php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #19649 Nested [] in browscap.ini cause PHP to crash
Submitted: 2002-09-28 10:58 UTC Modified: 2002-10-14 13:23 UTC
From: mark at quarella dot co dot uk Assigned: zeev
Status: Closed Package: Reproducible crash
PHP Version: 4.3.0-dev OS: Linux
Private report: No CVE-ID:
 [2002-09-28 10:58 UTC] mark at quarella dot co dot uk
An entry in browscap.ini similar to the following:
  [Mozilla/4.76 (Macintosh;US;PPC) Opera 4.?  [en]]
.. will cause Apache/PHP to fail to start (segmentation fault) due to the nested [] symbols.

The following complete browscap.ini would be enough to reproduce this:

   [Opera 4.0]
   
   [Mozilla/4.76 (Macintosh;US;PPC) Opera 4.?  [en]]
   parent=Opera 4.0
   platform=MacPPC

Interestingly, without a correctly formed entry on the first line PHP reports a warning instead.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-10-01 18:00 UTC] iliaa@php.net
verified & updated version.

The problem occurs because 'arg2' passed to php_browscap_parser_cb() is NULL and there are no checks for it, which causes Z_STRLEN_P(arg2) to core.
 [2002-10-14 13:23 UTC] iliaa@php.net
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.


 [2003-01-24 09:04 UTC] ronstk at worldonline dot nl
From the browsecap.ini included v4.2.3.

[AE/2.1 (linux)]
browser=AE/2.1(Linux)
;browser="AE/2.1(Linux)"
version=2.1

gives me the error in dosbox:
PHP:  Error parsing E:\Iservers\PHP\browscap\browscap.ini on line
8206.
The fault here are the '(' and ')' 
This is.nt working with 4.3.x also
 [2004-02-24 15:38 UTC] bcash at alpineinternet dot com
Found a similar cause for this problem:

-- snip from browscap.ini --
[Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)]
parent=Yahoo
browser=Yahoo! Slurp
AK=False
SK=False
-- end snip --

The "!" in the browser key is causing this problem on my system.  The "!" in the section name is ok.  When I remove the bang from the browser key, the browser.ini is able to load properly.

(This is php 4.3.4 on FreeBSD)
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 16 13:02:46 2014 UTC