php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #48300 crash in zif_file_put_contents
Submitted: 2009-05-16 02:03 UTC Modified: 2009-05-28 01:00 UTC
From: kenorb at gmail dot com Assigned:
Status: No Feedback Package: Reproducible crash
PHP Version: 5.2.9 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: kenorb at gmail dot com
New email:
PHP Version: OS:

 

 [2009-05-16 02:03 UTC] kenorb at gmail dot com 
Description:
------------
See backtrace above.

Reproduce code:
---------------
.(gdb) backtrace
#0  0x08202f0b in zif_file_put_contents (ht=147657200, 
return_value=0x20, return_value_ptr=0x0, this_ptr=0xafe2f6fc, 
return_value_used=4)
    at /home/redmine/php5/php-5.2.9/ext/standard/file.c:697
#1  0x0820368a in zif_tempnam (ht=32, return_value=0x4, 
return_value_ptr=0x0, this_ptr=0x8202ebc, return_value_used=147657200)
    at /home/redmine/php5/php-5.2.9/Zend/zend_variables.h:45
#2  0x08203884 in zif_popen (ht=8, return_value=0x4, 
return_value_ptr=0x0, this_ptr=0xafe2f6e4, return_value_used=-
1084251860)
    at /home/redmine/php5/php-5.2.9/ext/standard/file.c:1011
#3  0x0821d9f7 in zif_strtolower (ht=-1344080132, 
return_value=0xb5a74b40, return_value_ptr=0x0, this_ptr=0x820ca70, 
return_value_used=0)
    at /home/redmine/php5/php-5.2.9/ext/standard/string.c:1349
#4  0x0822aa0a in zif_is_callable (ht=-1344080156, 
return_value=0x8d88788, return_value_ptr=0xbf5fa128, 
this_ptr=0x8202ebc, return_value_used=147657200)
    at /home/redmine/php5/php-5.2.9/ext/standard/type.c:380
#5  0x0809de50 in is_counted_repeat (p=0x20 <Address 0x20 out of 
bounds>) at /home/redmine/php5/php-
5.2.9/ext/pcre/pcrelib/pcre_compile.c:887
#6  0x0809bb2d in verify_callback (preverify_ok=-1084251808, 
ctx=0xafe2f6e4) at /home/redmine/php5/php-
5.2.9/ext/openssl/openssl.c:3759


Expected result:
----------------
working

Actual result:
--------------
crashing
(gdb) backtrace
#0  0x08202f0b in zif_file_put_contents (ht=147657200, 
return_value=0x20, return_value_ptr=0x0, this_ptr=0xafe2f6fc, 
return_value_used=4)
    at /home/redmine/php5/php-5.2.9/ext/standard/file.c:697
#1  0x0820368a in zif_tempnam (ht=32, return_value=0x4, 
return_value_ptr=0x0, this_ptr=0x8202ebc, return_value_used=147657200)
    at /home/redmine/php5/php-5.2.9/Zend/zend_variables.h:45
#2  0x08203884 in zif_popen (ht=8, return_value=0x4, 
return_value_ptr=0x0, this_ptr=0xafe2f6e4, return_value_used=-
1084251860)
    at /home/redmine/php5/php-5.2.9/ext/standard/file.c:1011
#3  0x0821d9f7 in zif_strtolower (ht=-1344080132, 
return_value=0xb5a74b40, return_value_ptr=0x0, this_ptr=0x820ca70, 
return_value_used=0)
    at /home/redmine/php5/php-5.2.9/ext/standard/string.c:1349
#4  0x0822aa0a in zif_is_callable (ht=-1344080156, 
return_value=0x8d88788, return_value_ptr=0xbf5fa128, 
this_ptr=0x8202ebc, return_value_used=147657200)
    at /home/redmine/php5/php-5.2.9/ext/standard/type.c:380
#5  0x0809de50 in is_counted_repeat (p=0x20 <Address 0x20 out of 
bounds>) at /home/redmine/php5/php-
5.2.9/ext/pcre/pcrelib/pcre_compile.c:887
#6  0x0809bb2d in verify_callback (preverify_ok=-1084251808, 
ctx=0xafe2f6e4) at /home/redmine/php5/php-
5.2.9/ext/openssl/openssl.c:3759
#7  0x08d88788 in ?? ()
#8  0xbf5fa12c in ?? ()
#9  0xb5a74b20 in ?? ()
#10 0xb5b21ddc in ?? ()
#11 0xafe2f6a4 in ?? ()
#12 0xb5b09044 in ?? ()
#13 0xafe2f6e4 in ?? ()
#14 0x08cd11f0 in ?? ()
#15 0x00000010 in ?? ()
#16 0x00000009 in ?? ()
#17 0xafe2f6cc in ?? ()
#18 0xb5b21ddc in ?? ()
#19 0xb5a74b40 in ?? ()
#20 0xbf5fa178 in ?? ()

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-05-16 02:50 UTC] scottmac@php.net 
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.

The backtrace helps but the code that caused it is needed to.
 [2009-05-16 04:12 UTC] kenorb at gmail dot com 
Unfortunatelly I can't provide the code.
 [2009-05-16 09:05 UTC] pajoye@php.net 
You don't have to publish the code of your application but a small script to reproduce this exact bug (short script). Without such script, there is no chance for us to reproduce (and fix) this problem.

You should also try using a 5.2 CVS snapshot (or 5.3).
 [2009-05-16 09:10 UTC] rasmus@php.net 
That backtrace also makes very little sense.  According to it we have the following chain of calls somehow:

is_callable
strtolower
popen
tempnam
file_put_contents

None of these functions actually call each other so I don't see how that backtrace could have occurred.
 [2009-05-16 16:23 UTC] kenorb at gmail dot com 
Sorry, maybe backtrace of generated core was before I've upgraded to 
5.10-dev and it's broken;/
 [2009-05-20 08:23 UTC] jani@php.net 
Either provide proper backtrace using the snapshot or reproducing code.
 [2009-05-28 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Jul 06 11:02:27 2025 UTC