php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #40119 suhosin found an overflow in mssql_query and mssql_free_result
Submitted: 2007-01-13 14:32 UTC Modified: 2007-01-28 17:00 UTC
From: lapo at lapo dot it Assigned:
Status: Closed Package: MSSQL related
PHP Version: 5.2.0 OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: lapo at lapo dot it
New email:
PHP Version: OS:

 

 [2007-01-13 14:32 UTC] lapo at lapo dot it
Description:
------------
Got a "ALERT - canary mismatch on efree() - heap overflow detected" on script:lines containing mssql_query() and mssql_free_result().
Not every one of them do this: serving a fairly big website some pages works perfectly while some others show this behavior.
Note: the behavior is not clear to me but it is constant: the same page either always fail on the same line or it always does not.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-01-13 15:31 UTC] iliaa@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


 [2007-01-21 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2007-01-28 17:00 UTC] lapo at lapo dot it
I'm not able to reproduce it anymore. It was maybe related to some hardware problem or something else. If I happen to reproduce it in the future, I'll debug and report it again.
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Mon Oct 03 05:05:53 2022 UTC