php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #29795 SegFault with Soap and Amazon's Web Services
Submitted: 2004-08-23 01:18 UTC Modified: 2004-08-26 17:27 UTC
From: jamus at jamus dot com Assigned: dmitry
Status: Closed Package: Reproducible crash
PHP Version: 5.0.1 OS: Redhat 9
Private report: No CVE-ID:
 [2004-08-23 01:18 UTC] jamus at jamus dot com
Description:
------------
I receive a segfault when executing the code below.  If 
I change $stuff[0] to "Small", everything works fine.

Reproduce code:
---------------
<?php
$client = new SoapClient("http://aws-beta.amazon.com/AWSSchemas/AWSProductData/beta/US.wsdl");

$request->{"Operation"}="ItemLookup";
$request->{"ItemId"}="1565926102";
$stuff[0]="Medium";
$request->{"ResponseGroup"}=$stuff;

$ar->{"Request"}=$request;
$ar->{"SubscriptionId"}="18BJZ2XBVHZX80H4YCG2";


$ar=$client->ItemLookup($ar);
var_dump($ar);
?>

Expected result:
----------------
The variable ar dumped.

Actual result:
--------------
#0  sdl_guess_convert_zval (enc=0x8353dcc, 
data=0x83ba948)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:2469
#1  0x080c515f in master_to_zval (encode=0x8353dcc, 
data=0x83ba948)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:327
#2  0x080c61c0 in model_to_zval_object (ret=0x83b7a14, 
model=0x83949b4, 
    data=0x839468c, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:891
#3  0x080c6430 in model_to_zval_object (ret=0x83b7a14, 
model=0x839492c, 
    data=0x83ba8f8, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:949
#4  0x080c6675 in to_zval_object (type=0x83ba98f, 
data=0x83ba8f8)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:1027
#5  0x080c515f in master_to_zval (encode=0x8355f3c, 
data=0x83ba8f8)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:327
#6  0x080c61c0 in model_to_zval_object (ret=0x83b7304, 
model=0x83a326c, 
    data=0x839a924, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:891
#7  0x080c6430 in model_to_zval_object (ret=0x83b7304, 
model=0x83a0f14, 
    data=0x83ba2b8, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:949
#8  0x080c6675 in to_zval_object (type=0x83ba98f, 
data=0x83ba2b8)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:1027
#9  0x080c515f in master_to_zval (encode=0x8353d8c, 
data=0x83ba2b8)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:327
#10 0x080c61c0 in model_to_zval_object (ret=0x83b6a5c, 
model=0x8384f94, 
    data=0x8383fec, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:891
#11 0x080c6430 in model_to_zval_object (ret=0x83b6a5c, 
model=0x8384c44, 
    data=0x83b98e0, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:949
#12 0x080c6675 in to_zval_object (type=0x83ba98f, 
data=0x83b98e0)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:1027
#13 0x080c515f in master_to_zval (encode=0x8355fbc, 
data=0x83b98e0)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:327
#14 0x080c61c0 in model_to_zval_object (ret=0x83b6694, 
model=0x837aebc, 
    data=0x837ac04, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:891
#15 0x080c6430 in model_to_zval_object (ret=0x83b6694, 
model=0x837acd4, 
    data=0x83b95d0, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:949
#16 0x080c6675 in to_zval_object (type=0x83ba98f, 
data=0x83b95d0)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:1027
#17 0x080c515f in master_to_zval (encode=0x83565bc, 
data=0x83b95d0)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:327
#18 0x080c61c0 in model_to_zval_object (ret=0x83b44d4, 
model=0x8371da4, 
    data=0x8371bec, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:891
#19 0x080c6430 in model_to_zval_object (ret=0x83b44d4, 
model=0x8371cc4, 
    data=0x83b4660, sdl=0x834fdb4)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:949
#20 0x080c6675 in to_zval_object (type=0x83ba98f, 
data=0x83b4660)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:1027
#21 0x080c515f in master_to_zval (encode=0x8356bfc, 
data=0x83b4660)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_encoding.c:327
#22 0x080cfd60 in parse_packet_soap (this_ptr=0x83556bc, 
    buffer=0x83b588c "<?xml version=\"1.0\" 
encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-
ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" 
\nxmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/
encoding/\" \nxmlns:xsi=\"http://www.w"..., 
    buffer_size=2638, fn=0x83b14f4, fn_name=0x0, 
return_value=0x835512c, 
    soap_headers=0x0)
    at /home/jamus/SRC/php-5.0.1/ext/soap/
php_packet_soap.c:297
#23 0x080be13e in do_soap_call (this_ptr=0x83556bc, 
    function=0x835506c "ItemLookup", function_len=10, 
arg_count=1, 
    real_args=0x83550ac, return_value=0x835512c, 
soap_action=0x0, 
    call_uri=0x0, soap_headers=0x0, output_headers=0x0)
    at /home/jamus/SRC/php-5.0.1/ext/soap/soap.c:2128
#24 0x080be970 in zif_SoapClient___call (ht=2, 
return_value=0x835512c, 
    this_ptr=0x83556bc, return_value_used=1)
    at /home/jamus/SRC/php-5.0.1/ext/soap/soap.c:2293
#25 0x0819ed02 in zend_call_function (fci=0xbfffd230, 
fci_cache=0x0)
    at /home/jamus/SRC/php-5.0.1/Zend/
zend_execute_API.c:853
#26 0x0819e880 in call_user_function_ex 
(function_table=0x80ca5dc, 
    object_pp=0x80ca5dc, function_name=0x80ca5dc, 
retval_ptr_ptr=0x80ca5dc, 
    param_count=135046620, params=0x80ca5dc, 
no_separation=135046620, 
    symbol_table=0x80ca5dc)
    at /home/jamus/SRC/php-5.0.1/Zend/
zend_execute_API.c:550
#27 0x081b4345 in zend_std_call_user_call (ht=1, 
return_value=0x835508c, 
    this_ptr=0x83556bc, return_value_used=1)
    at /home/jamus/SRC/php-5.0.1/Zend/
zend_object_handlers.c:572
#28 0x081c1196 in zend_do_fcall_common_helper 
(execute_data=0xbfffd600, 
    opline=0x8354a74, op_array=0x834febc)
    at /home/jamus/SRC/php-5.0.1/Zend/zend_execute.c:
2708
#29 0x081be792 in execute (op_array=0x834febc)
    at /home/jamus/SRC/php-5.0.1/Zend/zend_execute.c:
1400
#30 0x081a705b in zend_execute_scripts (type=8, 
retval=0x0, file_count=3)
    at /home/jamus/SRC/php-5.0.1/Zend/zend.c:1061
#31 0x0817b3cb in php_execute_script 
(primary_file=0xbffff9a0)
    at /home/jamus/SRC/php-5.0.1/main/main.c:1627
#32 0x081c7c13 in main (argc=2, argv=0xbffffa34)
    at /home/jamus/SRC/php-5.0.1/sapi/cgi/cgi_main.c:
1568
#33 0x4041462d in __libc_start_main () from /lib/
libc.so.6

(gdb) frame 29
#29 0x081be792 in execute (op_array=0x834febc)
    at /home/jamus/SRC/php-5.0.1/Zend/zend_execute.c:
1400
1400                    if (EX(opline)-
>handler(&execute_data, EX(opline), op_array TSRMLS_CC)) 
{

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-08-23 08:38 UTC] derick@php.net
Assigning to dmitry.
 [2004-08-26 17:27 UTC] dmitry@php.net
Fixed in CVS (HEAD and PHP_5_0)
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sat Apr 19 06:02:27 2014 UTC