PHP :: Bug #33758 :: segfault in imap_mail

Bug #33758	segfault in imap_mail_compose
Submitted:	2005-07-18 20:46 UTC	Modified:	2005-11-03 16:17 UTC
From:	0602 at eq dot cz	Assigned:	iliaa (profile)
Status:	Not a bug	Package:	IMAP related
PHP Version:	5CVS, 4CVS (2005-07-20)	OS:	Slackware Linux
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2005-07-18 20:46 UTC] 0602 at eq dot cz

Description:
------------
Whenever I run following code with imap_mail_compose() function, something like this gets logged: "[notice] child pid 11556 exit signal Segmentation fault (11)". Functions imap_listmailbox(), imap_headers() and imap_open() are working fine.

Reproduce code:
---------------
<?
$m_envelope["to"] = "aa@aaaaaaaaaaaaaaaaaaaa.cz";

$m_part1["type"] = TYPEMULTIPART;
$m_part1["subtype"] = "mixed";

$m_part2["type"] = TYPETEXT;
$m_part2["subtype"] = "plain";
$m_part2["charset"] = "WINDOWS-1250";
$m_part2["description"] = "text_message";
$m_part2["contents.data"] = "content";

$m_body[1] = $m_part1;
$m_body[2] = $m_part2;

$m_whole = IMAP_Mail_Compose($m_envelope,$m_body);
?>

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-07-18 20:55 UTC] derick@php.net

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

[2005-07-18 23:58 UTC] 0602 at eq dot cz

# gdb /usr/local/apache2/bin/httpd   
GNU gdb 5.3
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-slackware-linux"...
(gdb) run -X
Starting program: /usr/local/apache2/bin/httpd -X
[New Thread 16384 (LWP 7894)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 7894)]
0x003ba3bd in pthread_mutex_lock () from /lib/libpthread.so.0
(gdb) bt
#0  0x003ba3bd in pthread_mutex_lock () from /lib/libpthread.so.0
#1  0x0047e880 in free () from /lib/libc.so.6
#2  0x00785bee in fs_give () from /usr/local/apache2/modules/libphp4.so
#3  0x00795199 in mail_free_body_parameter () from /usr/local/apache2/modules/libphp4.so
#4  0x00794f94 in mail_free_body_data () from /usr/local/apache2/modules/libphp4.so
#5  0x007951c5 in mail_free_body_part () from /usr/local/apache2/modules/libphp4.so
#6  0x00795140 in mail_free_body_data () from /usr/local/apache2/modules/libphp4.so
#7  0x00794f4d in mail_free_body () from /usr/local/apache2/modules/libphp4.so
#8  0x006540dc in zif_imap_mail_compose () from /usr/local/apache2/modules/libphp4.so
#9  0x00774c60 in execute () from /usr/local/apache2/modules/libphp4.so
#10 0x00761471 in zend_execute_scripts () from /usr/local/apache2/modules/libphp4.so
#11 0x0072ca3c in php_execute_script () from /usr/local/apache2/modules/libphp4.so
#12 0x0077ab2c in execute () from /usr/local/apache2/modules/libphp4.so
#13 0x0806712a in ap_run_handler (r=0x822a7f0) at config.c:153
#14 0x08067642 in ap_invoke_handler (r=0x822a7f0) at config.c:364
#15 0x08064a3f in ap_process_request (r=0x822a7f0) at http_request.c:249
#16 0x08060af9 in ap_process_http_connection (c=0x82248b0) at http_core.c:251
#17 0x0806f3f6 in ap_run_process_connection (c=0x82248b0) at connection.c:43
#18 0x08065ca3 in child_main (child_num_arg=3) at prefork.c:610
#19 0x08065e4e in make_child (s=0x809c340, slot=0) at prefork.c:650
#20 0x08065ea7 in startup_children (number_to_start=2) at prefork.c:722
#21 0x080665b5 in ap_mpm_run (_pconf=0x806566c, plog=0x80c4638, s=0x809c340) at prefork.c:941
#22 0x0806b56a in main (argc=2, argv=0xbffffa24) at main.c:618
#23 0x0041ebb4 in __libc_start_main () from /lib/libc.so.6
(gdb)

[2005-07-19 00:07 UTC] sniper@php.net

I can not reproduce this. Exactly what c-client version are you compiling PHP with? What configure line did you use?

