php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #39625 Apache crashes on importStylesheet call
Submitted: 2006-11-24 19:18 UTC Modified: 2006-12-05 12:10 UTC
From: eugen dot shvatsky at gmail dot com Assigned:
Status: Closed Package: XSLT related
PHP Version: 5.2.0 OS: suse 10
Private report: No CVE-ID:
 [2006-11-24 19:18 UTC] eugen dot shvatsky at gmail dot com
Description:
------------
I'm trying to start the XSLT transformation
but apache has gone down!

Apache/2.0.54 (Suse10) PHP/5.2.0

Reproduce code:
---------------
$xsl = new DomDocument(); 
$xsl->load("file.xsl"); 
$proc = new XsltProcessor(); 
$xsl = $proc->importStylesheet($xsl); // on this line apache has gone ...
--------------------------------------
<?xml version="1.0" encoding="utf-8" ?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" ... >
<xsl:template match="/">
  <xsl:value-of select="document('some_xml.xml')" />
</xsl:template>
</xsl:stylesheet>
--------------------------------------
1. file some_xml.xml - dos't exist! but no error, only apache gone down.
--------------------------------------
2. when I try to use diferent quotes in xsl or xml code!
--------------------------------------
3. if i try $proc->setParameter(null,"name","value"); 
and "value" have different quotes, i get error.
 

Expected result:
----------------
normal error in log!!! or exception



Actual result:
--------------
Apache GONE DOWN
NO ERROR MESSAGE
TRY CATCH DOEN'T WORK
MESSAGE "0 answer length by SQUID"

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-11-24 21:03 UTC] tony2001@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.


 [2006-11-24 21:07 UTC] tony2001@php.net
Cannot reproduce with the code provided.
 [2006-12-02 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2006-12-04 09:23 UTC] eugen dot shvatsky at gmail dot com
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i586-suse-linux".../usr/local/apache/sbin/httpd: No such file or directory.

(no debugging symbols found)
Using host libthread_db library "/lib/tls/libthread_db.so.1".
Core was generated by `/usr/local/php/bin/php -e do.php'.
Program terminated with signal 11, Segmentation fault.
#0  0x402fcb18 in ?? ()
 [2006-12-04 10:04 UTC] tony2001@php.net
>#0  0x402fcb18 in ??
This is just the first line. What about FULL backtrace?
 [2006-12-04 11:00 UTC] eugen dot shvatsky at gmail dot com
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i586-suse-linux"...(no debugging symbols found)
Using host libthread_db library "/lib/tls/libthread_db.so.1".


warning: core file may not match specified executable file.
(no debugging symbols found)
Core was generated by `/usr/local/php/bin/php -e do.php'.
Program terminated with signal 11, Segmentation fault.
#0  0x402fcb18 in ?? ()
(gdb) bt
#0  0x402fcb18 in ?? ()
#1  0x00000014 in ?? ()
#2  0x08553c40 in ?? ()
...
#1977 0x01bb0168 in ?? ()
---Type <return> to continue, or q <return> to quit---
#1978 0x01fa01f4 in ?? ()
#1979 0x02d702bf in ?? ()
#1980 0x02f002e8 in ?? ()
#1981 0x02fb02f7 in ?? ()
#1982 0x030202fe in ?? ()
#1983 0x01030305 in ?? ()
#1984 0x01cd017c in ?? ()
#1985 0x0242020a in ?? ()
#1986 0x02a5027e in ?? ()
#1987 0x02d702bf in ?? ()
#1988 0x02f002e8 in ?? ()
#1989 0x02fb02f7 in ?? ()
#1990 0x030202fe in ?? ()
#1991 0x00f10305 in ?? ()
#1992 0x01c0016d in ?? ()
#1993 0x0841012f in ?? ()
#1994 0x08413808 in ?? ()
#1995 0x00000007 in ?? ()
#1996 0xbf9c3050 in ?? ()
#1997 0x625f7369 in ?? ()
#1998 0x006c6f6f in ?? ()
#1999 0x08477278 in ?? ()
#2000 0x08477278 in ?? ()
#2001 0x08477278 in ?? ()
#2002 0x08477278 in ?? ()
#2003 0x0002eedc in ap_process_child_status ()
Previous frame inner to this frame (corrupt stack?)
 [2006-12-04 11:06 UTC] tony2001@php.net
Please re-read the link I posted before:
http://bugs.php.net/bugs-generating-backtrace.php 
 [2006-12-04 11:24 UTC] eugen dot shvatsky at gmail dot com
ok! that what i do!

