php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #14546 Segmentation fault in httpd child process when using user authentication
Submitted: 2001-12-16 07:49 UTC Modified: 2001-12-16 18:47 UTC
From: assassin at unrealtournament dot co dot uk Assigned:
Status: Closed Package: Apache related
PHP Version: 4.1.0 OS: RedHat Linux 7.0
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: assassin at unrealtournament dot co dot uk
New email:
PHP Version: OS:

 

 [2001-12-16 07:49 UTC] assassin at unrealtournament dot co dot uk 
I am using Apache 1.3.22 and PHP 4.1.0 on RedHat Linux 7.0.

When I view the following script, or any similar scripts with user authentication features, the page comes up as "can't be displayed", a look in the error_log shows the error "child pid 25693 exit signal Segmentation fault (11)" (obviously a different pid each time).

The script is:
<?php
  if(!isset($PHP_AUTH_USER)) {
    header("WWW-Authenticate: Basic realm=\"My Realm\"");
    header("HTTP/1.0 401 Unauthorized");
    echo "Text to send if user hits Cancel button\n";
    exit;
  } else {
    echo "<p>Hello $PHP_AUTH_USER.</p>";
    echo "<p>You entered $PHP_AUTH_PW as your password.</p>";
  }
?>

My PHP configure line was:
./configure --prefix=/opt/server/php --with-mysql=/opt/server/mysql --enable-ftp --enable-safe-mode --enable-track-vars --with-apache=../apache_1.3.22

My Apache configure line was:
./configure --prefix=/opt/server/httpd --activate-module=src/modules/php4/libphp4.a --activate-module=src/modules/perl/libperl.a

GDB Backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x80f99ee in _efree ()
(gdb) bt
#0  0x80f99ee in _efree ()
#1  0x80934e3 in sapi_add_header_ex ()
#2  0x80bedd0 in zif_header ()
#3  0x811fbff in execute ()
#4  0x8106179 in zend_execute_scripts ()
#5  0x8091395 in php_execute_script ()
#6  0x810e2a2 in apache_php_module_main ()
#7  0x808e91e in php_restore_umask ()
#8  0x808e979 in php_restore_umask ()
#9  0x8145059 in ap_invoke_handler ()
#10 0x8159ce7 in ap_some_auth_required ()
#11 0x8159d48 in ap_process_request ()
#12 0x8150e69 in ap_child_terminate ()
#13 0x8151014 in ap_child_terminate ()
#14 0x8151184 in ap_child_terminate ()
#15 0x81517fd in ap_child_terminate ()
#16 0x815207b in main ()
#17 0x400d4790 in __libc_start_main (main=0x8151cd4 <main>, argc=2, ubp_av=0xbffffaf4,
    init=0x8074e90 <_init>, fini=0x820675c <_fini>, rtld_fini=0x4000d35c <_dl_fini>,
    stack_end=0xbffffaec) at ../sysdeps/generic/libc-start.c:111

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-12-16 07:56 UTC] assassin at unrealtournament dot co dot uk 
As a test, I downgraded back to PHP 4.0.6, with identical compile options as before in both Apache and PHP and the problem does not occur, so it appears to be PHP 4.1.0 specific.
 [2001-12-16 07:57 UTC] derick@php.net 
May be related to 14534
 [2001-12-16 08:01 UTC] derick@php.net 
Can you compile PHP with --enable-debug, and create a new backtrace? THis gives us more information (you can do a
'bt full' too, which fives even more useful information.

Derick
 [2001-12-16 08:01 UTC] derick@php.net 
feedback
 [2001-12-16 08:45 UTC] assassin at unrealtournament dot co dot uk 
Well I recompiled with --enable-debug to do as you said, and it now seems to work and doesn't crash.

This was with EXACTLY the same options as the first time when it didn't work (except --enable-debug). I guess I can only put it down to RedHat 7.0, not the best of releases, we intend to upgrade it as soon as we get a chance.

