PHP :: Bug #38449 :: Segfault when token_get

Bug #38449	Segfault when token_get_all is used
Submitted:	2006-08-14 11:37 UTC	Modified:	2006-08-23 17:59 UTC
From:	scottmacvicar at ntlworld dot com	Assigned:
Status:	Not a bug	Package:	Reproducible crash
PHP Version:	4.4.3	OS:	FreeBSD 4.10-RELEASE-p5
Private report:	No	CVE-ID:	None

View Developer Edit

[2006-08-14 11:37 UTC] scottmacvicar at ntlworld dot com

Description:
------------
Customer reported this issue and we've tracked it down to a segfault within token_get_all, we can't reproduce it on Linux or Windows but can on FreeBSD.

php -v
PHP 4.4.3 (cli) (built: Aug 14 2006 04:34:25)
Copyright (c) 1997-2006 The PHP Group
Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies

Reproduce code:
---------------
<?php
$tokens = token_get_all('<?php $var = 2; ?>');
var_dump($tokens);
?>

Expected result:
----------------
Some output

Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
0x80d216d in _efree ()
(gdb) bt
#0  0x80d216d in _efree ()
#1  0x80de408 in _zval_dtor ()
#2  0x4861f8e6 in tokenize () from /usr/local/lib/php/20020429/tokenizer.so
#3  0x48620041 in zif_token_get_all () from /usr/local/lib/php/20020429/tokenizer.so
#4  0x80f14bb in execute ()
#5  0x80df699 in zend_execute_scripts ()
#6  0x80ba79f in php_execute_script ()
#7  0x80f8241 in main ()
#8  0x805cf86 in _start ()

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-08-14 12:05 UTC] tony2001@php.net

Works just fine on Linux and FreeBSD 5.4-RELEASE.

[2006-08-14 15:44 UTC] scottmacvicar at ntlworld dot com

I edited the ports Makefile to add --enable-tokenizer and removed the tokenizer as an extension and there was no crash.

I tried a similar setup on my debian box following the same procedure with tokenizer as an extension and had no problem. I'm going to look a little closer later on and see if I can identify what in particular is causing this on the FreeBSD box.

[2006-08-14 15:44 UTC] scottmacvicar at ntlworld dot com

Can someone mark this awaiting feedback again.

[2006-08-14 17:24 UTC] tony2001@php.net

Please reopen when/if you can add more info.
Thank you.

[2006-08-23 17:53 UTC] scottmacvicar at ntlworld dot com

We've had another customer report regarding this issue on a completely different server, same back trace but this time using PHP 4.4.2 and 4.11-RELEASE-p19

Is there anyway to produce more information that might help track this down?

The configure line is:
'./configure' '--enable-versioning' '--enable-memory-limit' '--with-layout=GNU' '--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--with-regex=php' '--disable-cli' '--with-apxs=/usr/local/sbin/apxs' '--disable-ipv6' '--prefix=/usr/local' 'i386-portbld-freebsd4.11'

tokenizer was built as a seperate module afterwards using the php4-tokenizer port.

[2006-08-23 17:59 UTC] tony2001@php.net

>We've had another customer report regarding this issue on
> a completely different server, same back trace but this
> time using PHP 4.4.2 and 4.11-RELEASE-p19

Please report FreeBSD bugs to FreeBSD peoples.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun Nov 02 08:00:02 2025 UTC