PHP :: Bug #24189 :: big problem on stream function

Bug #24189	big problem on stream function
Submitted:	2003-06-15 07:31 UTC	Modified:	2004-09-17 16:56 UTC
From:	anton at valuehost dot ru	Assigned:	wez (profile)
Status:	Closed	Package:	Sockets related
PHP Version:	5CVS, 4CVS	OS:	FreeBSD 4.8
Private report:	No	CVE-ID:	None

View Developer Edit

[2003-06-15 07:31 UTC] anton at valuehost dot ru

Description:
------------
phpinfo:
http://v6test.valuehost.ru/phpinfo.php

The problem has the following character, after long work php as mod_php in apache, various variations of sockets, fsockopen, include, fopen and etc cease to work.

As did not work and curl, but it managed to be solved rebuild libcurl with FD_SETSIZE=16384 (sys/types.h).

Such sensation that descriptors come to an end.

At occurrence of this problem fsockopen starts to return a mistake " Operation now in progress "
Function include in general causes Segmentation fault (11)

Unfortunately there is no opportunity to include an option debug as ZendOptimazer does not work in debug a mode.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-07-01 13:53 UTC] jorton at redhat dot com

This is a real bug.

The issue is that fd_set is a fixed-size array, and if FD_SET is passed an fd number greater than FD_SETSIZE, it has undefined behaviour, i.e. it overruns the array and corrupts memory.

All uses of select() in PHP look to be unsafe because of this.  The proper fix is to use poll() on platforms where it is available, and to always check that fd < FD_SETSIZE before using FD_SET.

[2004-09-16 09:44 UTC] daniel at haxx dot se

Sorry, but the fix is not _that_ simple.

FD_SETSIZE is a maximum count. Not all operating systems keep the fd numbers in the sequence 0 - (MAX-1).

Microsoft Windows is one such exception AFAIK.

Thus. It is a lot harder than that to know if you have reached the FD_SETSIZE maximum in a platform independent way.

[2004-09-16 13:45 UTC] wez@php.net

win32 is a different beast here, but we can work around it.
I've been giving this matter some thought; I might be able to cook up a fix in a weeks time.

[2004-09-17 16:46 UTC] wez@php.net

Fixed in PHP 5 HEAD; tested on linux and win32, should also work on *bsd.

[2004-09-17 16:56 UTC] wez@php.net

PS: this fix can't touch the libcurl internals, of course, just the uses of select(2) by PHP.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 16:01:28 2024 UTC