php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #28777 Segmentation fault when returning more than 3 results via odbc_result
Submitted: 2004-06-14 17:51 UTC Modified: 2005-01-26 01:00 UTC
Votes:3
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: c_rl_h at hotmail dot com Assigned:
Status: No Feedback Package: ODBC related
PHP Version: 4.3.7 OS: Linux AMD 64
Private report: No CVE-ID:
Have you experienced this issue?
Rate the importance of this bug to you:

 [2004-06-14 17:51 UTC] c_rl_h at hotmail dot com
Description:
------------
web@dogregr:/home/web> uname -a
Linux dogregr 2.4.21-143-smp #1 SMP Thu Oct 30 23:48:07 UTC 2003 x86_64 unknown

web@dogregr:/home/web> cat /proc/meminfo
        total:    used:    free:  shared: buffers:  cached:
Mem:  7659995136 7491145728 168849408        0 327503872 6304870400
Swap: 2147467264 12349440 2135117824

web@dogregr:/home/web> cat /proc/cpuinfo
processor       : 0
vendor_id       : AuthenticAMD
cpu family      : 15
model           : 5
model name      : AMD Opteron(tm) Processor 848
stepping        : 8
cpu MHz         : 2190.156
cache size      : 1024 KB
fpu             : yes
fpu_exception   : yes
cpuid level     : 1
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
bogomips        : 4364.69
TLB size        : 1088 4K pages
clflush size    : 64
address sizes   : 40 bits physical, 48 bits virtual
power management: ts ttp

processor       : 1
vendor_id       : AuthenticAMD
cpu family      : 15
model           : 5
model name      : AMD Opteron(tm) Processor 848
stepping        : 8
cpu MHz         : 2190.156
cache size      : 1024 KB
fpu             : yes
fpu_exception   : yes
cpuid level     : 1
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
bogomips        : 4377.80
TLB size        : 1088 4K pages
clflush size    : 64
address sizes   : 40 bits physical, 48 bits virtual
power management: ts ttp

processor       : 2
vendor_id       : AuthenticAMD
cpu family      : 15
model           : 5
model name      : AMD Opteron(tm) Processor 848
stepping        : 8
cpu MHz         : 2190.156
cache size      : 1024 KB
fpu             : yes
fpu_exception   : yes
cpuid level     : 1
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
bogomips        : 4377.80
TLB size        : 1088 4K pages
clflush size    : 64
address sizes   : 40 bits physical, 48 bits virtual
power management: ts ttp

processor       : 3
vendor_id       : AuthenticAMD
cpu family      : 15
model           : 5
model name      : AMD Opteron(tm) Processor 848
stepping        : 8
cpu MHz         : 2190.156
cache size      : 1024 KB
fpu             : yes
fpu_exception   : yes
cpuid level     : 1
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
bogomips        : 4377.80
TLB size        : 1088 4K pages
clflush size    : 64
address sizes   : 40 bits physical, 48 bits virtual
power management: ts ttp

configure line:
./configure --with-ibm-db2=/home/web/sqllib --enable-debug --with-apxs=/usr/local/apache/bin/apxs

Apache version:
Apache 1.3.31

To test this, I simplified the page down to the reproduce code posted below.  The error seems to occur when getting the results via odbc_result.  

If I try to get more than three results of a result set, PHP seems to crash.  If I comment out the fourth result (eg. $last_communication = odbc_result($result, 4);) the page will return the results for the first three successfully.  Any amount of results over three will cause the failure.  Another thing I tried was switching the integer field to the actual name of the field with the same result.

I tried to re-work the code to use odbc_fetch_array and odbc_fetch_into, but those failed as well.  The odbc_result_all function did return all of the proper results successfully.

Reproduce code:
---------------
<HTML><HEAD><TITLE>test</TITLE></HEAD><BODY>
<?PHP
$dbconn = odbc_pconnect($opsdb, $opsdbuser, $opsdbpass);
$query = "select hostname, bit, status, last_communication from slaves for read only";
$result = odbc_exec($dbconn, $query);
while ( odbc_fetch_row($result))
{
	
    $hostname = odbc_result($result,1);
    $bit = odbc_result($result, 2);
    $status = odbc_result($result, 3);
    $last_communication = odbc_result($result, 4);
    echo "$hostname, $bit, $status,    
          $last_communication<BR>\n";
}
?>
</BODY></HTML>

Expected result:
----------------
I expected 1029 rows to be returned.

