|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #3127 httpd process dumps core due to ldap_add
Submitted: 2000-01-06 17:51 UTC Modified: 2002-10-01 16:57 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: jim at budget dot co dot nz Assigned:
Status: Wont fix Package: Reproducible Crash
PHP Version: 3.0.13 OS: Redhat Linux 6.0
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2000-01-06 17:51 UTC] jim at budget dot co dot nz
gdb backtrace
(gdb) run -X
Starting program: /usr/sbin/httpd -X

Program received signal SIGSEGV, Segmentation fault.
0x401ff85b in ber_put_string (ber=0x80fb9a8, str=0x0, tag=4294967295) at encode.c:265
265             return( ber_put_ostring( ber, str, strlen( str ), tag ));
(gdb) bt
#0  0x401ff85b in ber_put_string (ber=0x80fb9a8, str=0x0, tag=4294967295) at encode.c:265
#1  0x401ffd47 in ber_printf (ber=0x80fb9a8, fmt=0x4021b09c "s[v]}") at encode.c:565
#2  0x401fb255 in ldap_add (ld=0x80fe3e8, dn=0x80fe250 "cn=Just Testing, o=Budget, c=NZ", 
    attrs=0x80fb3d0) at add.c:80
#3  0x401fb2d6 in ldap_add_s (ld=0x80fe3e8, dn=0x80fe250 "cn=Just Testing, o=Budget, c=NZ", 
    attrs=0x80fb3d0) at add.c:106
#4  0x401df508 in php3_ldap_do_modify (ht=0x8105d88, return_value=0x40232280, list=0x402337a0, 
    plist=0x40233760, oper=0) at functions/ldap.c:1237
#5  0x401df60a in php3_ldap_add (ht=0x8105d88, return_value=0x40232280, list=0x402337a0, 
    plist=0x40233760) at functions/ldap.c:1265
#6  0x401efe5f in phpparse () at control_structures_inline.h:929
#7  0x401afac0 in php3_parse (yyin=0x80f3e68) at main.c:1538
#8  0x401afd9c in apache_php3_module_main (r=0x80ef60c, fd=19, display_source_mode=0, 
    preprocessed=0) at main.c:1892
#9  0x401acbc1 in send_php3 ()
#10 0x401acc47 in send_parsed_php3 ()
#11 0x806ac43 in ap_invoke_handler ()
#12 0x807df39 in process_request_internal ()
#13 0x807df9c in ap_process_request ()
#14 0x807595e in child_main ()
#15 0x8075aec in make_child ()
#16 0x8075c49 in startup_children ()
#17 0x8076276 in standalone_main ()
#18 0x80769f3 in main ()
#19 0x400b81eb in __libc_start_main (main=0x80766bc <main>, argc=2, argv=0xbffffcb4, 
    init=0x804ec1c <_init>, fini=0x80aa6bc <_fini>, rtld_fini=0x4000a610 <_dl_fini>, 
    stack_end=0xbffffcac) at ../sysdeps/generic/libc-start.c:90

script that causes the problem
<? include("header.html"); ?>
echo "Processing...";
$dn="cn=".$Fullname.", o=Budget, c=NZ";
echo $dn;
$attrib["deliveryprogrampath"]="/usr/bin/deliver ".$uid;
exec("/home/httpd/cgi-bin/imapmkdir user.".$uid);

info on the script
header.html contains the details to connect to the ldap server...  it has a small function (goldap()) to connect then bind to the ldap server as the rootdn (so I don't need to change it in a million different places, and I can use different ldap databases easily) and this function works perfectly on quite a few other pages. I have another page that uses ldap_modify with no problems.

version info
PHP 3.0.12 and 3.0.13 do the same thing.  Apache version 1.3.9 running on Redhat Linux 6.0.  Kernel is 2.2.13 and gnu libc 2.1.1 (have just tried upgrading to 2.1.2 in case this was a libc problem, but it hasn't helped).  Problem occurs on both openldap-1.2.3 and 1.2.8.  If any other information would be useful (additional scripts, config files) I am happy to provide it.
PHP: ./configure --with-ldap=/usr/local --with-apxs=/usr/apache/bin/apxs

Apache: ./configure --enable-rule=SHARED_CORE --prefix=/usr/apache --add-module=src/modules/standard/mod_so.c


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2002-10-01 15:47 UTC]
#3138 ldap_update may also crash ...
 [2002-10-01 16:57 UTC]
We are sorry, but can not support PHP 3 related problems anymore.
Momentum is gathering for PHP 5, and we think supporting PHP 3 will
lead to a waste of resources which we want to put into getting PHP 5
ready. Ofcourse PHP 4 will will continue to be supported for the
forseeable future.

works in php 4.2.3
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Apr 15 00:01:28 2024 UTC