php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #44981 If script contains a function declaration and dl() fails -> segfault
Submitted: 2008-05-13 13:57 UTC Modified: 2008-09-05 01:00 UTC
Votes:2
Avg. Score:4.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:2 (100.0%)
From: mabouzou at sybase dot com Assigned:
Status: No Feedback Package: Reproducible crash
PHP Version: 5.2.6 OS: *
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: mabouzou at sybase dot com
New email:
PHP Version: OS:

 

 [2008-05-13 13:57 UTC] mabouzou at sybase dot com
Description:
------------
PHP would crash while executing the attached code. The code basically declares a function and attempts to load an extension using the dl() command. If the extension returns FAILURE in the MINIT function, PHP will crash. 

Reproduce code:
---------------
<?php
    function foo()
    {
        echo "Inside foo.\n";
    }
    dl( 'my_extension.dll' );

?>

Expected result:
----------------
Inside foo.
<... something along the lines of ... cannot load extension my_extension.dll ... >

Actual result:
--------------
A crash. Here is the stack trace:
 	php5ts.dll!destroy_op_array(_zend_op_array * op_array=0x011c9720, void * * * tsrm_ls=0x00375d20)  Line 228 + 0x3 bytes	C
 	php5ts.dll!zend_function_dtor(_zend_function * function=0x0139df68)  Line 123 + 0x16 bytes	C
 	php5ts.dll!zend_hash_destroy(_hashtable * ht=0x00373328)  Line 526 + 0x6 bytes	C
 	php5ts.dll!compiler_globals_dtor(_zend_compiler_globals * compiler_globals=0x00377398, void * * * tsrm_ls=0x00375d20)  Line 487	C
 	php5ts.dll!tsrm_shutdown()  Line 180 + 0x6 bytes	C
 	php.exe!main(int argc=0x00000002, char * * argv=0x00375c48)  Line 1342	C
 	php.exe!__tmainCRTStartup()  Line 597 + 0x17 bytes	C
 	kernel32.dll!_BaseProcessStart@4()  + 0x23 bytes	



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-05-13 14:12 UTC] mabouzou at sybase dot com
I forgot to mention that the extension library has to define at least one function in the zend_function_entry table.

Also, if the library is loaded from the ini file directly the crash does not happen.
 [2008-09-05 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 22:01:26 2024 UTC