php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #46738 mb_detect_encoding, segmentation fault (PHP_5_3 only!)
Submitted: 2008-12-03 11:48 UTC Modified: 2008-12-11 02:57 UTC
From: thomas at koch dot ro Assigned:
Status: Closed Package: mbstring related
PHP Version: 5.3CVS-2008-12-03 (CVS) OS: *
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2008-12-03 11:48 UTC] thomas at koch dot ro 
Description:
------------
the code gives a segmentation fault

Reproduce code:
---------------
$html = chr( 250 ).chr( 10 );
mb_detect_encoding( $html, NULL, TRUE );


Expected result:
----------------
-- no output, no error --

Actual result:
--------------
segmentation fault

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-12-04 03:11 UTC] masugata@php.net 
Hello. :-)

Please backtrace and php.ini setting(mbstring section).
http://bugs.php.net/bugs-generating-backtrace.php

I'm tested in Debian Etch.
But, not Segmentation Fault.
 [2008-12-04 08:15 UTC] thomas at koch dot ro 
backtrace:

#0  0x00007fdfa0947050 in strlen () from /lib/libc.so.6
#1  0x00000000006d26e5 in zif_mb_detect_encoding (ht=3, return_value=0x1b340d0, 
    return_value_ptr=0x0, this_ptr=0x0, return_value_used=0, tsrm_ls=0x188f0c0)
    at /var/checkouts/php5_3/ext/mbstring/mbstring.c:3233
#2  0x0000000000d9ddde in zend_do_fcall_common_helper_SPEC (
    execute_data=0x7fdf9e3fe098, tsrm_ls=0x188f0c0)
    at /var/checkouts/php5_3/Zend/zend_vm_execute.h:313
#3  0x0000000000da9900 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (
    execute_data=0x7fdf9e3fe098, tsrm_ls=0x188f0c0)
    at /var/checkouts/php5_3/Zend/zend_vm_execute.h:1564
#4  0x0000000000d9bc5d in execute (op_array=0x1b33318, tsrm_ls=0x188f0c0)
    at /var/checkouts/php5_3/Zend/zend_vm_execute.h:104
#5  0x0000000000d339b4 in zend_execute_scripts (type=8, tsrm_ls=0x188f0c0, 
    retval=0x0, file_count=3) at /var/checkouts/php5_3/Zend/zend.c:1197
#6  0x0000000000bfb0e8 in php_execute_script (primary_file=0x7fffab7dfb70, 
    tsrm_ls=0x188f0c0) at /var/checkouts/php5_3/main/main.c:2080
#7  0x0000000000e94735 in main (argc=2, argv=0x7fffab7dfdf8)
    at /var/checkouts/php5_3/sapi/cli/php_cli.c:1126

php --info
<snip>
mbstring

Multibyte Support => enabled
Multibyte string engine => libmbfl
HTTP input encoding translation => disabled

mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.

Multibyte (japanese) regex support => enabled
Multibyte regex (oniguruma) backtrack check => On
Multibyte regex (oniguruma) version => 4.7.1

Directive => Local Value => Master Value
mbstring.detect_order => no value => no value
mbstring.encoding_translation => Off => Off
mbstring.func_overload => 0 => 0
mbstring.http_input => pass => pass
mbstring.http_output => pass => pass
mbstring.http_output_conv_mimetypes => ^(text/|application/xhtml\+xml) => ^(text/|application/xhtml\+xml)
mbstring.internal_encoding => no value => no value
mbstring.language => neutral => neutral
mbstring.strict_detection => Off => Off
mbstring.substitute_character => no value => no value
 [2008-12-08 12:14 UTC] jani@php.net 
Crashes only with PHP_5_3. HEAD and PHP_5_2 work just fine..
 [2008-12-11 02:57 UTC] scottmac@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 07:01:27 2024 UTC