php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #37951 Segfaul when using certain curl_setopt option
Submitted: 2006-06-28 18:14 UTC Modified: 2006-07-06 15:51 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: headhunter at c-plusplus dot de Assigned:
Status: Not a bug Package: cURL related
PHP Version: 5.1.4 OS: SLES 10.0 - 64 Bit
Private report: No CVE-ID: None
 [2006-06-28 18:14 UTC] headhunter at c-plusplus dot de
Description:
------------
Hello,

I have found a bug which crashes PHP when using CURLOPT_FOLLOWLOCATION.
This happens on certain adresses only, the one specified in the example later gives a crash.
Example line:
curl_setopt ($curl_handle, CURLOPT_FOLLOWLOCATION, 1); // <<< CRASH HERE


I don't know my configure line exactly. Anyway, I compiled PHP by hand with--curl and --with-mysql and --with-cli. Rest is as untouched.

Unique to my systems where the problems I had getting mysql5 working. It seems there is a bug in the configure Script of PHP which makes it ignore the 64bit Libraries of mysql. I had to copy /usr/lib64/mysql to /usr/lib/mysql to make compiling work.

The problem is indenpendant from the php.ini, I tried different one. The default configuration also produces the crash. 

Reproduce code:
---------------
<?php

$curl_handle = curl_init();
$timeout = 10;

curl_setopt ($curl_handle,CURLOPT_URL, 'www.vipnet.at');
curl_setopt ($curl_handle, CURLOPT_FOLLOWLOCATION, 1); // <<< CRASH HERE

$buffer = curl_exec ($curl_handle);
print_r ($buffer);
?>

Expected result:
----------------
jojo@suse10064lamp:~> php bug.php
*** glibc detected *** free(): invalid pointer: 0x00002aaaab7dcb00 ***
Aborted


Actual result:
--------------
jojo@suse10064lamp:~> strace php bug.php
[ snip ]
open("/dev/tty", O_RDWR|O_NONBLOCK|O_NOCTTY) = 4
writev(4, [{"*** glibc detected *** ", 23}, {"free(): invalid pointer", 23}, {": 0x", 4}, {"00002aaaab7dcb00", 16}, {" ***\n", 5}], 5*** glibc detected *** free(): invalid pointer: 0x00002aaaab7dcb00 ***
) = 71
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
tgkill(12461, 12461, SIGABRT)           = 0
--- SIGABRT (Aborted) @ 0 (0) ---
+++ killed by SIGABRT +++


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-06-28 18:24 UTC] tony2001@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip


 [2006-06-28 18:43 UTC] headhunter at c-plusplus dot de
What kind of PHP is this? I'm not very keen to try an development version of PHP on a productive server. What am I buying?
 [2006-06-28 18:54 UTC] tony2001@php.net
Apparently it's a snapshot.
You don't have to INSTALL it, the only thing you need to do is to compile the snapshot and run your script using it. 
 [2006-07-06 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2006-07-06 13:33 UTC] andrew dot hill at m3 dot net
Hi,

I have the same issue on a RHEL 4.0 x86_64 machine. The listed example script crashes as described above.

I have also copied my MySQL 5.0 libraries from /usr/lib64/mysql to /usr/lib/mysql to allow PHP to compile.

In my case I was using PHP 5.0.4, but using the linked PHP 5.2 latest dev release didn't resolve the issue.

Any ideas?

Thanks!

Andrew
 [2006-07-06 13:41 UTC] tony2001@php.net
>I have also copied my MySQL 5.0 libraries from 
>/usr/lib64/mysql to /usr/lib/mysql to allow PHP to compile.
There is --with-libdir configure option.

>Any ideas?
Yeah, please provide the backtrace and try the snapshot.
 [2006-07-06 14:43 UTC] andrew dot hill at m3 dot net
> There is --with-libdir configure option.

Configuring PHP with this option set to /usr/lib64, and the copy of the mysql libraries (/usr/lib64/mysql) NOT in /usr/lib/mysql results in the error:

"configure: error: Cannot find libmysqlclient under /usr."

> Please provide the backtrace

I have re-compiled PHP (the snapshot) with --enable-debug, but no core file is generated, as far as I can see...
 [2006-07-06 15:23 UTC] headhunter at c-plusplus dot de
The newest snapshot of today does not crash.
The script works, problem is fixed.
Do you still want to see the trace of the buggy php version?

Andrew: Use the program "strace" for this.

I haven't tried the MySQL thing though, please remember that this one is broken for MySql[4,5] + Php <=5.14 and Suse10.0/RHEL 4.0!
 [2006-07-06 15:51 UTC] tony2001@php.net
>Andrew: Use the program "strace" for this.
Oh, please DON'T. strace output doesn't help.

>Configuring PHP with this option set to /usr/lib64, 
Because it should be --with-libdir=lib64 and not /usr/lib64.

Feel free to reopen the report if/when you have more info about it.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 21:01:27 2024 UTC