PHP :: Bug #34953 :: Segfault when doing weird MySQL query

Bug #34953	Segfault when doing weird MySQL query
Submitted:	2005-10-22 03:01 UTC	Modified:	2005-10-23 17:22 UTC
From:	juraj dot nospam at bednar dot sk	Assigned:
Status:	Not a bug	Package:	MySQL related
PHP Version:	5CVS-2005-10-22 (snap)	OS:	Debian Sarge
Private report:	No	CVE-ID:	None

View Developer Edit

[2005-10-22 03:01 UTC] juraj dot nospam at bednar dot sk

Description:
------------
When doing an SQL query (which had errors), I get segfault 
with apache 2.0.55 prefork, mysql 5.0.5 from debian testing 
(ldd shows it's linked with correct library) using legacy code 
(old version of drupal). While legacy code does not have to 
work, segfault when running it is not expected

Reproduce code:
---------------
INSERT INTO watchdog (uid, type, message, location, hostname, timestamp) VALUES (\'\', \'error\', \'warning: array_merge() [<a href=\\\'function.array-merge\\\'>function.array-merge</a>]: Argument #1 is not an array in /home/juraj/www/includes/common.inc on line 710.\', \'?\', \'82.100.100.200\', \'1129942132\')

causes php child to segfault

Expected result:
----------------
i did not expect it to actually execute, but the segfault is 
wrong behaviour.


Actual result:
--------------
This is a part of strace, which shows the problem. 28 is 
mysql socket.

Another queries work well.

[pid  3442] time(NULL)                  = 1129942132
[pid  3442] fcntl64(28, F_SETFL, O_RDWR|O_NONBLOCK) = 0
[pid  3442] read(28, 0x83b47c8, 8192)   = -1 EAGAIN 
(Resource temporarily unavailable)
[pid  3442] fcntl64(28, F_SETFL, O_RDWR) = 0
[pid  3442] write(28, ":\1\0\0\3INSERT INTO watchdog (uid, 
type, message, location, hostname, timestamp) VALUES (\'\', 
\'error\', \'warning: array_merge() [<a href=\\
\'function.array-merge\\\'>function.array-merge</a>]: 
Argument #1 is not an array in /home/juraj/www/includes/
common.inc on line 710.\', \'?\', \'82.100.100.200\', 
\'1129942132\')", 318) = 318
[pid  3442] read(28, "\7\0\0\1\0\1\33\2\0\1\0", 16384) = 11
[pid  3442] --- SIGSEGV (Segmentation fault) @ 0 (0) ---
[pid  3442] chdir("/usr/local/apache2") = 0
[pid  3442] rt_sigaction(SIGSEGV, {SIG_DFL}, {SIG_DFL}, 8) = 
0
[pid  3442] getpid()                    = 3442
[pid  3442] getpid()                    = 3442
[pid  3442] kill(3442, SIGSEGV)         = 0
[pid  3442] sigreturn()                 = ? (mask now 
[RTMIN])
[pid  3442] --- SIGSEGV (Segmentation fault) @ 0 (0) ---

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-10-22 11:48 UTC] tony2001@php.net

Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc.

If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.

[2005-10-23 17:20 UTC] juraj dot nospam at bednar dot sk

related to Zend Optimizer, please close.

[2005-10-23 17:22 UTC] iliaa@php.net

Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions.  Due to the volume
of reports we can not explain in detail here why your report is not
a bug.  The support channels will be able to provide an explanation
for you.

Thank you for your interest in PHP.

related to Zend Optimizer

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun May 25 05:01:28 2025 UTC