php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #12853 Crash when open_file_for_scanning is adding handle to CG(open_files)
Submitted: 2001-08-20 04:19 UTC Modified: 2001-09-17 10:10 UTC
From: dacota at iis dot nsk dot su Assigned:
Status: Closed Package: Reproducible crash
PHP Version: 4.0CVS-2001-08-27 OS: Windows NT 4.0 SP5
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: dacota at iis dot nsk dot su
New email:
PHP Version: OS:

 

 [2001-08-20 04:19 UTC] dacota at iis dot nsk dot su
Apache/1.3.19 (Win32) PHP/4.0.7-dev rus/PL30.4
Win32 TS Debug build, only compiled-in modules.

any php scripts (i.e. <? php_info(); ?>)

send_php:
if (AP(in_request)) {
	zend_file_handle fh;

	fh.filename = r->filename;
	fh.opened_path = NULL;
	fh.free_filename = 0;
	fh.type = ZEND_HANDLE_FILENAME;
>	zend_execute_scripts(ZEND_INCLUDE TSRMLS_CC, 1, &fh);
	return OK;
}
we falling into this branch and CG struct isn't initialized since will initialize further in this function.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-08-27 04:43 UTC] dacota at iis dot nsk dot su
Checked with the latest sources - the problem remains.
Back trace when running as apache module:

zend_llist_add_element(_zend_llist * 0x0072a364, void * 0x011dfdb4) line 38 + 9 bytes
open_file_for_scanning(_zend_file_handle * 0x011dfdb4, void * * * 0x00729040) line 274 + 31 bytes
compile_file(_zend_file_handle * 0x011dfdb4, int 0x00000002, void * * * 0x00729040) line 356 + 13 bytes
zend_execute_scripts(int 0x00000002, void * * * 0x00729040, int 0x00000001) line 804 + 18 bytes
send_php(request_rec * 0x00882f30, int 0x00000000, char * 0x00000000) line 501 + 18 bytes
send_parsed_php(request_rec * 0x00882f30) line 590 + 13 bytes
ap_invoke_handler(request_rec * 0x00882f30) line 517 + 10 bytes
process_request_internal(request_rec * 0x00882f30) line 1303 + 9 bytes
ap_internal_redirect(const char * 0x00882f08, request_rec * 0x008822c0) line 1427 + 9 bytes
handle_dir(request_rec * 0x008822c0) line 179
ap_invoke_handler(request_rec * 0x008822c0) line 517 + 10 bytes
process_request_internal(request_rec * 0x008822c0) line 1303 + 9 bytes
ap_process_request(request_rec * 0x008822c0) line 1319 + 9 bytes
child_sub_main(int 0x00000000) line 5447 + 9 bytes
child_main(int 0x00000000) line 5514 + 9 bytes
MSVCRTD! 1020bf53()
KERNEL32! 77f04ee8()

 [2001-09-17 10:10 UTC] dacota at iis dot nsk dot su
Fixed sapi/apache/mod_php4.h in version 1.15
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sun Dec 08 21:01:25 2019 UTC