Actual result:
--------------
dogregr:/usr/local/apache/bin # gdb /usr/local/apache/bin/httpd
GNU gdb 5.3
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-suse-linux"...
(gdb) run -X
        Keeping /usr/local/apache/bin/httpd...
Starting program: /usr/local/apache/bin/httpd -X
[New Thread 1024 (LWP 19645)]
[Mon Jun 14 11:43:13 2004] [warn] module mod_php4.c is already added, skipping

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 19645)]
0x0000002a95b9e389 in .memcpypreloop () from /lib64/libc.so.6
(gdb)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-06-15 09:14 UTC] o at vip dot hr
I have a problem with odbc_result function, but in my case odbc_result_all function works perfectly. BTW my Linux is 64-bits "virtual" box on IBM/S390. Please, try odbc_result_all and let's know what's on. If your odbc_result_all function works, then we've same 'bug'.

my examples>

=Code:
    $sql = "SELECT * FROM USR";
    $rez = odbc_exec($con,$sql);
    echo odbc_result($rez,1);
=Result: Segmentation fault

=Code:
    $sql = "SELECT * FROM USR WHERE USR='0023'";
    $rez = odbc_exec($con,$sql);
    echo odbc_result($rez,1);
=Result: 
FATAL: emalloc(): Unable to allocate 2147487809 bytes
=Comment:
Sometimes odbc_result return correct result + trash. Sometimes (very often) trash has DB connection passwd. Passwd on web? No, thanks. :-)

=Code:
    $sql = "SELECT * FROM USR";
    $rez = odbc_exec($con,$sql);
    echo odbc_result_all($rez);
=Result: O.K. (all 58 rows from USR)
 [2004-06-15 10:39 UTC] o at vip dot hr
Upssss I didn't see that odbc_result_all was tested. Sorry!

=Code:    
    $sql = "SELECT * FROM USR WHERE USR='0023'";
    $rez = odbc_exec($con,$sql);
    if($rez!=0)
    {
      echo odbc_result($rez,1);
    }
=Result: correct value + trash 

Expected result:
<body>
John
</body>

Actual result:
<body>
John...lsafiun4=()=/%%&$...this is trash ... this is my password ... &/&(/&(/&(/
..........
..<body>
 [2005-01-18 16:53 UTC] tony2001@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

Please, paste _full_ backtrace if you still expirience this problem.
 [2005-01-21 16:00 UTC] o at vip dot hr
UNAME: Linux creepy3 2.4.21-107-default #1 SMP Thu Feb 12 23:13:08 UTC 2004 s390x 

Configure Command: './configure' '--with-apxs=/usr/sbin/apxs' '--with-mysql' '--with-ibm-db2=/home/db2inst1/sqllib/' '--with-config-file-path=/etc' '--sysconfdir=/etc' '--enable-calendar' '--with-bz2=/usr' '--enable-ftp' '--with-zlib' '--with-kerberos=/usr' '--with-dom=shared' '--with-gd' '--with-ttf=shared' '--with-jpeg-dir=shared' '--with-png-dir=/usr/local/lib' '--with-xpm' '--with-freetype-dir=shared' '--with-zip2'  

Apache/1.3.26 (Linux/SuSE) mod_python/2.7.8 Python/2.2.1 PHP/4.3.11-dev mod_perl/1.27 

ODBC library:  db2  
ODBC_INCLUDE:  -I/home/db2inst1/sqllib//include  
ODBC_LFLAGS:  -L/home/db2inst1/sqllib//lib  
ODBC_LIBS:  -ldb2  

odbc_result_all function works well, but odbc_result function failed:

<?php
  $con = odbc_connect("dbase", "me", "bigeyes");
  if($con!=0)
  {
    $sql = "SELECT * FROM TBUSERS WHERE USRID='me'";
    $rez = odbc_exec($con,$sql);
    if($rez!=0)
    {
       echo odbc_result($rez,"NAME");
    }
  }
  echo "\n";
?>

expected result: NAME e.g. Joe Mix

1st result : empty (often) 
2nd result : NAME + some characters/blanks in add (occure a few times) e.g. "Joe Mix======" 
(where = stands for whitespace, non-ASCII, etc)
 [2005-01-26 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 17 18:02:13 2014 UTC