php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #71397 mb_send_mail segmentation fault
Submitted: 2016-01-17 14:29 UTC Modified: 2016-01-18 00:29 UTC
Votes:4
Avg. Score:4.8 ± 0.4
Reproduced:4 of 4 (100.0%)
Same Version:4 (100.0%)
Same OS:4 (100.0%)
From: public+php dot net at bastelstu dot be Assigned: yohgaki (profile)
Status: Closed Package: Reproducible crash
PHP Version: 7.0.2 OS: Debian Jessie
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: public+php dot net at bastelstu dot be
New email:
PHP Version: OS:

 

 [2016-01-17 14:29 UTC] public+php dot net at bastelstu dot be 
Description:
------------
PHP 7.0.2 built by the following Dockerfile (https://github.com/docker-library/php/blob/cd075c9d4e53b255b4af6691a7ee10354d7fbb8d/7.0/fpm/Dockerfile) crashes in mb_send_mail when the Content-Transfer-Encoding-Header is set. The issue basically is the same as #71066.

Test script:
---------------
<?php
var_dump(mb_send_mail("mail@example.com", "subject", "body", "Content-Transfer-Encoding: base64"));

Actual result:
--------------
(gdb) bt
#0  __strcasecmp_l_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:165
#1  0x00000000005a7709 in mbfl_name2encoding (
    name=0x600000019 <error: Cannot access memory at address 0x600000019>)
    at /root/php-7.0.2/ext/mbstring/libmbfl/mbfl/mbfl_encoding.c:237
#2  0x00000000005a78a4 in mbfl_name2no_encoding (
    name=0x600000019 <error: Cannot access memory at address 0x600000019>)
    at /root/php-7.0.2/ext/mbstring/libmbfl/mbfl/mbfl_encoding.c:290
#3  0x00000000005b1d4e in zif_mb_send_mail (execute_data=0x7fede20149a0,
    return_value=0x7fede2014970)
    at /root/php-7.0.2/ext/mbstring/mbstring.c:4151
#4  0x00000000007f3a8a in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER ()
    at /root/php-7.0.2/Zend/zend_vm_execute.h:714
#5  0x00000000007f2f1c in execute_ex (ex=0x7fede2014030)
    at /root/php-7.0.2/Zend/zend_vm_execute.h:414
#6  0x00000000007f3031 in zend_execute (op_array=0x7fede2070000,
    return_value=0x0) at /root/php-7.0.2/Zend/zend_vm_execute.h:458
#7  0x0000000000798df6 in zend_execute_scripts (type=8, retval=0x0,
    file_count=3) at /root/php-7.0.2/Zend/zend.c:1427
#8  0x000000000070bf40 in php_execute_script (primary_file=0x7fff015c1290)
    at /root/php-7.0.2/main/main.c:2471
#9  0x000000000085e50a in main (argc=3, argv=0x7fff015c1518)
    at /root/php-7.0.2/sapi/cgi/cgi_main.c:2453
(gdb)

Patches

0001-Fixed-bug-71397-mb_send_mail-segmentation-fault.patch (last revision 2016-01-17 14:31 UTC by public+php dot net at bastelstu dot be)

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-01-18 00:24 UTC] yohgaki@php.net 
Automatic comment on behalf of yohgaki
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ff10dceff87f4c94c55e6bc2e962f4bb3d66feb4
Log: Fixed bug #71397 (mb_send_mail segmentation fault)
 [2016-01-18 00:24 UTC] yohgaki@php.net
-Status: Open +Status: Closed
 [2016-01-18 00:29 UTC] yohgaki@php.net
-Assigned To: +Assigned To: yohgaki
 [2016-01-18 00:29 UTC] yohgaki@php.net 
I didn't notice PR. I'll merge assert part. Thank you for report and PR.
 [2016-01-18 01:13 UTC] public+php dot net at bastelstu dot be 
Thanks for the quick merge! One small note: You typoed the name of the extension in `NEWS`: https://github.com/php/php-src/commit/ff10dceff87f4c94c55e6bc2e962f4bb3d66feb4#diff-ff4e2dc4962dc25a1512353299992c8dR37
 [2016-07-20 11:34 UTC] davey@php.net 
Automatic comment on behalf of yohgaki
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ff10dceff87f4c94c55e6bc2e962f4bb3d66feb4
Log: Fixed bug #71397 (mb_send_mail segmentation fault)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 12:01:29 2024 UTC