0x0000000000671979 in php_execute_script (primary_file=0x7fbffff890)
    at /usr/local/src/php5.2-201007131430/main/main.c:2036
#10 0x0000000000741dfb in main (argc=2, argv=0x7fbffff9e8)
    at /usr/local/src/php5.2-201007131430/sapi/cli/php_cli.c:1165
(gdb)
 [2010-07-19 12:46 UTC] aharvey@php.net 
Automatic comment from SVN on behalf of aharvey
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=301392
Log: Fix for bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64
bit)).
 [2010-07-19 12:46 UTC] aharvey@php.net
-Status: Assigned +Status: Suspended
 [2010-07-19 12:46 UTC] aharvey@php.net 
Gah, missing header inclusion + older version of gcc = failure, hence
why this wasn't manifesting on RHEL 5 or recent Ubuntu versions. I do
find the fact it's 64-bit only interesting, 

Fix checked into trunk. Given we're deep into the RC cycle, I'll talk
to the RMs before committing to the 5.2 and 5.3 branches, although I
think this is a pretty good candidate for both.
 [2010-07-19 12:47 UTC] aharvey@php.net 
Editing fail: ignore "I do find the fact it's 64-bit only interesting,".

It's not that interesting when you think about it for two seconds. :)
 [2010-07-19 15:08 UTC] johannes@php.net
-Status: Suspended +Status: Assigned
 [2010-07-19 15:08 UTC] johannes@php.net 
Approved for 5.2 and 5.3.
 [2010-07-19 15:38 UTC] aharvey@php.net 
Automatic comment from SVN on behalf of aharvey
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=301396
Log: MFH: fix for bug #52317 (Segmentation fault when using mail() on a rhel 4.x
(only 64 bit)).
 [2010-07-19 15:39 UTC] aharvey@php.net
-Status: Assigned +Status: Closed
 [2010-07-19 15:39 UTC] aharvey@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Dec 21 16:01:28 2024 UTC