php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #27058 Segfault when connecting to the database without password
Submitted: 2004-01-27 10:01 UTC Modified: 2004-01-27 20:38 UTC
From: php at dima dot spb dot ru Assigned:
Status: Closed Package: Sybase (dblib) related
PHP Version: 4.3.4 OS: RedHat 9
Private report: No CVE-ID:
 [2004-01-27 10:01 UTC] php at dima dot spb dot ru
Description:
------------
// $Id: sybase.php,v 1.32 2004/01/22 15:13:01 danielc Exp $

        if ($interface && $user && $pw) {
            $conn = @$connect_function($interface, $user, $pw);
        } elseif ($interface && $user) {
            $conn = @$connect_function($interface, $user);
        } else {
            $conn = FALSE;
        }

The second branch is executed when no password is given. Unfortunately, it causes segfault on my system. I have no idea why but I think it is because there is no sybase_connect function with two arguments.

If I change

            $conn = @$connect_function($interface, $user);

to

            $conn = @$connect_function($interface, $user, false);

everything works fine.

I'm using FreeTDS 0.62.1


Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
zend_get_parameters_ex (param_count=1)
    at /root/eagle/php-4.3.4/Zend/zend_API.c:133
133     /root/eagle/php-4.3.4/Zend/zend_API.c: No such file or directory.
        in /root/eagle/php-4.3.4/Zend/zend_API.c

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-01-27 10:07 UTC] sniper@php.net
Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php

If you can provide more information, feel free to add it
to this bug and change the status back to "Open".

Thank you for your interest in PHP.



 [2004-01-27 12:27 UTC] php at dima dot spb dot ru
will it help?

bash$ echo "<?php sybase_connect('TESTDB', 'sa'); ?>" | php
Segmentation fault (core dumped)

...

(gdb) bt
#0  zend_get_parameters_ex (param_count=1)
    at /root/eagle/php-4.3.4/Zend/zend_API.c:133
#1  0x080dfe30 in php_sybase_do_connect (ht=135980524, return_value=0x81b5b9c, 
    this_ptr=0x0, return_value_used=0, persistent=0)
    at /root/eagle/php-4.3.4/ext/sybase/php_sybase_db.c:333
#2  0x080e07b9 in zif_sybase_connect (ht=2, return_value=0x81b5b9c, 
    this_ptr=0x0, return_value_used=0)
    at /root/eagle/php-4.3.4/ext/sybase/php_sybase_db.c:575
#3  0x0812f58e in execute (op_array=0x81b1944)
    at /root/eagle/php-4.3.4/Zend/zend_execute.c:1616
#4  0x08122cd5 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /root/eagle/php-4.3.4/Zend/zend.c:884
#5  0x080fd607 in php_execute_script (primary_file=0xbffff5d0)
    at /root/eagle/php-4.3.4/main/main.c:1729
#6  0x08134197 in main (argc=1, argv=0xbffff654)
    at /root/eagle/php-4.3.4/sapi/cli/php_cli.c:819
#7  0x42015574 in __libc_start_main () from /lib/tls/libc.so.6
(gdb) frame 3
#3  0x0812f58e in execute (op_array=0x81b1944)
    at /root/eagle/php-4.3.4/Zend/zend_execute.c:1616
1616                                                            ((zend_internal_function *) EX(function_state).function)->handler(EX(opline)->extended_value, EX(Ts)[EX(opline)->result.u.var].var.ptr, EX(object).ptr, return_value_used TSRMLS_CC);
(gdb)
 [2004-01-27 20:38 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sun Apr 20 10:02:06 2014 UTC