ulimit -c unlimited 
php <file>.php
Segmentation fault11 (core dumped)

gdb .../httpd2 core
bt

and i have result - 0  0x402fcb18 in ?? ()
#1  0x00000014 in ?? ()
#2  0x08553c40 in ?? ()
....


another way.

rcapahce2 stop
gdb .../http2
run -X
0  0x402fcb18 in ?? ()
bt
#1  0x00000014 in ?? ()
#2  0x08553c40 in ?? ()
...

what i do wrong??????????/
 [2006-12-04 11:30 UTC] tony2001@php.net
Important!
To get a backtrace with correct information you must have PHP configured with --enable-debug!
 [2006-12-04 11:53 UTC] eugen dot shvatsky at gmail dot com
ystem 	Linux beast 2.6.13-15-default #1 Tue Sep 13 14:56:15 UTC 2005 i686
Build Date 	Dec 4 2006 10:01:58
Configure Command 	'./configure' '--prefix=/usr/local/php' '--with-java' '--with-mysql' '--with-mysqli' '--with-apxs2=/usr/sbin/apxs2-prefork' '--with-libxml' '--enable-soap' '--with-xsl' '--with-config-file-path=/etc' '--with-zlib' '--enable-debug'
Server API 	Apache 2.0 Handler
 [2006-12-04 12:06 UTC] tony2001@php.net
Okay, now you can try to generate the backtrace once again.
 [2006-12-04 12:13 UTC] eugen dot shvatsky at gmail dot com
Ok now I have situation, when result is not changed!
empty backtrace.
.. in ?? ()
.. in ?? ()
.. in ?? ()
 [2006-12-04 12:18 UTC] tony2001@php.net
Please execute these commands in console:
which php
file `which php`
`which php` -i | grep configure
 [2006-12-04 13:34 UTC] eugen dot shvatsky at gmail dot com
Configure Command =>  './configure' '--prefix=/usr/local/php' '--with-java' '--with-mysql' '--with-mysqli' '--with-apxs2=/usr/sbin/apxs2-prefork' '--with-libxml' '--enable-soap' '--with-xsl' '--with-config-file-path=/etc' '--with-zlib' '--enable-debug'
 [2006-12-04 13:36 UTC] tony2001@php.net
And other two commands?
 [2006-12-04 14:23 UTC] eugen dot shvatsky at gmail dot com
which php
/usr/bin/php

file `which php`
/usr/bin/php: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.5, dynamically linked (uses shared libs), not stripped

`which php` -i | grep configure
Configure Command =>  './configure' '--prefix=/usr/local/php' '--with-java' '--with-mysql' '--with-mysqli' '--with-apxs2=/usr/sbin/apxs2-prefork' '--with-libxml' '--enable-soap' '--with-xsl' '--with-config-file-path=/etc' '--with-zlib' '--enable-debug'
 [2006-12-04 14:27 UTC] tony2001@php.net
Please try recompiling PHP with ./configure --enable-debug --with-xsl and see if it helps.
 [2006-12-04 16:13 UTC] eugen dot shvatsky at gmail dot com
no ! i try to recompile but this doen't help
empty trace and xsl still doen't work
 [2006-12-04 16:21 UTC] tony2001@php.net
I'm still unable to replicate it. 
Try to update your system, GDB, anything else, I don't know.
Looking at this backtrace I can only say that there is something wrong, I can't even say if it's PHP or not.
 [2006-12-05 12:10 UTC] rrichards@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Caused by a regression issue in libxslt (as of 1.1.16).
Use a snapshop, revert to an older libxslt or make sure that $xsl contains a valid stylesheet prior to calling importStylesheet.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 16 16:02:23 2014 UTC