php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #38651 Segfault in pdo_mysql_stmt_dtor
Submitted: 2006-08-30 09:09 UTC Modified: 2006-08-30 09:15 UTC
From: daan at parse dot nl Assigned:
Status: Not a bug Package: Reproducible crash
PHP Version: 5.1.5 OS: Slackware 10.2
Private report: No CVE-ID: None
View Developer Edit
 [2006-08-30 09:09 UTC] daan at parse dot nl 
Description:
------------
Segmentation fault when doing a PDO query.
Using php 5.1.6

Reproduce code:
---------------
<?
function test1($options) 
{
	$test_pdo = new PDO(
		'mysql:dbname={your_dbname};host={your_host}', 
		'{your_username}', 
		'{your_password}'
	);

/* valid insert into existing table */
	$result = $test_pdo->query('INSERT INTO user SET name="asdas"');

	// Nonsense call	
	$lalal->bababa();
}

test1($options);

echo 'I make it - yay!';
?>

Expected result:
----------------
Error on the $lala->bababa() function.

Actual result:
--------------
Segmentation fault.

Extra:
- When you don't assign the result of the $test_pdo->query() call to a variable, no segmentation fault occurs.
- Call has to take place inside a function or method - calling it regulary will not trigger the crash

Backtrace:
#0  0x405fc05a in mysql_more_results () from /usr/local/apache-php5/libexec/libphp5.so 
#1  0x40464700 in pdo_mysql_stmt_dtor (stmt=0x8328a1c) 
    at /usr/src/php-5.1.6/ext/pdo_mysql/mysql_statement.c:67 
#2  0x40461687 in free_statement (stmt=0x8328a1c) 
    at /usr/src/php-5.1.6/ext/pdo/pdo_stmt.c:2200 
#3  0x405ab129 in zend_objects_store_free_object_storage (objects=0x407d877c) 
    at /usr/src/php-5.1.6/Zend/zend_objects_API.c:86 
#4  0x4058aac9 in shutdown_executor () at /usr/src/php-5.1.6/Zend/zend_execute_API.c:281 
#5  0x405954ef in zend_deactivate () at /usr/src/php-5.1.6/Zend/zend.c:854 
#6  0x4055f55e in php_request_shutdown (dummy=0x0) at /usr/src/php-5.1.6/main/main.c:1292 
#7  0x405f64fa in apache_php_module_main (r=0x80cadd4, display_source_mode=0) 
    at /usr/src/php-5.1.6/sapi/apache/sapi_apache.c:59 
#8  0x405f6f65 in send_php (r=0x80cadd4, display_source_mode=0, filename=0x0) 
    at /usr/src/php-5.1.6/sapi/apache/mod_php5.c:661 
#9  0x405f70e3 in send_parsed_php (r=0x80cadd4) 
    at /usr/src/php-5.1.6/sapi/apache/mod_php5.c:676 
#10 0x08053ff7 in ap_invoke_handler () 
#11 0x08069039 in process_request_internal () 
#12 0x08069098 in ap_process_request () 
#13 0x080600ba in child_main () 
#14 0x08060262 in make_child () 
#15 0x080603c8 in startup_children () 
#16 0x08060a88 in standalone_main () 
#17 0x080612a6 in main ()

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-08-30 09:15 UTC] tony2001@php.net 
Fixed in 5.2, will not be backported in 5.1.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri Dec 05 01:00:02 2025 UTC