php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #8524 Segmentation fault
Submitted: 2001-01-02 15:03 UTC Modified: 2001-01-03 06:41 UTC
From: msopacua at idg dot nl Assigned:
Status: Closed Package: XML related
PHP Version: 4.0.4 OS: *BSD*
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: msopacua at idg dot nl
New email:
PHP Version: OS:

 

 [2001-01-02 15:03 UTC] msopacua at idg dot nl 
First of all:
Best wishes to you all!

Now for the annoying stuff:

This bug seems similar to 8492.

Offending code, remove the /* */ and it core-dumps:
$xml_file='bla.xml';
if (!(list($xml_parser, $fp) = new_xml_parser($xml_file))) {
    die("could not open XML input");
}
print "<pre>";
while ($data = fread($fp, 4096)) {
/*	if (!xml_parse($xml_parser, $data, feof($fp))) {
	die(sprintf("<span style='color: red; font-weight: bold'>XML error: %s at line %d</span>\n",
		xml_error_string(xml_get_error_code($xml_parser)),
		xml_get_current_line_number($xml_parser)));
	}*/
	echo $data;
}
print "</pre>";
xml_parser_free($xml_parser);


Output BSDi gdb backtrace:

Program terminated with signal 11, Segmentation fault.
#0  0x48253c7b in zend_hash_exists (ht=0x816273c, arKey=0x8047d0c "\030}\004\b??\004\b\f\020\013\b$}\004\b1?\004\b\f?\n\b0}\004\b??\005\b\f?\n\bP}\004\b??\005\b",
    nKeyLength=134542129) at zend_hash.c:907
907             p = ht->arBuckets[nIndex];
(gdb) bt
#0  0x48253c7b in zend_hash_exists (ht=0x816273c, arKey=0x8047d0c "\030}\004\b??\004\b\f\020\013\b$}\004\b1?\004\b\f?\n\b0}\004\b??\005\b\f?\n\bP}\004\b??\005\b",
    nKeyLength=134542129) at zend_hash.c:907
#1  0x804f2bd in ap_clear_pool ()
#2  0x804f331 in ap_destroy_pool ()
#3  0x804f2ac in ap_clear_pool ()
#4  0x804f331 in ap_destroy_pool ()
#5  0x805ccf6 in clean_parent_exit ()
#6  0x805f6b3 in standalone_main ()
#7  0x805fb89 in main ()
#8  0x804ebb7 in __start ()

The PHP code did not modify since php 4.03pl1, but only started being troublesome, in version 4.04.

Other changes with the upgrade:
-- chrooted environment
-- apache 1.3.12 -> 1.3.14

I will go back to php4.03pl1 and report if that makes a difference.

Melvyn.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-01-02 15:26 UTC] msopacua at idg dot nl 
Reporting back:

php 4.0.3pl1 doesn't expose this error, under the same chrooted environment, with the same server-software.
 [2001-01-02 20:17 UTC] sniper@php.net 
I tried the latest CVS and it doesn't crash.
Please try the latest CVS snapshot from http://snaps.php.net/

--Jani
 [2001-01-03 05:53 UTC] msopacua at idg dot nl 
The latest snapshot, won't compile, here's the fix:

Compile error:
mod_php4.c: In function `php_apache_startup':
mod_php4.c:252: too many arguments to function `php_module_startup'
mod_php4.c: At top level:
mod_php4.c:354: warning: initialization from incompatible pointer type
make[3]: *** [mod_php4.lo] Error 1
make[3]: Leaving directory _src/php4-200101030145/sapi/apache'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory _src/php4-200101030145/sapi/apache'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory _src/php4-200101030145/sapi'
make: *** [all-recursive] Error 1

FIX:
$ diff sapi/apache/mod_php4.c sapi/apache/mod_php4.c.old
252,253c252
<     /* too many arguments fix: if(php_module_startup(sapi_module, NULL) == FAILURE */
<        if(php_module_startup(sapi_module) == FAILURE
---
>     if(php_module_startup(sapi_module, NULL) == FAILURE

The XML bug is fixed though!
Thanx!
 [2001-01-03 06:41 UTC] sniper@php.net 
Fixed -> closed. (and that mod_php4.c is fixed now too, thanks!)

--Jani
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Jan 05 01:01:28 2025 UTC