php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #4090 ifx_pconnect() crashes when called without username/password
Submitted: 2000-04-10 12:51 UTC Modified: 2005-03-31 16:13 UTC
From: klaus dot rothert at dresdner-bank dot com Assigned:
Status: Wont fix Package: Reproducible Crash
PHP Version: 3.0.16 OS: Solaris 2.6
Private report: No CVE-ID: None
 [2000-04-10 12:51 UTC] klaus dot rothert at dresdner-bank dot com
ifx_pconnect() crashes when called without username/password in function call AND no default values in php3.ini.

php-3.0.16 with
- ldap (openldap 1.2.9)
- mysql (mysql 3.22.27)
- informix (informix client sdk 2.40.uc1-1 for sun solaris 2.6)

build as DSO:
INFORMIXDIR=/opt/informix
PATH=$PATH:/opt/informix/bin
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/informix/lib:/opt/informix/lib/esql:/opt/openldap-1.2.9/lib
export INFORMIXDIR PATH LD_LIBRARY_PATH
APACHE="apache-1.3.12"
./configure --prefix=/opt/$APACHE --with-apxs=/opt/$APACHE/bin/apxs --with-config-file-path=/opt/$APACHE/conf --enable-track-vars --with-informix=/opt/informix --with-mysql=/opt/mysql-3.22.27 --with-ldap=/opt/openldap-1.2.9


apache-1.3.12 built with:
mod_ssl 2.6.2
openssl 0.9.5
mm 1.0.12


GDB backtrace:

Starting program: /opt/apache-1.3.12/bin/httpd -X
[New LWP    2        ]
[New LWP    3        ]

Program received signal SIGSEGV, Segmentation fault.
0xef5a4674 in strlen ()
(gdb) bt
#0  0xef5a4674 in strlen ()
#1  0xef5da41c in _doprnt ()
#2  0xef5e35f4 in sprintf ()
#3  0xef362bc0 in php3_ifx_do_connect (ht=0x298ef0, return_value=0xef3db918, list=0xef3e3008, 
    plist=0xef3e33f4, persistent=21) at functions/ifx.ec:685
#4  0xef36303c in php3_ifx_pconnect (ht=0x298db8, return_value=0xef3db918, list=0xef3e3008, 
    plist=0xef3e33f4) at functions/ifx.ec:833
#5  0xef37ce1c in phpparse () at control_structures_inline.h:929
#6  0xef32c754 in php3_parse (yyin=0x1) at main.c:1545
#7  0xef32cad8 in apache_php3_module_main (r=0x1f0480, fd=22, display_source_mode=0, preprocessed=0)
    at main.c:1899
#8  0xef328ddc in send_php3 ()
#9  0xef328e90 in send_parsed_php3 ()
#10 0xb7168 in ap_invoke_handler ()
#11 0xd4008 in process_request_internal ()
#12 0xd408c in ap_process_request ()
#13 0xc7a24 in child_main ()
#14 0xc7ce0 in make_child ()
#15 0xc7efc in startup_children ()
#16 0xc88ec in standalone_main ()
#17 0xc9500 in main ()

I guess SAFE_STRING(p) should get that but does not!

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-03-31 16:13 UTC] php-bugs at lists dot php dot net
We are sorry, but we do not support PHP 3 related problems anymore.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 30 14:01:28 2024 UTC