php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #35753 mysql_fetch_field + mysql 5.0.17 crashes PHP
Submitted: 2005-12-21 00:49 UTC Modified: 2005-12-23 19:12 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: reweiner at yahoo dot com Assigned:
Status: Closed Package: MySQL related
PHP Version: 5.1.1 OS: RedHat AS 3.0
Private report: No CVE-ID: None
 [2005-12-21 00:49 UTC] reweiner at yahoo dot com
Description:
------------
Compiling php 5.1.1 on a machine that has mysql 5.0.17 installed crashes when calling mysql_fetch_field

Reproduce code:
---------------
<?php

$conn = mysql_connect(....,....,....) or mysql_die();
mysql_select_db("teste", $conn);

$result = mysql_query('select * from teste');
/* get column metadata */
$i = 0;
while ($i < mysql_num_fields($result)) {
   echo "Information for column $i:<br />\n";
   $meta = mysql_fetch_field($result, $i);
   $i++;
   echo "Meta $meta, $result\n";
}
mysql_free_result($result);

mysql_close($conn);
?>


Expected result:
----------------
It should work

Actual result:
--------------
It crashes

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-12-21 00:57 UTC] tony2001@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.


 [2005-12-21 00:58 UTC] tony2001@php.net
Also, it'd be good to have structure of the table too.
 [2005-12-21 13:13 UTC] reweiner at yahoo dot com
Backtrace:

#0  0x0026b78b in strlen () from /lib/tls/libc.so.6
#1  0x01102c8b in add_property_string_ex (arg=0x860f7ec, key=0x1001 <Address 0x1001 out of bounds>, key_len=4, 
    str=0x1001 <Address 0x1001 out of bounds>, duplicate=1) at /usr/src/redhat/BUILD/php-5.1.1/Zend/zend_API.c:1264
#2  0x005c5439 in zif_mysql_fetch_field (ht=4097, return_value=0x860f7ec, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1)
    at /usr/src/redhat/BUILD/php-5.1.1/ext/mysql/php_mysql.c:2266
#3  0x01126f57 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfffa5c0) at /usr/src/redhat/BUILD/php-5.1.1/Zend/zend_vm_execute.h:188
#4  0x01126758 in execute (op_array=0x860f61c) at /usr/src/redhat/BUILD/php-5.1.1/Zend/zend_vm_execute.h:88
#5  0x010ffbf9 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/redhat/BUILD/php-5.1.1/Zend/zend.c:1090
#6  0x010c2cfe in php_execute_script (primary_file=0xbfffc950) at /usr/src/redhat/BUILD/php-5.1.1/main/main.c:1704
#7  0x01189a3e in php_handler (r=0x86028a8) at /usr/src/redhat/BUILD/php-5.1.1/sapi/apache2handler/sapi_apache2.c:584
#8  0x08068625 in ap_run_handler ()
#9  0x08068c3f in ap_invoke_handler ()
#10 0x08065266 in ap_process_request ()
#11 0x080608dc in _start ()
#12 0x086028a8 in ?? ()
#13 0x00000004 in ?? ()
#14 0x086028a8 in ?? ()
#15 0x0807245c in ap_run_pre_connection ()
#16 0x08072315 in ap_run_process_connection ()
#17 0x08066b01 in ap_graceful_stop_signalled ()
#18 0x08066d1a in ap_graceful_stop_signalled ()
#19 0x08066d76 in ap_graceful_stop_signalled ()
#20 0x080675cd in ap_mpm_run ()
#21 0x0806dbcf in main ()


Table definition:

CREATE TABLE teste (
  teste varchar(20) default NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;


INSERT INTO teste VALUES ('test');
 [2005-12-21 14:04 UTC] tony2001@php.net
I can't reproduce it with MySQL 5.0.17 on SuSE 9.3.
Looking at the backtrace I can say that there are some memory corruptions and I doubt PHP is the cause.
Please try it on an other server.
 [2005-12-23 19:12 UTC] reweiner at yahoo dot com
The problem is probably not with PHP indeed. I tried with PHP 5.1.1 + MySQL 4.1 and it worked. I'm narrowing down the problem right now. Thanks for the support.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 22 01:01:30 2024 UTC