PHP :: Bug #46090 :: mysqlnd segfault during connection

Bug #46090	mysqlnd segfault during connection
Submitted:	2008-09-16 01:20 UTC	Modified:	2008-09-16 23:11 UTC
From:	phpwnd at gmail dot com	Assigned:
Status:	Closed	Package:	Reproducible crash
PHP Version:	5.3CVS-2008-09-16 (CVS)	OS:	Linux 2.6.24-gentoo-r8
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	phpwnd at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2008-09-16 01:20 UTC] phpwnd at gmail dot com

Description:
------------
mysqlnd makes PHP segfault on connect.

This bug is filed as "PDO", but it's really a mysqlnd bug. The issue is the same regardless of what extension is used: PDO, MySQL or MySQLi. PHP was compiled from CVS, with --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd

- Connecting via TCP or socket does not change the behaviour.
- It doesn't require a valid account either, attempting to connect with an inexistent account produces the same result.
- It does require a valid DSN, otherwise a PDOException with message 'SQLSTATE[HY000] [2002] Connection refused' is thrown, as expected.

Backtrace below, if you need anything else please ask. Thanks :)

Reproduce code:
---------------
$db = new PDO('mysql:dbname=test;host=127.0.0.1;port=3307', 'inexistent_user', 'password');

Actual result:
--------------
#0  0x000000000075d729 in mysqlnd_connect (conn=0xece3c8, host=0xece288 "127.0.0.1", user=0xece160 "inexistent_user", passwd=0xece1c8 "password",
    passwd_len=8, db=0xece228 "test", db_len=4, port=3307, socket=0x0, mysql_flags=196736, zval_cache=0xea0c50)
    at /root/src/php5/ext/mysqlnd/mysqlnd.c:823
#1  0x000000000058475a in pdo_mysql_handle_factory (dbh=0xecdbc0, driver_options=0x0) at /root/src/php5/ext/pdo_mysql/mysql_driver.c:717
#2  0x00000000005739c7 in zim_PDO_dbh_constructor (ht=3, return_value=0xece068, return_value_ptr=0x0, this_ptr=0xecc200, return_value_used=0)
    at /root/src/php5/ext/pdo/pdo_dbh.c:372
#3  0x000000000083a574 in zend_do_fcall_common_helper_SPEC (execute_data=0x2add638ad090) at /root/src/php5/Zend/zend_vm_execute.h:315
#4  0x000000000083b509 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x2add638ad090) at /root/src/php5/Zend/zend_vm_execute.h:428
#5  0x00000000008395a7 in execute (op_array=0xeccfb0) at /root/src/php5/Zend/zend_vm_execute.h:104
#6  0x000000000080981e in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /root/src/php5/Zend/zend.c:1197
#7  0x000000000078e21a in php_execute_script (primary_file=0x7fff472a8590) at /root/src/php5/main/main.c:2075
#8  0x00000000008ad1d4 in main (argc=2, argv=0x7fff472a8808) at /root/src/php5/sapi/cli/php_cli.c:1130

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-09-16 01:24 UTC] phpwnd at gmail dot com

I forgot to mention this is on MySQL 5.0.60 (more precisely, it's mysql-5.0.60-r1 from Gentoo's Portage)

[2008-09-16 02:02 UTC] phpwnd at gmail dot com

Changed category.

[2008-09-16 23:11 UTC] phpwnd at gmail dot com

Fixed in CVS.

http://marc.info/?l=php-cvs&m=122157573024024&w=2

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun Jul 06 22:01:34 2025 UTC