php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #21623 Turning on Magic quotes Segfaults PHP
Submitted: 2003-01-13 13:31 UTC Modified: 2003-07-30 22:09 UTC
Votes:2
Avg. Score:3.5 ± 0.5
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: john@php.net Assigned:
Status: No Feedback Package: Session related
PHP Version: 5CVS-2003-01-13 (dev) OS: RedHat
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2003-01-13 13:31 UTC] john@php.net
I thought this might be because I was running an older version 4.4-dev version of PHP from CVS that I had hacked up a bit, but it turns out it's in the current CVS as well..

I am honestly not sure why PHP is crashing, but it has something to do with turning magic_quotes_runtime on. It doesn't break all the time, only when using the PostNuke package. Unfortunately I have no idea how/where it crashes...

here's the backtrace...

(gdb) run -X
Starting program: /usr/local/apache/bin/httpd -X

Program received signal SIGSEGV, Segmentation fault.
chunk_alloc (ar_ptr=0x401cd520, nb=105) at malloc.c:2993
2993    malloc.c: No such file or directory.
        in malloc.c

Obviously something has gone wrong trying to malloc memory, however I don't have any real way to see what PHP code actually breaks everything... Perhaps I'll try to install one of the realtime debuggers and attempt to determine where exactly it's crashing.

Configured with: --with-mysql --with-apxs


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-01-13 13:33 UTC] derick@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.
 [2003-01-13 13:44 UTC] john@php.net
Here's the bt:

One more thing -- magic_quotes_gpc is on and working fine... things also work if the magic quotes runtime are disabled.


#0  chunk_alloc (ar_ptr=0x401cd520, nb=105) at malloc.c:2993
#1  0x4011b02c in __libc_malloc (bytes=100) at malloc.c:2811
#2  0x402ae54b in _emalloc (size=83) at /home/php/php4/Zend/zend_alloc.c:158
#3  0x402c0b03 in zend_hash_add_or_update (ht=0x8202e64,
    arKey=0x8216bc4 "s:30:\\\"Bad arguments for API function\\\";PNSVuid",
    nKeyLength=48, pData=0xbfff8b50, nDataSize=4, pDest=0x0, flag=1)
    at /home/php/php4/Zend/zend_hash.c:262
#4  0x402bff53 in zend_set_hash_symbol (symbol=0x823d7e4,
    name=0x8216bc4 "s:30:\\\"Bad arguments for API function\\\";PNSVuid",
    name_length=47, is_ref=0, num_symbol_tables=1)
    at /home/php/php4/Zend/zend_API.c:1261
#5  0x4021e4ea in php_set_session_var (
    name=0x8216bc4 "s:30:\\\"Bad arguments for API function\\\";PNSVuid",
    namelen=47, state_val=0x823d7e4, var_hash=0xbfff8bc8)
    at /home/php/php4/ext/session/session.c:324
#6  0x4021ec90 in ps_srlzr_decode_php (
    val=0x821693c "PNSVrand|i:625621835;PNSVlang|s:3:\\\"eng\\\";PNSVerrormsg|s:30:\\\"Bad arguments for API function\\\";PNSVuid|i:2;PNSVrememberme|i:1;",
    vallen=126) at /home/php/php4/ext/session/session.c:487
#7  0x4021ef46 in php_session_decode (
    val=0x821693c "PNSVrand|i:625621835;PNSVlang|s:3:\\\"eng\\\";PNSVerrormsg|s:30:\\\"Bad arguments for API function\\\";PNSVuid|i:2;PNSVrememberme|i:1;",
    vallen=126) at /home/php/php4/ext/session/session.c:533
#8  0x4021f3c9 in php_session_initialize ()
    at /home/php/php4/ext/session/session.c:692
#9  0x4022044f in php_session_start ()
    at /home/php/php4/ext/session/session.c:1095
#10 0x402217b9 in zif_session_start (ht=0, return_value=0x823c43c,
    this_ptr=0x0, return_value_used=0)
    at /home/php/php4/ext/session/session.c:1540
#11 0x402cfe24 in execute (op_array=0x8204860)
    at /home/php/php4/Zend/zend_execute.c:1596
#12 0x402cffe2 in execute (op_array=0x812cea0)
    at /home/php/php4/Zend/zend_execute.c:1640
#13 0x402cffe2 in execute (op_array=0x8111434)
    at /home/php/php4/Zend/zend_execute.c:1640
#14 0x402bd630 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /home/php/php4/Zend/zend.c:925
#15 0x4029703d in php_execute_script (primary_file=0xbffff620)
    at /home/php/php4/main/main.c:1691
#16 0x402d73c6 in apache_php_module_main (r=0x8100e24, display_source_mode=0)
    at /home/php/php4/sapi/apache/sapi_apache.c:55
#17 0x402d7f32 in send_php (r=0x8100e24, display_source_mode=0, filename=0x0)
    at /home/php/php4/sapi/apache/mod_php4.c:589
#18 0x402d7f86 in send_parsed_php (r=0x8100e24)
    at /home/php/php4/sapi/apache/mod_php4.c:604
#19 0x0806a5f7 in ap_invoke_handler ()
#20 0x0807ee77 in process_request_internal ()
#21 0x0807f29b in ap_internal_redirect ()
#22 0x0805f530 in handle_dir ()
#23 0x0806a5f7 in ap_invoke_handler ()
#24 0x0807ee77 in process_request_internal ()
#25 0x0807eed8 in ap_process_request ()
#26 0x0807612d in child_main ()
#27 0x080762d8 in make_child ()
#28 0x0807644c in startup_children ()
#29 0x08076ac4 in standalone_main ()
#30 0x08077317 in main ()
#31 0x400bb306 in __libc_start_main (main=0x8076f80 <main>, argc=2,
    ubp_av=0xbffffb34, init=0x804e5d8 <_init>, fini=0x8094460 <_fini>,
    rtld_fini=0x4000d2dc <_dl_fini>, stack_end=0xbffffb2c)
    at ../sysdeps/generic/libc-start.c:129

 [2003-01-13 17:17 UTC] sniper@php.net
Does it work with 4.3.0? :)

 [2003-01-16 15:02 UTC] john@php.net
No, it seems to be breaking in 4.3.0 as well.
 [2003-07-24 15:13 UTC] sniper@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip


 [2003-07-30 22:09 UTC] sniper@php.net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Jul 24 13:01:29 2024 UTC