php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #26008 mail() crashes apache with some parameters
Submitted: 2003-10-27 14:26 UTC Modified: 2003-10-27 21:56 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: rich at tallman dot org Assigned:
Status: Closed Package: Mail related
PHP Version: 4.3.3 OS: Windows XP
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: rich at tallman dot org
New email:
PHP Version: OS:

 

 [2003-10-27 14:26 UTC] rich at tallman dot org 
Description:
------------
Any script passing invalid headers will result in a crash of the apache web server when using the apache module version of php 4.3.3 (from the binary zip download)

This particular type of invalid header is commonly used to circumvent other unpredictable strange behaviors with the mail command.

Reproduce code:
---------------
mail("rich@tallman.org","test message","","From: rich@tallman.org\n\nThis is a test message.");

Expected result:
----------------
Apache will crash (usually creating a windows XP error window)

Actual result:
--------------
szAppName : Apache.exe     szAppVer : 2.0.47.0     szModName : php4ts.dll     
szModVer : 4.3.3.3     offset : 0009defe

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-10-27 14:29 UTC] rich at tallman dot org 
More likely cause! -- Emty message parameter may be the cause of the crash.. the following code does *not* crash apache:

mail("rich@tallman.org","test message"," ","From:
rich@tallman.org\n\nThis is a test message.");


Please note the space in the message field.
 [2003-10-27 17:33 UTC] iliaa@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
 [2003-10-27 21:56 UTC] rich at tallman dot org 
I *KISS* YOU! All my base are belong to you.

Fixed.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Wed May 08 00:01:31 2024 UTC