[2005-07-19 02:19 UTC] 0602 at eq dot cz

The crash is reproducible with c-client from pine 4.62 and 4.63, build script is similar to this one:
ftp://ftp.slackware.com/pub/slackware/slackware-current/source/n/php/php.SlackBuild
with the exception that I use apache2, i.e. different apxs. I don't get the segfault with php 4.3.10 and c-client from pine 4.63.

[2005-07-19 21:18 UTC] sniper@php.net

Assigned to Ilia who said he could reproduce this.

[2005-07-20 20:55 UTC] sniper@php.net

Please do not submit the same bug more than once. An existing
bug report already describes this very problem. Even if you feel
that your issue is somewhat different, the resolution is likely
to be the same. 

Thank you for your interest in PHP.

See bug #32589

[2005-07-21 01:41 UTC] 0602 at eq dot cz

Bug #32589 was reported 2.4.2005 - more then three months before 4.4.0 (11.7.2005) and I have very strong feeling that at the time I was submitting this one, #32589 was marked as closed. It's good to know that every record here marked closed should people consider ``existing''. Anyway - let's suppose that #32589 was marked as open at the time I was submitting this one - is it a common practise to release another _stable_ version when you know there is such a serious bug in it?

[2005-11-03 16:17 UTC] 0602 at eq dot cz

Pathetic. Here is a patch to 4.4.1:
H4sICAkgakMCA2ltYXBfbWFpbF9jb21wb3NlLnBhdGNoAO1VTW/iMBA9p7/C6qEK
DW6dZIFSRAVCSHtAVUXaPezFchOXREs+5Bgou9r/viYx+VgSGqT21OYAyBm/mXlv
3gAhBPSVX3s+ia4jN8K7H1c2DJm3UAyEOlDXITKB3rk19VsTXaH9AzSkI3SmaVoV
QKO7oxGAxk3vpt0FWvLdA6PRGVDEY69iHvrYpcShLMYRYcQHQ+ATb4kDunkOnW16
SDllamsgb4XBmjKOeYhjzrxggemrSoM1dggnWVAFNLxbk+WKigyq7RIGLlvgJcYL
ytWf2Hqcz6b3+OEhRwIa0AWcVg9HuMj/vOI7yPun2Uzm9qlvR1v1SAltkGT8MZ6V
MsrjmkIS7N80cLBLYhf74Zril5BtCHNEA+P5Hi5KUrSOMxEIOUXV3I/Sk0GqUx/1
hT6a0ddRrlMl4TJLmiSDeVO9LDIXQ3AlYNUiI3kLsHynyPj55Pt4bk0fz1ONaqIk
ehZ8WIekQtQL77J606jyWZkv8f6vJE2XpBkF0pSN6y0pUHPBxKBhe8UYDXiia5Vo
baCuQ88Bl2I2LxwvjuQEDIfAeppMppbVAn9SfCV53dAzSnUZv+i2uooL8UZ8eoHT
BkjKUMxY5lgES5/UhkgZRGRWUuVY5T0PDtps5t8CawXf7E15gFa2Yn657MUD0FT4
jpkK3/n2JfwnEt5Eem8nvPgu/p0134JVa/BYa1KeYl+yrf+Byl1lstaDQaXxhj1x
xTbcsW8tWbllTWRIzo0i5x/vttPs9j5+a2K4UxzX1HLv5bmPMV1XTwega3wNwCcb
gH+EF9R8wgwAAA==

It's base64 from gzipped patch, I hope the web interface won't corrupt it. Extract with e.g. 'echo -n "THE_STRING" | openssl base64 -d | zcat > patchfile'.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2023 The PHP Group All rights reserved.	Last updated: Tue Oct 03 05:01:25 2023 UTC