Thanks for your time anyway.
 [2001-12-16 09:53 UTC] yohgaki@php.net 
Another report for this bug. Let's reopen this one.
---
Hello ,

I have similar problem with this code on Apache1.3.22+php4.1.0 linux
2.4.16 RH6.2.  I think this is critical problem.

I configure PHP with:

CC=gcc2.95.3 \
CXX=gcc2.95.3 \
./configure \
--prefix=/usr/local/php \
--with-apxs=/usr/local/httpd/bin/apxs \
--with-config-file-path=/usr/local/php/etc \
--enable-track-vars \
--enable-magic-quotes \
--enable-safe-mode \
--enable-memory-limit \
--enable-sysvshm \
--enable-sysvsem \
--enable-shmop \
--enable-sockets \
--enable-wddx \
--enable-xslt \
--enable-ctype \
--enable-bcmath \
--enable-mailparse \
--enable-ftp \
--with-gd=/export/work/gd-1.8.4-gif \
--with-jpeg-dir=/export/work/jpeg-6b \
--with-png-dir=/export/work/libpng-1.0.9 \
--with-ttf=/export/work/freetype-1.3.1 \
--with-mysql=/usr/local/mysql \
--with-openssl=/usr/local/ssl \
--with-epipe \
--with-mcrypt \
--with-mhash \
--with-zlib \
--with-mm \
--with-xmlrpc \
--with-iconv \
--with-curl \
--with-bz2 \
--with-gmp  \
--with-ldap \
--with-xml  \
--with-zip  \
--with-gettext \
--with-dom \
--with-xslt-sablot \
"$@"

aucu> I am using Apache 1.3.22 and PHP 4.1.0 on RedHat Linux 7.0.
aucu> When I view the following script, or any similar scripts with user
aucu> authentication features, the page comes up as "can't be displayed", a look
aucu> in the error_log shows the error "child pid 25693 exit signal Segmentation
aucu> fault (11)" (obviously a different pid each time).

aucu> The script is:
aucu> <?php
aucu> if(!isset($PHP_AUTH_USER)) {
aucu> header("WWW-Authenticate: Basic realm=\"My Realm\"");
aucu> header("HTTP/1.0 401 Unauthorized");
aucu> echo "Text to send if user hits Cancel button\n";
aucu> exit;
aucu> } else {
aucu> echo "<p>Hello $PHP_AUTH_USER.</p>";
aucu> echo "<p>You entered $PHP_AUTH_PW as your password.</p>";
aucu> }
?>>

aucu> My PHP configure line was:
aucu> ./configure --prefix=/opt/server/php --with-mysql=/opt/server/mysql
aucu> --enable-ftp --enable-safe-mode --enable-track-vars
aucu> --with-apache=../apache_1.3.22

aucu> My Apache configure line was:
aucu> ./configure --prefix=/opt/server/httpd
aucu> --activate-module=src/modules/php4/libphp4.a
aucu> --activate-module=src/modules/perl/libperl.a

aucu> GDB Backtrace:
aucu> Program received signal SIGSEGV, Segmentation fault.
aucu> 0x80f99ee in _efree ()
aucu> (gdb) bt
aucu> #0  0x80f99ee in _efree ()
aucu> #1  0x80934e3 in sapi_add_header_ex ()
aucu> #2  0x80bedd0 in zif_header ()
aucu> #3  0x811fbff in execute ()
aucu> #4  0x8106179 in zend_execute_scripts ()
aucu> #5  0x8091395 in php_execute_script ()
aucu> #6  0x810e2a2 in apache_php_module_main ()
aucu> #7  0x808e91e in php_restore_umask ()
aucu> #8  0x808e979 in php_restore_umask ()
aucu> #9  0x8145059 in ap_invoke_handler ()
aucu> #10 0x8159ce7 in ap_some_auth_required ()
aucu> #11 0x8159d48 in ap_process_request ()
aucu> #12 0x8150e69 in ap_child_terminate ()
aucu> #13 0x8151014 in ap_child_terminate ()
aucu> #14 0x8151184 in ap_child_terminate ()
aucu> #15 0x81517fd in ap_child_terminate ()
aucu> #16 0x815207b in main ()
aucu> #17 0x400d4790 in __libc_start_main (main=0x8151cd4 <main>, argc=2,
aucu> ubp_av=0xbffffaf4,
aucu> init=0x8074e90 <_init>, fini=0x820675c <_fini>, rtld_fini=0x4000d35c
aucu> <_dl_fini>,
aucu> stack_end=0xbffffaec) at ../sysdeps/generic/libc-start.c:111



