PHP :: Bug #21144 :: Ncurses segfaults when ncurses_*() is run without ncurses

Bug #21144

Ncurses segfaults when ncurses_*() is run without ncurses_init().

Submitted:

2002-12-22 11:59 UTC

Modified:

2002-12-22 13:51 UTC

Votes:	1
Avg. Score:	1.0 ± 0.0
Reproduced:	0 of 1 (0.0%)

From:

daeken at hotmail dot com

Assigned:

iliaa (profile)

Status:

Closed

Package:

Unknown/Other Function

PHP Version:

4CVS-2002-12-22 (stable)

OS:

Linux - Debian Woody

Private report:

CVE-ID:

None

View Add Comment Developer Edit

[2002-12-22 11:59 UTC] daeken at hotmail dot com

<?php
ncurses_init();
ncurses_start_color();
?>
That will work properly.


<?php
ncurses_start_color();
?>
This will cause PHP to segfault with no messages.

'./configure' '--enable-bcmath' '--enable-pcntl' '--enable-sysvsem' '--enable-sysvshm' '--enable-sysvmsg'  '--enable-tokenizer' '--with-pear' '--with-curl' '--with-mysql' '--with-gettext' '--with-mcrypt' '--with-mhash' '--with-ming' '--with-ncurses=/root/ncurses-5.3' '--with-shmop' '--enable-sockets'

This bug has been tested with the default Ncurses and Ncurses 5.3 with the same results. This bug occurs in ncurses_start_color() and ncurses_standout(). It is assumed that it occurs in more functions, but that is not verified.

Following is a gdb backtrace:

#0  0x0814daf9 in start_color ()
#1  0x0809658f in zif_ncurses_start_color (ht=0, return_value=0x820b864, this_ptr=0x0, return_value_used=0)
    at /root/php4-STABLE-200212220230/ext/ncurses/ncurses_functions.c:318
#2  0x081434ca in execute (op_array=0x820b964) at /root/php4-STABLE-200212220230/Zend/zend_execute.c:1598
#3  0x08134238 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /root/php4-STABLE-200212220230/Zend/zend.c:864
#4  0x081124ff in php_execute_script (primary_file=0xbffff9e4) at /root/php4-STABLE-200212220230/main/main.c:1573
#5  0x0814a4e3 in main (argc=3, argv=0xbffffa54) at /root/php4-STABLE-200212220230/sapi/cgi/cgi_main.c:1417

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-12-22 13:11 UTC] moriyoshi@php.net

This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.

[2002-12-22 13:13 UTC] iliaa@php.net

The bug still exists and the applied fix is not correct. I am working on a patch to fully address the problem. The committed fix only fixes the problem for a single function, a dosen other ncurses functions can and will result in the segv.

[2002-12-22 13:51 UTC] iliaa@php.net

This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Wed May 15 23:01:33 2024 UTC