PHP :: Bug #71410 :: mysqlnd_ms segfaults freeing memory when there is a configuration error

Bug #71410

mysqlnd_ms segfaults freeing memory when there is a configuration error

Submitted:

2016-01-18 18:11 UTC

Modified:

2017-10-24 04:30 UTC

Votes:	1
Avg. Score:	3.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

russell dot simpkins at nytimes dot com

Assigned:

Status:

Suspended

Package:

mysqlnd_ms (PECL)

PHP Version:

5.5.31

OS:

linux

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	russell dot simpkins at nytimes dot com
New email:
PHP Version:		OS:

New Comment:

[2016-01-18 18:11 UTC] russell dot simpkins at nytimes dot com

Description:
------------
I'm running Apache with PHP 5.5.10 and mysqlnd_ms 1.5.2, which has been stable for the past year. If I enable opcache and have an error in the msyqlnd_ms json configuration file, there will be a segfault on a second call to any apache php page. So, assume I run Apache with a single thread and call any PHP script e.g. http://localhost/foo.php. That first PHP call will work, but create a mysqlnd_ms error that you may not even realize unless you are using a php page that attempts to use mysql. The next time you call the page, a segfault is thrown in php_mysqlnd_ms.c:132

I realize this is an odd one, but it took me a long time to figure this one out so I thought I would at least share my findings.

I was also able to recreate the issue with php 5.5.31.

Test script:
---------------
Create an invalid configuration file.
Enable opcode caching
Limit Apache to 1 child
curl http://locahost/any.php
curl http://localhost/any.php <- segfault

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-10-24 04:30 UTC] kalle@php.net

-Status: Open +Status: Suspended

[2017-10-24 04:30 UTC] kalle@php.net

I'm gonna suspend this report as the mysqlnd_ms had not a release since 2013 or active commit activity since then, if activity comes back to this package, it should be re-opened

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue May 13 07:01:26 2025 UTC