Best regards,
 Andrew Sitnikov                         
 e-mail : sitnikov@infonet.ee
GSM    : (+372) 56491109
 [2001-12-16 09:54 UTC] derick@php.net 
This was just fixed in CVS, closing.

Derick
 [2001-12-16 15:47 UTC] assassin at unrealtournament dot co dot uk 
I know it was fixed, but I just thought I'ld add that the problem has started producing itself in the new copy of httpd that I compiled, strange that it took a while before it started occurring.

Starting program: /opt/server/httpd/bin/httpd -X
(no debugging symbols found)...
Program received signal SIGSEGV, Segmentation fault.
0x401376cb in memcpy (dstpp=0xbfffdca4, srcpp=0x88f3545, len=4) at ../sysdeps/generic/memcpy.c:61
61      ../sysdeps/generic/memcpy.c: No such file or directory.
(gdb) bt full
#0  0x401376cb in memcpy (dstpp=0xbfffdca4, srcpp=0x88f3545, len=4) at ../sysdeps/generic/memcpy.c:61
        dstpp = (void *) 0xbfffdca4
        len = 4
        dstp = 3221216420
        srcp = 143603013
#1  0x812afaa in _mem_block_check ()
No symbol table info available.
#2  0x812af6d in _mem_block_check ()
No symbol table info available.
#3  0x812a113 in _efree ()
No symbol table info available.
#4  0x80958bb in sapi_add_header_ex ()
No symbol table info available.
#5  0x80d3ee0 in zif_header ()
No symbol table info available.
#6  0x81607ab in execute ()
No symbol table info available.
#7  0x813bff4 in zend_execute_scripts ()
No symbol table info available.
#8  0x809279e in php_execute_script ()
No symbol table info available.
#9  0x8147a32 in apache_php_module_main ()
No symbol table info available.
#10 0x808ec86 in php_restore_umask ()
No symbol table info available.
#11 0x808ece1 in php_restore_umask ()
No symbol table info available.
#12 0x8185e69 in ap_invoke_handler ()
No symbol table info available.
#13 0x819aaf7 in ap_some_auth_required ()
No symbol table info available.
#14 0x819ab58 in ap_process_request ()
No symbol table info available.
#15 0x8191c79 in ap_child_terminate ()
No symbol table info available.
#16 0x8191e24 in ap_child_terminate ()
No symbol table info available.
#17 0x8191f94 in ap_child_terminate ()
No symbol table info available.
#18 0x819260d in ap_child_terminate ()
No symbol table info available.
#19 0x8192e8b in main ()
No symbol table info available.
#20 0x400d4790 in __libc_start_main (main=0x8192ae4 <main>, argc=2, ubp_av=0xbffffb14, init=0x8075124 <_init>,
    fini=0x824756c <_fini>, rtld_fini=0x4000d35c <_dl_fini>, stack_end=0xbffffb0c) at ../sysdeps/generic/libc-start.c:111
        ubp_av = (char **) 0xbffffb14
        fini = (void (*)()) 0x40015d18 <_dl_debug_impcalls>
        rtld_fini = (void (*)()) 0x4
        ubp_ev = (char **) 0xbffffb20
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun May 05 05:01:31 2024 UTC