|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #25918 Segfault while trying to get mime type of *.cdr file with mime_content_type()
Submitted: 2003-10-20 04:45 UTC Modified: 2003-10-20 10:36 UTC
From: tony2001 at phpclub dot net Assigned:
Status: Closed Package: Reproducible crash
PHP Version: 4CVS-2003-10-20 (stable) OS: Linux 2.4.21
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: tony2001 at phpclub dot net
New email:
PHP Version: OS:


 [2003-10-20 04:45 UTC] tony2001 at phpclub dot net
PHP segfaults.
This happens because of simple typo in mime_magic.c.
Possible patch:

Index: mime_magic.c
RCS file: /repository/php-src/ext/mime_magic/mime_magic.c,v
retrieving revision
diff -u -r1.13.2.9 mime_magic.c
--- mime_magic.c        9 Feb 2003 19:10:32 -0000
+++ mime_magic.c        20 Oct 2003 08:44:43 -0000
@@ -1848,7 +1848,7 @@

     /* detect memory allocation errors */
-    if (!content_type ||
+    if (!*content_type ||
                (state == rsl_encoding && !*content_encoding)) {
                return MIME_MAGIC_ERROR;

Reproduce code:
while ($fn=readdir($dh))
     echo mime_content_type($fn)."<br>";

Expected result:
mime_content_type should return False in this case

Actual result:
#0  0x401366a3 in strlen () from /lib/i686/
#1  0x40241af3 in zif_mime_content_type (ht=0, return_value=0x8138ab4, this_ptr=0x0, return_value_used=0)
    at /root/CVS/php-src_PHP_4_3/ext/mime_magic/mime_magic.c:332
#2  0x40318e59 in execute (op_array=0x8138a1c) at /root/CVS/php-src_PHP_4_3/Zend/zend_execute.c:1616
#3  0x4030aa66 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /root/CVS/php-src_PHP_4_3/Zend/zend.c:885
#4  0x402df501 in php_execute_script (primary_file=0xbffff300) at /root/CVS/php-src_PHP_4_3/main/main.c:1729
#5  0x4031cefb in apache_php_module_main (r=0x813177c, display_source_mode=0)
    at /root/CVS/php-src_PHP_4_3/sapi/apache/sapi_apache.c:54
#6  0x4031da96 in send_php (r=0x813177c, display_source_mode=0, filename=0x0)
    at /root/CVS/php-src_PHP_4_3/sapi/apache/mod_php4.c:620
#7  0x4031dc55 in send_parsed_php (r=0x813177c) at /root/CVS/php-src_PHP_4_3/sapi/apache/mod_php4.c:635
#8  0x08068eee in ap_invoke_handler ()
#9  0x0807e83e in process_request_internal ()
#10 0x0807ec74 in ap_internal_redirect ()
#11 0x0805e39a in handle_dir ()
#12 0x08068eee in ap_invoke_handler ()
#13 0x0807e83e in process_request_internal ()
#14 0x0807e89b in ap_process_request ()
#15 0x0807535f in child_main ()
#16 0x08075511 in make_child ()
#17 0x08075690 in startup_children ()
#18 0x08075d00 in standalone_main ()
#19 0x0807659a in main ()
#20 0x400d1af7 in __libc_start_main () from /lib/i686/


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2003-10-20 10:05 UTC] tony2001 at phpclub dot net
the bug was reproduced with this file:
 [2003-10-20 10:36 UTC]
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at
In case this was a documentation problem, the fix will show up soon at

In case this was a website problem, the change will show
up on the site and on the mirror sites in short time.
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Sun Jul 12 10:01:25 2020 UTC