php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #46715 Segfault on long expression
Submitted: 2008-11-29 09:16 UTC Modified: 2010-05-09 23:05 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:2 (100.0%)
From: svoboda at svoon dot net Assigned:
Status: Not a bug Package: PCRE related
PHP Version: 5.2CVS-2008-11-29 (snap) OS: debian etch
Private report: No CVE-ID: None
 [2008-11-29 09:16 UTC] svoboda at svoon dot net
Description:
------------
when use long sql query I get segmentation fault. I use latest zend framework.
I was trying versions 5.2.6, 5.2 snapshot and 5.3 snapshot, I was trying to coplime php with mysql version 4.1, 5.0 and 5.1 but still the same result.

Reproduce code:
---------------
set_include_path(get_include_path() . PATH_SEPARATOR
. '../../../data/library' . PATH_SEPARATOR
);

require_once('Zend/Loader.php');
Zend_Loader::registerAutoload();


$db = Zend_Db::factory('pdo_mysql',array ('host'=>'xx','username'=>'xx','password'=>'xxx','dbname'=>''));
$db->query("SET NAMES utf8");
$db->query("LONG UPDATE QUERY..."); <- on this line I get segfault
echo 'ok';

full source is on the page. if use shorter sql query the script works fine.

Expected result:
----------------
it should print just ok :)


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-11-29 09:17 UTC] svoboda at svoon dot net
full source is on the page http://www.tojeono.cz/script/php-bug.phps
ondrej
 [2008-12-07 10:36 UTC] svoboda at svoon dot net
this bug still remains in 5.2.7 version.
ondrej
 [2009-01-08 05:31 UTC] kalle@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.


 [2009-01-16 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2009-11-20 21:24 UTC] svoboda at svoon dot net
gdb ./sapi/cli/php
GNU gdb 6.4.90-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...Using host libthread_db library "/lib/tls/libthread_db.so.1".

warning: not using untrusted file "/home/src/php-5.2.9-debug/.gdbinit"
(gdb) run public/test.php
Starting program: /home/src/php-5.2.9-debug/sapi/cli/php public/test.php
[Thread debugging using libthread_db enabled]
[New Thread -1225201984 (LWP 12114)]

Warning: PHP Startup: Unable to load dynamic library '/usr/local/php5/lib/php/extensions/debug-non-zts-20060613/fileinfo.so' - /usr/local/php5/lib/php/extensions/debug-non-zts-20060613/fileinfo.so: cannot open shared object file: No such file or directory in Unknown on line 0

Warning: PHP Startup: Unable to load dynamic library '/usr/local/php5/lib/php/extensions/debug-non-zts-20060613/ps.so' - /usr/local/php5/lib/php/extensions/debug-non-zts-20060613/ps.so: cannot open shared object file: No such file or directory in Unknown on line 0

Warning: PHP Startup: Unable to load dynamic library '/usr/local/php5/lib/php/extensions/debug-non-zts-20060613/gnupg.so' - /usr/local/php5/lib/php/extensions/debug-non-zts-20060613/gnupg.so: cannot open shared object file: No such file or directory in Unknown on line 0

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1225201984 (LWP 12114)]
0x080c70f2 in match (
    eptr=0xb6e8a6f8 "strong><br />e-mail: <a href=\"mailto:.cz</a><br />tel:<strong> 483 737 667</strong></p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n<p> </p>\r\n<h2><a \nname=\"3\"></a>M"..., ecode=0x8c01956 "b",
    mstart=0xb6e89c8a "'<h2>Mgr. \nLibor Behúl</h2>\r\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\r\n<tbody>\r\n<tr valign=\"top\">\r\n<td width=\"100\"><img src=\"public/zamestnanci/behul.jpg\" alt=\"\" width=\"100\" height=\"144\" />"..., offset_top=4, md=0xbfe00408, ims=0, eptrb=0xbf604158, flags=2,
    rdepth=5339) at /usr/src/php-5.2.9-debug/ext/pcre/pcrelib/pcre_exec.c:714
714             RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md,
 [2009-11-20 21:25 UTC] svoboda at svoon dot net
I providet the debug output
 [2010-04-30 15:23 UTC] kalle@php.net
-Summary: Segfault on long sql query in pdo_mysql +Summary: Segfault on long expression -Package: PDO related +Package: PCRE related
 [2010-04-30 15:23 UTC] kalle@php.net
This is more an issue of PCRE as it seems in the backtrace, ZF must do some regular expression matches behind the scenes I would assume since thats where the segfault actually occur.
 [2010-05-09 23:05 UTC] felipe@php.net
-Status: Open +Status: Bogus
 [2010-05-09 23:05 UTC] felipe@php.net
Not a PHP bug.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 15:01:29 2024 UTC