PHP :: Bug #13676 :: Missing FROM-clause Segfault

Bug #13676	Missing FROM-clause Segfault
Submitted:	2001-10-15 16:21 UTC	Modified:	2001-10-17 02:39 UTC
From:	bryan at eevolved dot com	Assigned:
Status:	Closed	Package:	PostgreSQL related
PHP Version:	4.0.6	OS:	Linux Mandrake 8.0
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	bryan at eevolved dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2001-10-15 16:21 UTC] bryan at eevolved dot com

Formulating an SQL query with missing FROM clauses will 
generate an apache segfault approximately 30% of the time 
it is executed, according to my tests. This *only* occurs 
with PostgreSQL > 7.1 in conjunction with php 4.0.6. 
Switching to older versions of either eliminates the 
bug,as does reformulating the SQL to contain the missing 
FROM clauses. When the crash occurs, PostgreSQL logs:

NOTICE:  Adding missing FROM-clause entry for table "bios"
pq_recvbuf: unexpected EOF on client connection 


SCRIPT:
-------

<?
$link=pg_connect("dbname dbuser dbpass");

$q="SELECT name FROM users WHERE users.bio_id = bios.id 
AND bios.id=1;

pg_exec($link,$q);
?>

SAMPLE TABLES:
--------------
CREATE TABLE users(char(20) name,int bio_id);
CREATE TABLE bios(id serial,char(20) name);


BACKTRACE:
----------
Program received signal SIGSEGV, Segmentation fault.
0x401d5f95 in shutdown_memory_manager (silent=1, 
clean_cache=0) at zend_alloc.c:449
449                                     
REMOVE_POINTER_FROM_LIST(ptr);
(gdb) bt
#0  0x401d5f95 in shutdown_memory_manager (silent=1, 
clean_cache=0) at zend_alloc.c:449
#1  0x40200515 in php_request_shutdown (dummy=0x0) at 
main.c:667
#2  0x401fdf93 in php_apache_request_shutdown (dummy=0x0) 
at mod_php4.c:292
#3  0x080682a0 in run_cleanups ()
#4  0x08066a81 in ap_clear_pool ()
#5  0x08066b06 in ap_destroy_pool ()
#6  0x08066a6e in ap_clear_pool ()
#7  0x08076ff8 in child_main ()
#8  0x080775e4 in make_child ()
#9  0x08077758 in startup_children ()
#10 0x08077dd7 in standalone_main ()
#11 0x0807860f in main ()
#12 0x4009b1f0 in __libc_start_main () from /lib/libc.so.6

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2001-10-16 03:12 UTC] bryan at eevolved dot com

According to my most recent tests, this bug also applies 
to CREATE TABLE statements that implicitly create 
sequences. I have have observed a ~30% segfault rate with 
these statements as well.

[2001-10-16 05:01 UTC] mfischer@php.net

Could you please test a recent snapshot (snaps.php.net) ?

- Markus

[2001-10-16 21:44 UTC] bryan at eevolved dot com

Confirmed, this bug does not occur with the snapshot 
php4-200110161500.

[2001-10-17 02:39 UTC] derick@php.net

User reports it's fixed in CVS, so closing.

Derick

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu May 09 21:01:31 2024 UTC