|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #23039 Apache CRASH with illegal code (C++ style)
Submitted: 2003-04-03 13:33 UTC Modified: 2003-04-03 14:15 UTC
From: a dot eibach at gmx dot net Assigned:
Status: Wont fix Package: Reproducible crash
PHP Version: 4.3.1 OS: Win98 SE
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
Solve the problem:
43 - 37 = ?
Subscribe to this entry?

 [2003-04-03 13:33 UTC] a dot eibach at gmx dot net
What is illegal code? Code with the intention to break something. But sometimes it's even a bad mistake causing this (inheriting a wrong class or deriving from an illegal class or...)
The following stuff is really ILLEGAL code. YOU SHOULD NEVER PROGRAM LIKE THIS. ;) But Apache shouldn't GPF, too. The Apache people warped me over here because they said that this is no Apache issue. May they be right.

As you can see...
The code is *very* narrowed down. It's definitely not _that_ simple IRL.
Main class is 'db_entry'. Class 'contact' is derived from employer, which is derived itself from db_entry.
Now we get ILLEGAL. We create a new 'contact' member object by directly (!!!) instantiating contact from the db_entry constructor. (Of course, we should instantiate 'employer', because contact is created inside too. But we want the crash, don't we :))
Crazy thing is that PHP doesn't complain about anything if this is done with *existing* 'contact()' constructor.
If this is missing or disabled ('//' part), Apache crashes.

OS: Win98 SE
Apache: 1.3.27
PHP: 4.3.1 (stable)


<BODY BGCOLOR="#FFFFFF" LINK="#990000" VLINK="#003366" TEXT="#000000" 
<font face="Arial">

class employer extends db_entry
  var $contactman;

   function employer()  /* constructor */
    $this->contactman = new contact();
class contact extends employer
 // function contact()   // this is the constructor and it's MISSING!!!
 // {                // --> crash
 // }

class db_entry

    var $ct_entry;

    function db_entry()
     /* generate indirect member object by illegally 
     instantiating an object TWO hierarchy steps below!!! */
      $this->ct_entry  = new contact();
      // -> crash!

  $newentr = new db_entry();
 echo "OK";


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2003-04-03 14:15 UTC]
It's not so crazy. You've just got some endless recursion 
there, which is why it doesn't happen when you uncomment 
the contact constructor. When the contact object is 
instantiated, the employer constructor is called in the 
absence of a contact constructor. Since a new contact 
object is instanitated in the employer constructor, you 
get recursion, as the employer constructor is effectively 
calling itself. You'll eventually run out of memory or 
something similarly strange will happen, hence the 
segfault. You'll get the same results if you do "function 
foo() { return foo(); } foo();" 
I don't imagine this will be fixed. It's not PHP's fault 
is somebody codes an endless recursion loop. 
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Mon Jan 30 21:03:49 2023 UTC